According to a story on security investigator Brian Kreb’s site: “A new email-based extortion scheme apparently is making the rounds, targeting Web site owners serving banner ads through Google’s AdSense program. In this scam, the fraudsters demand bitcoin in exchange for a promise not to flood the publisher’s ads with so much bot and junk traffic that Google’s automated anti-fraud systems suspend the user’s AdSense account for suspicious traffic.”
More on the story here: https://krebsonsecurity.
Google is not the only technology company whose anti-fraud systems are regularly abused by cybercriminals. For instance, in some social networks, an account can easily get banned for the influx of fake followers, and extortion of popular accounts is on the rise. Worse, it is extremely time-consuming to get your account unblocked, and virtually impossible to recover any loss of revenue caused by a block.
Threats to flood websites with garbage traffic are perfectly feasible, being very simple and cheap. Most likely, such attacks will indeed trigger some problems with Google Ads. Reportedly, Google is pretty slow and reluctant in handling and resolving such issues given the complexity in confirming whether they come from fraudsters or innocent victims of cyber extortionists. Deploying a web application firewall (WAF), enhanced with a bot filtering system, may considerably reduce the risks of falling victim to this emerging vector of digital blackmailing.