Google: 130 million scam ads axed in 2011

Filed Under: Google, Law & order, Malware, Vulnerability

googleYou think malvertising's bad on Google now?

Google's actually reduced scam ads by over 50% year over year from 2010 to 2011, according to a blog entry put up on Wednesday by Sridhar Ramaswamy, Google engineering senior VP.

The post includes some proud lauding about Google's success in scraping off a plague of ad leeches that cling to Google and partner sites, including websites selling counterfeit goods and fraudulent tickets as well as "underground international operations trying to spread malware and spyware."

Success in leech scraping, by the numbers:

"In 2011, advertisers submitted billions of ads to Google, and of those, we disabled more than 130 million ads. And our systems continue to improve—in fact, in 2011 we reduced the percentage of bad ads by more than 50% compared with 2010. That means that our methods are working. We’re also catching the vast majority of these scam ads before they ever appear on Google or on any of our partner networks. For example, in 2011, we shut down approximately 150,000 accounts for attempting to advertise counterfeit goods, and more than 95% of these accounts were discovered through our own detection efforts and risk models."

Google uses a combination of technology and review by real, live humans to remove bad ads: i.e., ads for counterfeit goods, for harmful goods (like ads for cigarettes or handguns), or those that lead to malicious download sites that contain malware or viruses.

In July 2010, Naked Security's Graham Cluley found one such malvert that turned out to be a lovely example of meta-malware: my newly fabricated term for malware that promises to eradicate malware.

Graham found the malvert by doing a Google search on the term "malware". Lo, the top sponsored link was a fake anti-virus company that urged visitors to download software that turned out to be a Trojan. Take a look at the video he made:

(Enjoy this video? You can check out more on the SophosLabs YouTube channel and subscribe if you like)

If we were to use that search term - "malware" - as a litmus test, we'd find that Google has cleaned up nicely over the past 2.5 years. The top sponsored links on 15 March 2012 were in fact for actual anti-malware from Symantec and Malwarebytes.

Google has, to date, spent millions building technical architecture and advanced machine learning models to better detect these bad ads and automatically prevent them from ever appearing on its platform in the first place.

In Wednesday's blog, Ramaswamy outlined these recent, additional improvements to those detection systems:

  • Improved “query watch” for counterfeit ads: While anyone can report counterfeit ads, we’ve widened our proactive monitoring of sensitive keywords and queries related to counterfeit goods which allows us to catch more counterfeit ads before they ever appear on Google
  • New “risk model” to detect violations: Our computer scanning depends on detailed risk models to determine whether a particular ad may violate our policies, and we recently upgraded our engineering system with a new “risk model” that is even more precise in detecting advertisers who violate our policies
  • Faster manual review process: Some ads need to be reviewed manually. To increase our response time in preventing ads from policy-violating advertisers, we sped up our internal processes and systems for manual reviews, enabling our specialists to be more precise and fast
  • Twenty-four hour response time: We aim to respond within 24 hours upon receiving a reliable complaint about an ad to ensure that we’re reviewing ads in a timely fashion

These are all positive steps. Good for Google.

And it's no surprise the company is eager to neutralize the (deservedly) bad press its advertising platform has received.

Examples: in January, Google admitted to pocketing profits from ads on seamy sites for illegal products and services.

Before that, the BBC exposed the company's profiteering from bogus Olympic 2012 ticket sales.

Last August, Google was hit with a whopping $500 million settlement as punishment for allowing Canadian pharmacies to place ads that led to illegal sales of prescription drugs to US consumers.

The Justice Department accused CEO Larry Page of knowing about the situation for years.

Google's Ramaswamy wrote that the company "must remain vigilant because scammers will always try to find new ways to abuse our systems. Given the number of searches on Google and the number of legitimate businesses who rely on this system to reach users, our work to remove bad ads must be precise and at scale."

Absolutely. Best of luck to Google in its quest to rid its advertising venues of bad actors.

But let's also keep a vigilant eye on Google. As history has shown, there are more ways to be an advertising bad actor than to try to slip a Trojan off as an anti-malware download.

, ,

You might like

4 Responses to Google: 130 million scam ads axed in 2011

  1. shaine · 950 days ago

    funny i had visited that particular page my self just a month ago and i declined on the product but now i am wondering just what has been installed on my system ??

  2. George · 950 days ago

    Caveat emptor

  3. Nigel · 950 days ago

    Thanx for another great article, Lisa. It's good to know that Google is policing its own systems. If they don't, the politicians will be only too glad to get involved, and there goes the ball game.

    Even so, your cautionary note is well taken. Google is less intrusive and abusive than, say, Facebook, but their record isn't squeaky clean.

  4. Lisa Vaas · 949 days ago

    Thanks for the note, Nigel. Speaking of Facebook, I was wondering today when/if we'll see scams on Google+ like we do on Facebook. I never see mention of any, and I never see any in my stream. Is it just me? If not, if nobody else is seeing "free iPad 5" scams and the like, is this an example of Google anti-malvertising technology succeeding? Hmmm.... hmmm..... I need to find that out... feedback welcome on that...

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.