Damon McCoy
Stefan Savage
ABSTRACT
Large-scale abusive advertising is a profit-driven endeavor. Without consumers purchasing spam-advertised Viagra, search-advertised counterfeit software or malware-advertised fake anti-virus, these campaigns could not be economically justified. Thus, in addition to the numerous efforts focused on identifying and blocking individual abusive advertising mechanisms, a parallel research direction has emerged focused on undermining the associated means of monetization: payment networks. In this paper we explain the complex role of payment processing in monetizing the modern affiliate program ecosystem and characterize the dynamics of these banking relationships over two years within the counterfeit pharmaceutical and software sectors. By opportunistically combining our own active purchasing data with contemporary disruption efforts by brand-holders and payment card networks, we gather the first empirical dataset concerning this approach. We discuss how well such payment interventions work, how abusive merchants respond in kind and the role that the payments ecosystem is likely to play in the future.
- 2010 U.S. Intellectual Property Enforcement Coordinator Annual Report on Intellectual Property Enforcement. http://www.ice.gov/doclib/iprcenter/pdf/ipecannual-report.pdf, Feb. 2011.Google Scholar
- M. Hypponen. A Norwegian bank (DnB NOR) co-operates with some of the largest spammers in the world. https://twitter.com/#!/dnbnor_hjelp/status/73305600066461696, May 2011.Google Scholar
- IACC Has New Tools To Cut Off Money to Bad Sites. https://iacc.org/news-media-resources/pressreleases/iacc-has-new-tools-to-cut-off-moneyto-bad-sites.php, 2011.Google Scholar
- ISO 8583-1:2003-- Financial transaction card originated messages--Interchange message specifications, 2003.Google Scholar
- C. Kanich, N. Chachra, D. McCoy, C. Grier, D. Y. Wang, M. Motoyama, K. Levchenko, S. Savage, and G. M. Voelker. No Plan Survives Contact: Experience with Cybercrime Measurement. In Proceedings of the 4th Workshop on Cyber Security Experimentation and Test (CSET), Aug. 2011. Google ScholarDigital Library
- C. Kanich, N. Weaver, D. McCoy, T. Halvorson, C. Kreibich, K. Levchenko, V. Paxson, G. M. Voelker, and S. Savage. Show Me the Money: Characterizing Spam-advertised Revenue. In Proceedings of the USENIX Security Symposium, Aug. 2011. Google ScholarDigital Library
- B. Krebs. White House Calls Meeting on Rogue Online Pharmacies. http://krebsonsecurity.com/2010/08/white-house-calls-meeting-on-rogue-onlinepharmacies, Aug. 2010.Google Scholar
- B. Krebs. Gateline.net Was Key Rogue Pharma Processor. http://krebsonsecurity.com/2012/04/gatelinenet-was-key-rogue-pharma-processor, Apr. 2011.Google Scholar
- N. Leontiadis, T. Moore, and N. Christin. Measuring and Analyzing Search-Redirection Attacks in the Illicit Online Prescription Drug Trade. In Proceedings USENIX Security 2011, Aug. 2011. Google ScholarDigital Library
- K. Levchenko, A. Pitsillidis, N. Chachra, B. Enright, M. Felegyhazi, C. Grier, T. Halvorson, C. Kanich, C. Kreibich, H. Liu, D. McCoy, N. Weaver, V. Paxson, G. M. Voelker, and S. Savage. Click Trajectories: End-to-End Analysis of the Spam Value Chain. In Proceedings of the IEEE Symposium and Security and Privacy, Oakland, CA, May 2011. Google ScholarDigital Library
- D. McCoy, A. Pitsillidis, G. Jordan, N. Weaver, C. Kreibich, B. Krebs, G. M. Voelker, S. Savage, and K. Levchanko. PharmaLeaks: Understanding the Business of Online Pharmaceutical Affiliate Programs. In Proceedings USENIX Security 2012, Aug. 2012. Google ScholarDigital Library
- M. Motoyama, D. McCoy, K. Levchenko, S. Savage, and G. M. Voelker. An Analysis of Underground Forums. In Proceedings of the ACM Internet Measurement Conference, Nov. 2011. Google ScholarDigital Library
- Rooting Out Rogue Merchants: The IACC Payment Processor Portal Mid-Year Review and Vision for the Future. IACC 2012 Spring Annual Meeting (as found at iacc.org), May 2012.Google Scholar
- D. Samosseiko. The Partnerka--What is it, and why should you care? In Proc. of Virus Bulletin Conference, Sept. 2009.Google Scholar
- B. Stone-Gross, R. Abman, R. Kemmerer, C. Kruegel, D. Steigerwald, and G. Vigna. The Underground Economy of Fake Antivirus Software. In Proceedings of the Workshop on Economics of Information Security (WEIS), 2011.Google Scholar
- B. Stone-Gross, T. Holz, G. Stringhini, and G. Vigna. The Underground Economy of Spam: A Botmaster's Perspective of Coordinating Large-Scale Spam Campaigns. In Proceedings of the 4th USENIX Conference on Large-scale Exploits and Emergent Threats (LEET), 2011. Google ScholarDigital Library
- Visa Global Brand Protection Program. http://blog.instabill.com/media/blogs/instabill/pdf/GlobalBrandprotectionProgram.pdf17, 2011.Google Scholar
- Visa Commercial Solutions. Merchant Category Codes for IRS Form 1099-MISC Reporting. http://usa.visa.com/download/corporate/resources/mcc_booklet.pdf.Google Scholar
- XyliBox. http://www.xylibox.com/.Google Scholar
Index Terms
- Priceless: the role of payments in abuse-advertised goods
Recommendations
The Price of the Priceless: Understanding Estimated Costs of Work in Friendsourcing
CHI EA '15: Proceedings of the 33rd Annual ACM Conference Extended Abstracts on Human Factors in Computing SystemsFriendsourcing, or outsourcing tasks to one's online and offline friends, is increasingly common and versatile. As regular crowdsourcing, friendsourcing requesters needs to incentivize potential workers (i.e., friends) to actually engage and complete ...
Comments