An interesting Bitcoin scheme has been going around targeting publishers who are using the Google AdSense program to display ads on their websites. This one definitely lives up to this site's name!
Reported by the one and only Brian Krebs, of Krebs on Security, this extortion is an email-based scheme that leverages Google's automated anti-fraud systems. In this scheme fraudsters threaten to flood their intended target's website with unusual, junk, and bot traffic. If they actually do, this would trigger Google's anti-fraud system resulting in Google suspending the site owner's AdSense account.
Before flooding the site, the fraudsters send the site owners an email that begins with quoting Google's automated warning to users that are illegally generating ad traffic/revenue. They then demand $5,000 worth of bitcoin to call off the attack or the site owner will look forward to an email from Google resembling what they had quoted initially.
Google states they have tooling to detect invalid traffic and that most invalid traffic is filtered before any advertiser or publisher is impacted. However, some customers feel this scheme might be impactful as Google support for these cases isn't as effective Google might convey.
What would you do? Would you pay a $5,000 ransom to get the monkey off your back or risk depleting, possibly, your main source of income?