Under attack ... Michael Gilmour is on a mission to eliminate click fraud from the domain name industry. The company connects advertisers with owners of internet domain names who rather than using them for any particular purpose instead opt to "park" the websites and load them up with ads. Large amounts of revenue can be generated from people finding the sites via search engines or by typing the address into their browser. Examples of current parked domain names include mobilephones.com, freefonetones.com and jewellery.com. A major issue that is emerging in Gilmour's industry is the practice of unscrupulous domain name owners directing botnets of thousands of infected computers to repeatedly click on ads on their parked websites. This is known as fraudulent traffic and Gilmour is concerned because it brings down advertising rates for all players as the thousands of clicks are artificial and don't result in any purchases.

"They write little applications which can click on advertising - Google and Yahoo's business models are based on pay per click," he explained. "It devalues the whole industry. If someone pumps fraudulent traffic through our network then it devalues the quality traffic." Gilmour set about exposing the practice on his blog, deciding not to name and shame people in the first instance. He estimates that the fraudulent behaviour is worth about $500 million and the huge sums involved meant he was immediately targeted. He began receiving threats from people who said they would kill him if he didn't take down his blog. The attackers also knocked all of his websites offline by flooding them with traffic in what is known as a distributed denial of service (DDoS) attack. "I wrote about this and someone decided to take exception and they fired off a DDoS attack against my blog which took it down; they then fired off a DDoS attack against my company's website, then moved back to michaelgilmour.com which points to my blog and I've been under DDoS attack for the last two weeks," said Gilmour.

Australia's national Computer Emergency Response Team, known as CERT Australia, confirmed it had been in contact with Gilmour about the attacks but would not comment further on the specific incident. Asked whether he believed the death threats were a real threat to his safety or just keyboard warriors blowing off steam, Gilmour said "a threat's a threat" and that Victoria Police encouraged him to take it seriously. "It has not been the most pleasant experience for my wife, my kids and myself," he said. Jurisdictional issues meant there was little local police could do but Gilmour says he was referred to the US Secret Service, which collected evidence from him including his website logs. Gilmour's sites and his attackers are US-based and he believes the Secret Service took an interest as part of its ongoing efforts around cyber crime. "I was more than a little surprised by them investigating it ... my understanding is that since I received a death threat that changes the whole issue by an order of magnitude," he said.

The US Secret Service did not return a call requesting comment. Park Logic and its competitors have put in place measures to block the bad operators from registering accounts with them but he claims they have got around these by paying people to create accounts on their behalf. David Lye, CEO of Netfleet.com.au, Australia's largest domain name aftermarket, confirmed that artifically generated fraudulent traffic was an issue in the domain parking industry. He said he hoped Gilmour's exposure of the issue "cleans up the quality a bit and thus gives advertisers more confidence which would then lead to higher payouts for legitimate publishers". Peter Stevenson, operations manager at DarkBlueSea, an Australia company that runs advertising on behalf of domain name owners, declined to comment saying he did not want to get involved. Google and Yahoo, which often serve up the ads that are used on the parked domains, have developed technology to help expose fraudulent behaviour and invalid clicks. Google said it disables the AdSense accounts of those caught breaking its rules.

"Any method that artificially generates clicks or impressions on your Google ads is strictly prohibited," Google said. "These prohibited methods include but are not limited to repeat manual clicks or impressions, using robots, automated click and impression generating tools, third-party services that generate clicks or impressions such as paid-to-click, paid-to-surf, autosurf, and click-exchange programs, or any deceptive software." The Australian domain name regulator auDA and domain registry AusRegistry do not appear to be concerned by the issue of fraudulent traffic and parked domains. Loading "This is actually a search industry issue, and it is not related to auDA or AusRegistry. I know it involves domains which may be perceived as the common denominator, however it is beyond our control," said AusRegistry spokesman Michael Korjen.

This reporter is on Twitter: @ashermoses