Team for Research in
Ubiquitous Secure Technology

Dissecting One Click Frauds
Nicolas Christin

Citation
Nicolas Christin. "Dissecting One Click Frauds". Talk or presentation, 11, November, 2010.

Abstract
"One Click Fraud" is an online confidence scam that has been plaguing an increasing number of Japanese Internet users, in spite of new laws and the mobilization of police task forces. In this scam, the victim clicks on a link presented to them, only to be informed that they just entered a binding contract and are required to pay a registration fee for a service. Even though no money is legally owed, a large number of users prefer to pay up, because of potential embarrassment due to the type of service "requested" (e.g., pornographic goods). Using public reports of fraudulent websites as a source of data, we analyze over 2,000 reported One Click Frauds incidents. By correlating several attributes (WHOIS data, bank accounts, phone numbers, malware installed…), we discover that a few fraudsters are seemingly responsible for a majority of the scams, and evidence a number of loopholes these miscreants exploit. We further show that, while some of these sites may also be engaging in other illicit activities such as spamming, the connection between different types of scams is not as obvious as we initially expected. Last, we show that the rise in the number of these frauds is fueled by high expected monetary gains in return for very little risk. The quantitative data obtained gives us an interesting window on the economic dynamics of some online criminal syndicates.

Electronic downloads

Citation formats  
  • HTML
    Nicolas Christin. <a
    href="http://www.truststc.org/pubs/773.html"
    ><i>Dissecting One Click
    Frauds</i></a>, Talk or presentation,  11,
    November, 2010.
  • Plain text
    Nicolas Christin. "Dissecting One Click Frauds".
    Talk or presentation,  11, November, 2010.
  • BibTeX
    @presentation{Christin10_DissectingOneClickFrauds,
        author = {Nicolas Christin},
        title = {Dissecting One Click Frauds},
        day = {11},
        month = {November},
        year = {2010},
        abstract = {"One Click Fraud" is an online confidence scam
                  that has been plaguing an increasing number of
                  Japanese Internet users, in spite of new laws and
                  the mobilization of police task forces. In this
                  scam, the victim clicks on a link presented to
                  them, only to be informed that they just entered a
                  binding contract and are required to pay a
                  registration fee for a service. Even though no
                  money is legally owed, a large number of users
                  prefer to pay up, because of potential
                  embarrassment due to the type of service
                  "requested" (e.g., pornographic goods). Using
                  public reports of fraudulent websites as a source
                  of data, we analyze over 2,000 reported One Click
                  Frauds incidents. By correlating several
                  attributes (WHOIS data, bank accounts, phone
                  numbers, malware installed…), we discover that a
                  few fraudsters are seemingly responsible for a
                  majority of the scams, and evidence a number of
                  loopholes these miscreants exploit. We further
                  show that, while some of these sites may also be
                  engaging in other illicit activities such as
                  spamming, the connection between different types
                  of scams is not as obvious as we initially
                  expected. Last, we show that the rise in the
                  number of these frauds is fueled by high expected
                  monetary gains in return for very little risk. The
                  quantitative data obtained gives us an interesting
                  window on the economic dynamics of some online
                  criminal syndicates.},
        URL = {http://www.truststc.org/pubs/773.html}
    }
    

Posted by Larry Rohrbough on 7 Dec 2010.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.