Ever since the mechanics behind ad tech (and digital marketing in general) became effective enough to be considered a reliable source of revenue, there was an issue of shady people getting into it with malicious intent trying to make use of it the other way around.

As previously covered on G2 Crowd, ad fraud is one of the biggest problems in the advertising industry.

Every year, various types of ad fraud eat up large chunks of profits. According to Juniper Research , the expected losses in 2018 are estimated $19 billion – around $51 million a day. While the resistance against ad fraud is pushing back, fraudsters are keen to up the game and stakes, and it seems unlikely that ad fraud will ever go away completely. But it gets a hell of a fight.

In this article, I’m going to tell you about one of the most common types of ad fraud: click fraud.

Let’s start with the basics.

What is click fraud?

Click fraud is a type of ad fraud that exploits the pay-per-click revenue model by accumulating the number of clicks on an ad content in a variety of ways in order to extort additional monetary benefits from advertisers.

Click fraud in 2018

Click Fraud is one of the most basic types of ad fraud that is commonly used throughout various segments of the industry. According to Pixalate , one out of five clicks was fraudulent in 2018. According a study by The App Solutions , the reason behind click fraud is simple – the pay-per-click model is widely used in the advertising industry, and it is relatively easy to manipulate.

How click fraud works

In a pay-per-click model, advertisers pay publishers for clicks on their ads. The cost-per-click ratio (the price of the click) depends on the overall performance of an ad's content on a particular ad space calculated through a click-through-rate.

Overall, it is a nice and simple way of generating revenue. Advertisers find publishers through ad networks like Google, whose platforms are relevant to advertisers' target audiences, and put their ads there, expecting the audiences' reactions in the form of clicks. That’s where the click fraud comes in. The key is in the very model itself – it is based on easy-to-rig metrics built around clicks.

Unlike conversions or other on-site actions, clicks are abstract signifiers of an action on a particular piece of content that happened and may or may not lead to further developments regarding conversions. Because of that, clicks are easy to simulate.

It is worth noting that click fraud is much more common on mobile than desktop environment.

Who is behind click fraud?

There are two types of people behind click fraud: competitors and publishers/affiliates.

Competitor click fraud

Competitors are driven by a desire to make ad tech marketing campaigns go south and lose as much money as possible. Competitor click fraud is specifically designed to derail your operation.

Usually, competitor click fraud is more of a blunt instrument than a sophisticated system. It can be a sneak sabotage or thunderous statement. Either way, its goal is more about inflicting damage than squeezing money out of the campaign’s budget.

Publisher and affiliate click fraud

Publisher/affiliate click fraud is a much more complicated beast. In this case, the fraudsters are parasitizing on the working system. Their purpose is to siphon as much money as possible without being noticed and blocked out.

Because publishers and affiliates are paid for clicks on an ad, they are interested in keeping the number of clicks high. This is achieved by mixing the real click flow with the simulated one.

Publisher-related click fraud usually operates at a different scale – which is smaller action-wise, but much bigger in terms of losses, due to being aimed at long-term operation.

Competitor publisher click fraud

There is also a variation of the two known as competitor publisher click fraud. The difference from the other types is that this type is aimed at publishers and designed to discredit their platforms.

The end purpose of competitor publisher click fraud is to kick the competitor off the ad service because of bad kind of clicks.

Types of ad fraud

Overall, there are two big categories of click fraud: manual and automated.

Manual click fraud

Manual click fraud is simple. It usually involves the fraudulent party hiring real people to perform clicks on specific ads in order to bloat the performance figures and receive a bigger cut of the revenue. It can bring certain results, but is nowhere near as efficient as an automated operation.

The extreme form of manual click fraud is so-called click farms that involve big numbers of people clicking on ads all day long.

This type of click fraud might also be well-intentioned, as many publishers use a tactic known as, “Support our website by clicking on ads.” However, these clicks are still ineffectual to a campaign's cause and must be dismissed.

Another type of manual click fraud is forced clicks, where the users are forced to click on ads because they will otherwise be unable to proceed on-site.

Automatic click fraud

Automatic click fraud involves the creation and maintenance of networks of bots designed to perform certain sequences of actions that result in clicks being registered by the systems as legitimate events.

What are bots?

Bots are automated scripts acting as users. In order to maintain a legitimate presence and unique IP-address, bot activity comes from devices infected with malware viruses. The infection comes from sneaking malicious software to devices by deception and obfuscation under cover of legitimate software applications. In the meantime, users are blissfully unaware of what is going.

Automatic click fraud can be further specified with the following subcategories:

Bot traffic: Bots go on targeted websites and create fake impressions. This automated ad traffic allows fraudsters to collect money for non-existing impressions as if they were real. This type of click fraud is really hard to spot, due to unique IP-addresses that make every bot look unrelated. However, their activity can be visible later, as there is nothing beyond those imitated impressions.

Click flooding: In this case, bots go on a particular ad and produce an immense number of clicks. This, in turn, derails analytics and seriously undermines performance results of a campaign. These days, flooding is more frequently used by competitors to discredit their targets and damage their reputations as viable partners.

Cookie stuffing: This tactic is often used in affiliate marketing schemes. Upon sending users onward to affiliate links, multiple third-party cookies are gathered in hopes of bloating the results. Fake cookies come from auxiliary elements of websites (i.e. scripts, pop-ups, and embedded elements such as images).

Toolbar injection: Users install a browser plugin that seems to be a legitimate tool. However, in actuality, there is a sneak piece of malware. This malware manipulates the page code and inserts different ad content (usually a pop-up, most commonly pop-up videos). This drives away clicks to the different advertisers.

Install hijacking/click injection: This type of click fraud is targeted at the attribution of an application installation. It is done through the sneak install of a fraud app disguised as a real one. When the other apps are installed, the fraud app overtakes tracking codes and attributes these installs as one that occurred because of it.

Device ID resetting: This technique is used on device farms with multiple devices. The scheme looks like this: the device downloads an app and clicks on real ads (via script). After that, the device is reset. This goes on again and again. In addition to that, there are also IP-address switches involved to gain the legitimacy of the act.

Click fraud prevention techniques

The following list of techniques can be useful in identifying and fighting against click fraud.

1. Ad verification

Ad Verification is one of the primary tools in keeping ad fraud (click fraud in particular) out of the gate. In a way, it is something of a double fail-safe tool. Basically, it helps to identify cracks in your anti-ad fraud armor.

Ad verification vendors provide performance insights with a variety of metrics, such as viewability and invalid traffic. (The nature of the metrics depends on the specification of the particular campaign.)

With assistance from these tools, you can shut down low-quality publishers and suspicious websites and perform a thorough campaign audit, which can be used in the optimization of a campaign.

Among the most trusted ad verification vendors are DoubleVerify , Moat, and comScore.

2. Use trusted platforms and check backgrounds

The other way of avoiding the threat of getting under the click fraud attack is through cooperation with trusted advertising platforms with a good track record for being nice and clean in ad tech operation.

In essence, this approach limits the operation to big and established companies like Google, Facebook, Bing, and DoubleClick. However, it adds more certainty about where your ad budget is going and much more confidence in the fact that your ad campaign performance results are plausible and depict real situations.

3. Use honeypots

Honeypots are one of the most effective ways of neutering click bots and exposing the networks behind them.

Here’s how they work. Ad servers use special ads that are not actual ads, but bluffs indistinguishable for the human user.

If a bot happens upon them and takes action, the honeypot sticks with it and does its thing, exposing the bot, leading to its IP being blocked.

4. Maintain a blacklist

Keeping an assorted collection of blacklisted IP addresses seems to be a natural reaction toward detected click fraud activity. Maintaining a Blacklist is one of the most consistent ways to contribute to the click fraud neutering cause. It works for suspicious IP-addresses, device ID, and spotted bot signatures. For example, you can check out suspicious domain on sites like MxToolBox .

Blacklists may contain websites, IPs, and device IDs that are considered discredited with various types of fraud spotted.

While this technique works after the fact, it helps to prevent further damage from the exposed IPs and IDs.

5. Constant metric audit

Metrics are tricky. In order to depict the real state of things, you need to constantly check metric accuracy and compare the results with several sources. It is never a bad thing to double check.

When things are put into perspective, it is easier to identify where trouble starts and take action before lasting damage is done.

Here’s a list of common suspicious activity. These patterns are definite signs of something wrong going on:

A campaign registers unnaturally high click-through rates.

The traffic rates of PPC enabled pages are drastically higher in comparison with the rest of the website.

There are spikes of activity and suspicious traffic swells at unnatural times for the selected region.

There are high bounce rates, short session times, and minimum time on site.

Such services as ClickCease can block invalid clicks.

6. Switch to more efficient models

Let’s face it – the pay-per-click model is not the most efficient way of doing digital advertising.

While it provides a clear-cut revenue scheme, this model is very fraud-prone. The thing is, clicks are merely abstract signifiers of a certain type of event happening on a specific piece of ad content. On their own, they don’t mean much. What really matters is what happens after the click – whether the conversion occurs, the product is purchased, or an application is downloaded.

Because of that, instead of constantly fighting off various threats and diving deep into stats in order to recognize the bad stuff, it's more reasonable to switch from pay-per-click to a more tangible model.

The most viable option is cost-per-action. This model takes things a step further. Instead of paying for clicks, advertisers pay for actions that occur on an advertiser's platform after the click (i.e. registering, downloading something, or filling out a form).

While no models are fraud-proof, cost-per-action provides more tangible metrics that keep fraudulent activity mostly out of the equation and pay only for relevant results.

7. Adjust targeting operation

If click fraud episodes occur frequently and there are clear tendencies regarding which elements of ad content are affected, it means you need to take more strategic action. You need to readjust your targeting and shift focus to more reliable audience segments.

One of the reasons why click fraud is enabled is insufficient targeting that includes suspicious and unreliable audience segments from problematic geographic regions where click farms are usually situated.

In order to take them out of the equation, make a couple of tweaks in your campaign settings and exclude certain regions and languages from the targeting operation. This can go as far as to block specific cities and zip codes.

Targeting adjustment is often combined with maintaining the IP, ID, and bot blacklists previously covered.

In conclusion

Click fraud is one of the more elaborate types of ad fraud out there. It exploits unsuspecting users and, as a result, manages to wreak havoc on marketing campaigns with significant losses.

One of the key things to remember about click fraud is that it isn’t going away. It is one of those things that will always turn up one way or another, but that doesn’t mean you have to kneel before it. Quite the opposite, actually.

If you apply a set of the aforementioned techniques, the impact of click fraud on you will be significantly lessened and, in some cases, even neutered.