Security researcher Didier Stevens conducted a test last year to see what kind of a clickthrough rate you might get from an ad offering drive-by downloads. .16%, as it turns out…
Here’s an excerpt from his blog post about the test, “Is your PC virus-free? Get it infected here!”
Would you click on this Google ad?
No? Sure? Because 409 persons did!
How do I know? Because I’ve been running this Google Adwords campaign for 6 months now.
.16% clickthrough. On an ad that was unabashedly offering to infect your computer. At a cost of $23. If Stevens had actually been phishing, he could have made some money.
You’d have to think that an ad that made some attempt at subterfuge would do considerably better. And most people looking to give you a virus or recruit you for their zombie army at least offer you something you want. Steven’s ad didn’t even say the service was free.
I think I’ve been underestimating how lucrative this whole malware thing is.
~ Ivy Wigmore