(Editor’s note: David Ulevitch, who runs OpenDNS, has written a notable post below about the scams being run on Web users, and how big companies like Google and Yahoo aren’t doing much about it. Why is Google accepting money from “fraudulent” advertisers, as David calls them? Great question, and we’ll take it to Google!)
Two weeks ago Auren wrote a dead-on post about the Black Hat Tax that really struck a chord with me. I’ve been paying the Tax for five years with my first company, EveryDNS, and for a few months now with my current start-up, OpenDNS. The problem has become much worse in the last few years. Why? Simply put, bad guys are getting paid. Moreover, the Tax is on users as much as its on businesses. Today we see phishing sites, malware and spyware sites growing at an astounding rate.
Consider the example I cite often when discussing the issue with friends: goggle.com (see image below; not providing a link, bad site), the site that might be the most insidious of all typo squatting and malware sites on the Internet. Goggle.com, an obvious typo of google.com, offers an anti-spyware product called SpyBouncer in addition to being filled with pop-up ads (nb: SpyBouncer claims the copyright on the bottom of goggle.com). The website makes a user believe that their computer is currently infected with spyware and that installing SpyBouncer will get rid of it. They say it’s free to try and the program conveniently finds spyware which it will remove for a price, of course.
Symantec and others all claim that this product is a total scam and that it neither detects nor repairs spyware with any accuracy. Thanks to the accidental traffic that lands on goggle.com by unsuspecting users, SpyBouncer has no incentive to make a good product, they can just fool a new batch of users everyday.
Why does a site like goggle.com exist? Because crime pays, but that’s hardly news. Why it doesn’t get shut down by its webhost (DataPipe) is a good question for another time. What I do want to know is… why is SpyBouncer allowed to run Google ads on its Web site (as they do on the top)? Why are these kinds of abusive software programs allowed to purchase AdWords campaigns luring even more users into this trap? Why is Revenue.net paying SpyBouncer to show ads on goggle.com? Why is Google accepting money from fraudulent advertisers which continues the cycle of malware and spyware? This is why users react so negatively to online advertising. It’s not the relevant and unoffensive advertising that they bemoan, it’s the scams and tricks the advertisers and advertising networks spread around the seedier neighborhoods of the Internet.
These kinds of abuse are pretty bad, but what bothers me more is that much of it is being facilitated by companies I respect and admire. People like Ben Edelman have done a lot of research showing the connections between companies like Yahoo and fraudulent advertising practices but that’s not enough. There are so many layers and levels of misdirection that it becomes hard to tell who is paying who and why. As the CEO of a company operating on the Internet, I’m spending money dealing with Internet bad guys who are getting paid to annoy me, my employees and my users. Everyone is wasting their time dealing with this crap while the folks in the money trail keep taking their cut and passing on the buck. When I asked my users what they thought about goggle.com I saw a nearly unanimous response of outrage and frustration. Hundreds of users spoke out on our corporate blog and on sites like Digg.com venting at the absurdity of a site like goggle.com.
It’s time that ad networks cleaned up their act and started being more transparent about fraud and abuse. It’s time security companies started fighting the causes of network abuse and not simply the symptoms. There will always be a Black Hat Tax but right now legitimate companies are making it more expensive. That has to stop.
13 Comments
-
kai seay said:
Dear David,
I have a blog at StumbleUpon and have noted some serious problems there. Most SU bloggers are unaware that this “community” of a million (with income of $20 per member plus advertising) has no real rules, that their personal information may be seen and used by “volunteers” - employees are few, and that Firefox has security flaws that may permit hacking. One SU volunteer the SU devs trust has links to Hell’s Angels and to Vonoc.com. Trolling and abuse are not dealt with in a fair and prompt manner - indeed, sometimes victims are punished.
Can we talk?
Thank you,
kai -
David Ulevitch said:
Kai,
Of course we can talk.
I have been wondering why folks don’t scrutinize StumbleUpon a bit more closely but on the other hand I’ve met some of the guys who run it and they seem like decent folks and they have a generally high clue level.
Have you tried talking with them?
-david
-
John said:
All good points, so how come when I set up my machine to use OpenDNS (which did make it faster) it still let me open goggle.com without any warnings?
-
John said:
All good points so how come when I set up my machine to use OpenDNS (which did make it faster) it still let me open goggle.com without any warnings?
-
Jonathan Drain said:
You’re absolutely right. Even Adsense itself is not immune to the scams - I run a website for a TV series and I’m constantly having to filter out ads for bootleg DVDs and filesharing software that claims to be legit.
-
David Ulevitch said:
John,
Right now we’ve taken the giant leap of providing users with choice and control in managing their DNS, something that has never existed before and that people are quickly realizing they want. In launching, we started with some basic and fundamental features like typo-correction and phishing protection. In response to things happening on the Internet, we’ve added additional features to deal with issues like the Cameroon typo-squatting debacle.
I didn’t know about goggle.com until after we launched when one of our users wrote in to tell us about it. We’re familiar with the nasty side of the Internet but goggle.com was particularly annoying for all the reasons I point out in the article and more. You can bet we’ll be adding in the tools and features so that you can best decide how you want sites like goggle.com handled on your part of the Internet. :-)
Best advice: stay tuned to our blog for updates.
-
Dave said:
Great post, I agree that advertisers need to do a better job scrutinizing where their ads are shown.
Those in glass houses shouldn’t throw stones.
If Goggle.com stopped selling anti-spyware software and just showed ads from AdSense, Revenue.net and others, it would be no different than OpenDNS, which shows ads when an OpenDNS user misspells a domain name.
I agree there is a difference between selling vaporware (goggle.com) and typosquatting (goggle.com & OpenDNS), but aren’t we just talking about different shades of grey?
-
David Ulevitch said:
Dave,
I think you’re pretty confused as to what OpenDNS does.
If you think we have anything to do with TypoSquatting you’ve failed to understand our company and me. We’re not talking shades of grey even.
Feel free to give me a call or shoot me an email, happy to discuss. My contact info is all over our website and the Internets. :-)
-
Auren Hoffman said:
Dave — great post … definitely a topic that needs to be discussed. and glad the Black Hat Tax got you thinking about this.
my one request: please keep writing. your a great writer and you are publicizing a really important issue.
-
kai said:
PRIVATE
Dear David,
“Can we talk” usually means Can we have a chat - (and in this case it meant “There is a story here”) - not
“please publish this letter”.
When I wrote the message to you, above, I sent it to you - to keep private - and now I see it and my telephone number are on your blog.
Would you kindly delete my name and the tel # above.
Thank you. -
trdf6tf said:
http://www.venturebeat.com/contributors/?p=19拓展è®ç»ƒ
-
trdf6tftyt said:
-
tftyt5656 said:
One Trackback
10:19 am
Why do we pay Internet Bad Guys? at RAJESH SEGU said:
[...] as well as the publishers are equally benifited. After reading an article at Venture Beat on “Why do we pay Internet Bad Guys?” by David Ulevitch of OpenDNS my assumption on mutual benifits proved to be partially wrong.Thinking further it seems like its a well known problem that always existed but advertisers failed to give atmost importance thus loosing large chuncks of their marketing spend. Don’t forget to read this article if you by chance deal with spending on online advertising. The remedy must always be there, better if you could contact your advertising agency. (No Ratings Yet) Loading … EMail This Post [...]