Man
Professional
- Messages
- 3,112
- Reaction score
- 678
- Points
- 113
One in five clicks on an ad is done using a VPN or proxy server - encryption and IP substitution.
Special plugins and software hide the user's real location and allow him to remain anonymous online. Of course, VPN is used not only for harmless personal purposes, but also for click fraud.
Let's see how this technology is used by criminals to commit advertising fraud (click fraud)?
Contents
1. What is VPN
2. IP addresses and privacy
3. TOR network (about onion routing)
4. How VPN is used for click fraud
5. Is all VPN traffic fraudulent?
6. How to recognize VPN traffic
6.1 Risk Scores for IP Addresses
6.2. Device IDs
7. How to Stop Scam VPN Traffic
8. Conclusion
The virtual private network market has grown exponentially over the past decade as individuals and businesses seek ways to protect their data and ensure their privacy. Total revenue from paid VPN services is $15 billion per year . Europe and North America account for 17% of all users using this technology, while Asia-Pacific and Latin America account for 25%.
As the name suggests, the technology creates a virtual location for the user, giving them a unique IP address with each new connection. For example, if the user is in Belarus, then with the VPN enabled, the Netherlands may be displayed as their location on the network. The technology works by redirecting traffic through VPN servers, meaning the real location will be hidden.
Most VPN services require a paid subscription, but there are also free VPNs that use a P2P connection.
But it is worth remembering that in today's socially active and digital world, absolute privacy is not so easy to achieve. And the recent scandal with Facebook and Cambridge Analytica showed that privacy was not always taken into account by the platform hosting.
But this does not mean that social networks or other platforms do not respect the privacy of users, especially in times of the spread of the mandatory General Data Protection Regulation (GDPR).
However, users around the world, especially in Asia and the Middle East, still use VPNs en masse. They see it as an opportunity to protect their data and privacy. On the other hand, with the help of virtual private networks, fraudsters can hide their illegal activity and cause obvious damage to advertisers.
The term TOR is an acronym for "the onion router," because the way information is transmitted over the network—the layers of encryption—is like the layers of an onion.
The concept of anonymous and secure messaging over the network was developed by the US Naval Research Laboratory. Later, a group of researchers, with the permission of the laboratory, created the TOR Project based on this algorithm, with the help of which individuals and government agencies could use the software for free and openly to increase their anonymity and security for communicating over the network.
Like VPN, it can be used by both regular users and scammers to click on ads.
VPN routes the connection through a dedicated private server, not through the user's ISP server. That is, the source of information transfer becomes the same VPN server. Fraudsters hide their operations this way and try to avoid their (real) IP address being blacklisted.
They deceive advertisers who think that their ads are driving targeted traffic from real users from the desired country or location. Emulators, proxy servers, and other technical devices and utilities erase geographical boundaries, allowing fraudsters to easily imitate traffic from the country or region desired by the advertiser.
This scheme is often used within large and organized click farms or botnets. Using multiple servers and preloaded VPNs, scammers route bot traffic through created IP addresses to mass click ads from any country — according to the one specified in the ad targeting.
Thus, we can conclude that many fraudsters use a VPN connection, but not every VPN traffic will be fraudulent. Special services for blocking bots and clickers help to accurately determine whether advertising traffic is fraudulent or not.
Blocking by IP address risks. The more points an IP address scores for possible fraud parameters, the higher the probability that traffic from this address will be fraudulent. Thus, it can be blacklisted and access to ads blocked.
Email Verification. VPN relies on email addresses. That is why networks used for click fraud will most often have identifiable emails. This option allows you to find VPN servers with a high risk of fraudulent activity.
However, do not despair. The technical capabilities of the Botfaqtor service allow you to implement countermeasures to block bots and fraudulent traffic.
For example, identifying IP addresses and then linking them to VPN devices allows us to detect click fraud patterns and block invalid traffic. In addition, we use hundreds of algorithms that allow us to find fraudulent traffic patterns. Our stop database already contains several million bots, whose access is prohibited to the advertisements of those advertisers who have been with us for a long time.
Special plugins and software hide the user's real location and allow him to remain anonymous online. Of course, VPN is used not only for harmless personal purposes, but also for click fraud.
Let's see how this technology is used by criminals to commit advertising fraud (click fraud)?
Contents
1. What is VPN
2. IP addresses and privacy
3. TOR network (about onion routing)
4. How VPN is used for click fraud
5. Is all VPN traffic fraudulent?
6. How to recognize VPN traffic
6.1 Risk Scores for IP Addresses
6.2. Device IDs
7. How to Stop Scam VPN Traffic
8. Conclusion
What is VPN
A virtual private network (VPN) is a set of network tools that is downloaded and installed as a standalone program for a PC/mobile device or as an extension (plugin) for a browser. For example, the Opera browser actually has a built-in option to switch to VPN mode.The virtual private network market has grown exponentially over the past decade as individuals and businesses seek ways to protect their data and ensure their privacy. Total revenue from paid VPN services is $15 billion per year . Europe and North America account for 17% of all users using this technology, while Asia-Pacific and Latin America account for 25%.
