This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OAT-003 Ad Fraud

From OWASP
Revision as of 11:46, 16 February 2018 by Clerkendweller (talk | contribs) (Cross-References)

Jump to: navigation, search


This is an automated threat. To view all automated threats, please see the Automated Threat Category page. The OWASP Automated Threat Handbook - Wed Applications (pdf, print), an output of the OWASP Automated Threats to Web Applications Project, provides a fuller guide to each threat, detection methods and countermeasures. The threat identification chart helps to correctly identify the automated threat.

Definition

OWASP Automated Threat (OAT) Identity Number

OAT-003

Threat Event Name

Ad Fraud

Summary Defining Characteristics

False clicks and fraudulent display of web-placed advertisements.

Indicative Diagram

Description

Falsification of the number of times an item such as an advert is clicked on, or the number of times an advertisement is displayed. Performed by owners of web sites displaying ads, competitors and vandals.

See OAT-016 Skewing instead for similar activity that does not involve web-placed advertisements.

Other Names and Examples

Advert fraud; Adware traffic; Click bot; Click fraud; Hit fraud; Impression fraud; Pay per click advertising abuse; Phoney ad traffic

See Also

Cross-References

CAPEC Category / Attack Pattern IDs

  • 210 Abuse of Functionality

CWE Base / Class / Variant IDs

  • -

WASC Threat IDs

  • 21 Insufficient Anti-Automation
  • 42 Abuse of Functionality

OWASP Attack Category / Attack IDs