A new email-based extortion scam is threatening websites with Google Adsense accounts to pay a ransom in Bitcoins or risk losing their Adsense account to junk traffic, which will potentially be flagged by Google for suspicious activity — resulting in an account ban.
According to a report by Krebs on Security, attackers are sending emails to website publishers, which says that failure to pa $5000 in Bitcoins will result in vast amounts of bot and junk traffic to the website that can perform automated clicks. This spam traffic will result in an “ad-serving limit” being placed on the publisher account, but if the website owner still fails to pay them, they’ll flood the site with spam traffic again to get the advertiser’s account banned permanently.
If user’s feel they’ve been a victim of a sabotage attack, they should contact Google via this form and also sabotage tips for publishers in the Adsense help centre.
“We hear a lot about the potential for sabotage, it’s extremely rare in practice, and we have built some safeguards in place to prevent sabotage from succeeding. For example, we have detection mechanisms in place to proactively detect potential sabotage and take it into account in our enforcement systems,” Google said in a statement to Krebs on Security.Google says it has tools in place that are designed to detect and protect their systems against invalid traffic, and most of the invalid traffic is filtered before either the publisher or advertiser is affected.
The company also recommends publishers not to engage with the scammers and report any discrepancy they find concerning invalid traffic due to such automated attacks so that their Ad Quality team can monitor and evaluate their accounts — protecting your Adsense account from getting banned.
In the News: Google Project Zero identifies kernel code vulnerability in Samsung A50