Web crime has long been known to be worth good money, but now security company Finjan has been able to show just how profitable using a real-world example of such a scam - $10,800 (£7,900) per day.
The figures were calculated after the company gained entry to servers controlled by a criminal group carrying out a simple but multi-faceted con based on a mixture of search engine manipulation and bogus anti-virus software, designed to mine cash from web traffic.
According to Finjan, the crime network concerned had been able to hack legitimate websites, injecting PHP scripts capable of generating Google keywords based on popular search terms of the moment, bulked by mis-spellings of other common search terms. Once these bogus key words were indexed by search engines, anyone looking for the same terms or mis-spelled terms would have found the results at the top of search results pages.
Following any one of these links would take users to websites serving rogue anti-virus products that attempt to trick users into paying for a license to remove non-existent malware.
Researchers were able to see that during 16 consecutive days, a total of 1.8 million users were redirected to rogueware sites, 1.79 percent of whom fell for the scam and paid up $50 a time for useless software.
Since the criminals were being paid 9.6 cents for each redirection as part of a larger network of criminals affiliates, they would have netted $172,000 in total, or nearly $10,800 per day for the period of the scam monitored. The risk of discovery? Given that the web is now infested with many similar scams, virtually zero, making it a low-risk way to make money over and over again.
Assuming the criminals could replicate this success over a longer period, they might be able to earn up to 2 million per annum, the company had calculated.
"We already know that cybercrime makes money. But the question is how much money," said Finjan's CTO, Yuval Ben-Itzhak. The attraction of hacking legitimate sites to plant keywords was also clever, he reckoned, because it transferred to come-back for Google keyword manipulation to the real owner, and not the criminal.
"They are breaking SEO [search engine optimisation] rules. But they do not care if they will be punished."
A video used by Finjan to demonstrate the search engine optimisation (SEO) manipulation showed the search engine results to be innocuous looking. This helped lull users into the false sense of security needed to make the rogue anti-virus software look more plausible.
Fake anti-virus software has grown into one of the commonest scams in the web, even affecting Mac users . Despite many warnings, a small minority of Internet users continue to fall for the con. The technique of carrying out immediate online scans for malware was started by revenue-hungry anti-virus companies looking for subscriptions from worried users. Although legitimate, the idea was quickly picked up on by criminals, who grasped its simple psychology of fear.