As the name suggests, the technology creates a virtual location for the user, giving them a unique IP address with each new connection. For example, if the user is in Belarus, then with the VPN enabled, the Netherlands may be displayed as their location on the network. The technology works by redirecting traffic through VPN servers, meaning the real location will be hidden.
Most VPN services require a paid subscription, but there are also free VPNs that use a P2P connection.
IP Addresses and Privacy
The creation of a new IP address, which is given to the user each time he connects, guarantees his privacy. Therefore, in order to detect or track fraudulent activity, special technical means have to be used. In a sense, such technology is an ideal tool for those who want to hide their online activity.But it is worth remembering that in today's socially active and digital world, absolute privacy is not so easy to achieve. And the recent scandal with Facebook and Cambridge Analytica showed that privacy was not always taken into account by the platform hosting.
But this does not mean that social networks or other platforms do not respect the privacy of users, especially in times of the spread of the mandatory General Data Protection Regulation (GDPR).
However, users around the world, especially in Asia and the Middle East, still use VPNs en masse. They see it as an opportunity to protect their data and privacy. On the other hand, with the help of virtual private networks, fraudsters can hide their illegal activity and cause obvious damage to advertisers.
TOR Network (about onion routing)
The TOR network was developed for the same purposes. It is software that uses the principle of onion routing. It allows the user to remain anonymous on the Internet and visit sites and services on the Dark WEB.The term TOR is an acronym for "the onion router," because the way information is transmitted over the network—the layers of encryption—is like the layers of an onion.
The concept of anonymous and secure messaging over the network was developed by the US Naval Research Laboratory. Later, a group of researchers, with the permission of the laboratory, created the TOR Project based on this algorithm, with the help of which individuals and government agencies could use the software for free and openly to increase their anonymity and security for communicating over the network.
Like VPN, it can be used by both regular users and scammers to click on ads.
How VPN is used for click fraud
When placing pay-per-click ads, marketers often set up targeting settings to more precisely display ads to potential buyers from a specific region. And they pay big money for it. And VPN or TOR browser are used by scammers as a tool for click fraud.VPN routes the connection through a dedicated private server, not through the user's ISP server. That is, the source of information transfer becomes the same VPN server. Fraudsters hide their operations this way and try to avoid their (real) IP address being blacklisted.
They deceive advertisers who think that their ads are driving targeted traffic from real users from the desired country or location. Emulators, proxy servers, and other technical devices and utilities erase geographical boundaries, allowing fraudsters to easily imitate traffic from the country or region desired by the advertiser.
This scheme is often used within large and organized click farms or botnets. Using multiple servers and preloaded VPNs, scammers route bot traffic through created IP addresses to mass click ads from any country — according to the one specified in the ad targeting.
Is all VPN traffic scam?
You might think that all users who clicked on an ad and used a VPN connection would definitely be scammers. No, that's not true. People can use a private connection to remain anonymous online and simply hide any of their activity. Others, as we wrote above, use it to bypass blocking of other sites, but at the same time they can search for some product or service and click on an ad.Thus, we can conclude that many fraudsters use a VPN connection, but not every VPN traffic will be fraudulent. Special services for blocking bots and clickers help to accurately determine whether advertising traffic is fraudulent or not.
How to recognize VPN traffic
So, it is not so easy to recognize click fraud traffic, where scammers use VPN. The main thing is to know a number of key points, since even hiding their real location, the user leaves their imprint, their trace (fingerprint).Risk scores for IP addresses
Since a VPN issues multiple IP addresses, and each of them can be used more than once, they can be assigned so-called risk points. The more points, the higher the probability that the IP address is used for click fraud. There are special services for this that check addresses for potential advertising fraud.Device IDs
Anti-bot software and scripts assign unique IDs to devices, rather than relying solely on IP addresses as in the case above. This means that even if a user or bot on their device uses a VPN to change IP addresses, the device ID itself remains the same. This makes it easier to block fraudsters from accessing advertisers' ads.How to Stop Scam VPN Traffic
VPNs are a great help for click fraud. However, marketers have the opportunity to combat it, because even though VPNs make users anonymous, they still leave their mark.Blocking by IP address risks. The more points an IP address scores for possible fraud parameters, the higher the probability that traffic from this address will be fraudulent. Thus, it can be blacklisted and access to ads blocked.
Email Verification. VPN relies on email addresses. That is why networks used for click fraud will most often have identifiable emails. This option allows you to find VPN servers with a high risk of fraudulent activity.
Conclusion
Be careful! Every year the number of virtual private networks grows, along with the same botnets. They pose a great threat to the advertising community and hinder the fight against advertising fraud. Thanks to the desire of many users to increase their privacy on the network, fraudsters have got their hands on a dangerous tool for committing fraudulent actions. And VPNs, in fact, act as a platform for deliberate and targeted click fraud.However, do not despair. The technical capabilities of the Botfaqtor service allow you to implement countermeasures to block bots and fraudulent traffic.
For example, identifying IP addresses and then linking them to VPN devices allows us to detect click fraud patterns and block invalid traffic. In addition, we use hundreds of algorithms that allow us to find fraudulent traffic patterns. Our stop database already contains several million bots, whose access is prohibited to the advertisements of those advertisers who have been with us for a long time.
