Anyone brave enough to type "cheap tickets" in a search engine can find a plethora of one-page Web sites designed to drive traffic to other Web sites and generate click-through advertising revenue.

They're an irritant to users and another way in which the Internet is being abused for profit. But a new study by a team of Microsoft Corp. and University of California researchers has shed light on how so-called "search spammers" work and how advertisers can help stop the practice.

"By exposing the end-to-end search spamming activities, we hope to ... encourage advertisers to scrutinise those syndicators and traffic affiliates who are profiting from spam traffic at the expense of the long-term health of the Web," wrote authors Yi-Min Wang and Ming Ma of Microsoft Research and Yuan Niu and Hao Chen of the University of California in Davis. Their research will be reviewed at the 16th International World Wide Web Conference in Banff, Alberta, in May.

The researchers looked at "redirection spam," where a user clicks on a URL but is then automatically transferred to a different URL or shown advertising content that originates from somewhere else on the Web.

Often, legitimate companies have their advertisements served on questionable sites through redirections designed to "obfuscate the connection between the advertisers and the spammers," the researchers wrote.

In one example, they traced the origin of advertisements for orbitz.com, a popular travel services site, that appeared on suspicious Web pages. They uncovered five layers that lie between a legitimate advertiser and a questionable search spam Web site.

For example, a business such as orbitz.com may buy advertising from a syndicator, who then buys space on high-traffic Web pages from an aggregator.

In turn, the aggregator buys traffic from Web spammers. The spammers set up the millions of "doorway" pages, designed to show up high in the search engine rankings, for products such as ringtones or prescription drugs. They also distribute URLs by inserting them as comments on users' blogs.

If those links are clicked, the doorway pages then redirect to other pages, potentially bringing revenue back to its controller via pay-per-click advertising offered by companies such as Google Inc. through its AdSense program.

But by using new spam detection and Web page analysis, the researchers say they've narrowed down some of the confusing redirection chains, from hosters of doorway pages through to redirection domains.

Three out of every four unique Blogspot.com URLs that appeared in the top 50 results for commercial queries were spam, the study said. Blogspot is the hosting site for Google's blogging service. Blogs created for marketing purposes are sometimes referred to as "splogs."

Also, one domain -- topsearch10.com -- hosted many other redirection domains that were responsible for 22 percent to 25 percent of the spam detected during the researchers' tests, the study said.

They also narrowed down two blocks of IP (Internet protocol) addresses that advertisements were directed through to spammers' pages. That bottleneck, they said, "may prove to be the best layer to attacking the search spam problem."

A responsibility also lies with advertisers to assert greater control over where and how their ads are placed.

"Ultimately, it is advertisers' money that is funding the search spam industry, which is increasingly cluttering the Web with low-quality content and reducing Web users' productivity," they wrote.