Before you read on, we should say that the BlackHatters are not hackers. We could barely hack back a hedge. We are PPC experts, not code writers. But having said that, that doesn’t mean that we haven’t read the odd hacker forum.
Recently, we were chatting about what would happen if you could get around Google’s click fraud system for Google’s PPC ads? If you could get around the click fraud, you would have the ability to click away on your competitors ads and deplete all their budget on a keyword so that their ads fell out of the auction and your ad is the only one remaining. That would be great news for the advertiser, as they would see big increases in their CTR (being the only ad shown) and having reduced CPC’s (in theory anyway) if there are less competitors in the auction.
However, you need to get around Google click fraud system and we know that its a pretty sophisticated bit of kit. If a user clicks on an ad more than 3 times within a session then the click fraud system kicks in and they are counted as invalid clicks and the advertiser gets their money back. Google’s click fraud system looks at all kinds of different identifiers when a user clicks on an ad – location, ip address, browser settings, etc…basically anything that Google Analytics reports on.
Google are one of the top technology companies in the World and they have some very smart people with very smart security systems to keep their data safe. So trying to hack into Google would (other than being illegal) be nearly impossible, as Google has encrypted URL’s on all PPC ads which send data back to the Google AdWords database. Maybe there are hackers out there who could hack the Google database and get access to AdWords accounts (someone hacked Linked In recently by the looks of it) but we wouldn’t have the first idea how to go about doing that.
So how could someone hack Google AdWords?
Well you wouldn’t hack into Google at all. What hackers are very good at doing is creating Trojans (you’ve probably heard of them) which are computer viruses which allow the hacker to talk to your computer (and in a sense…control it.) Hackers create these viruses and then input them into a piece of software which a user downloads not knowing the virus is there. Well, if a hacker created a trojan that got spread to 500,000 computers (with all unique settings that wouldn’t be picked up by Googles click fraud) that allowed that hacker to talk to all these computers, the hacker could then write a fairly simple script that could be get these computers to click on a PPC ad. If you had 500,000 computers clicking on competitors keywords every day, you would fairly soon ensure that your competitors would drop off that target keyword and you would control that keyword. Just think…what would that be worth to someone to control keywords like ‘Poker, Car Insurance, Credit Card or Bingo?’
In short…if you want to control a keyword, dont try and hack Google at all, try to control as many computers as you can.
Important: We are not suggesting try this…its just our rather stupid theory. And we dont want anyone doing anything illegal.
Brought to you by The BlackHatters.