Musings on AdSense and DoS attacks

So 72 hours have elapsed since I contacted Google about the abrupt suspension of my AdSense account, with no response. I've gone through the logs on the servers that run the three sites I had AdSense ads on, and the statistics are underwhelming. Two of those sites have had a few hundred visits this month combined, and the third isn't much farther ahead. There was nothing suspicious in any of the logs (and rememb

So 72 hours have elapsed since I contacted Google about the abrupt suspension of my AdSense account, with no response. I've gone through the logs on the servers that run the three sites I had AdSense ads on, and the statistics are underwhelming. Two of those sites have had a few hundred visits this month combined, and the third isn't much farther ahead. There was nothing suspicious in any of the logs (and remember, I use Google Analytics for all these sites, so they know this as well). I used those ads to defray the cost of hosting those sites. They certainly didn't pay for the hosting -- those sites have always run in the red. But it's all small potatoes.

So I started thinking about the whole picture. Since I've done nothing to cause this action, others must have (or Google's got some serious click detection coding issues) -- but how?

I cannot log back into my AdSense account, but I'm sure that someone can verify this for me -- you can take your AdSense invocation code and drop it just about anywhere, on any page, and it will work. I vaguely recall a setting in AdSense that will allow you to limit the sites that can display your ads, but the default is that this function is disabled. Thus, anyone can copy the JavaScript AdSense code from your site and use it on theirs. Common sense would say that this shouldn't be much of a concern because if someone were to do that, they wouldn't get paid for those ad impressions and clicks. However, if someone were to do this and start running up the clicks and impressions on their own site using your Google AdSense code, from what I've seen, you'd likely have your AdSense account suspended permanently.

Thus, this is a highly effective DoS attack that hits anyone using AdWords directly in the pocketbook -- permanently -- as in "you'll never use Google AdSense ever again, ever".

Someone please tell me I'm wrong here... I can't verify this without creating another AdSense account, and I'd prefer to wait and see what comes from my dispute for before I do anything involving AdSense. But I don't think that I'm wrong. So all it takes is some chucklehead clicking all the ads on your site repeatedly, or pulling the JavaScript code from your own pages and putting it on theirs (and doing the same) to get you a lifetime ban from Google AdSense. That's it. Sounds like an easy way to hurt your competition, or as retribution for some perceived wrong.

So much like eBay's feedback system's flaws were shown by the seedy side of humanity in the form of shoddy sellers giving retaliatory feedback, Google's got AdSense problems. Given that AdSense is the financial core of their business, I'd think that they'd want to protect it (and their users) a bit more than this. Oh, and one more thing -- when your account gets disabled, any earnings between your last check (or in my case, my only check) and the time the account is disabled disappear completely. The icing on the cake, so to speak.

Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies