Click fraud often goes undetected, costing companies $11.6 billion in 2014 alone. To battle the problem, you first have to understand it.
There’s no unsolicited email stating that you’ve inherited $500 million from a distant relative in Nigeria. There’s no phone call telling you that your computer is infected with malware. There’s only a bill, and on it is $11.6 billion—the amount of money lost to click fraud in 2014, according to a survey by Solve Media.
When you’re trying to grow your business on the Internet, one of the most valuable advertising avenues, it’s extremely disheartening to see your revenue dwindle as a result of fraudulent activity. To battle click fraud, you have to first understand it—and then work to counteract it.
What Is Click Fraud?
Click fraud, or traffic fraud, is the practice of repeatedly clicking on a pay-per-click ad to increase revenue for the advertiser network or publisher while draining the advertiser itself of revenue.
Click fraud is committed for one of two reasons:
1. Competitors can use click fraud to drain fellow businesses of revenue and advertising budgets. The more a business has to pay for one PPC campaign, the less money it has to spend on further advertising. However, no one profits from this type of fraud.
2. Affiliates use click fraud for profit. With PPC advertising, a business creates an ad that is published on a website, which had been selected by an advertising network. Each time someone clicks an ad, the advertiser is charged a fee that is paid to the ad network and then to the publisher. Because the advertiser pays the fee solely for the click, both the advertising network and the publisher can commit and profit from click fraud.
How Is Click Fraud Carried Out?
There are a few ways in which people perpetrate click fraud. Some methods, like crowdsourcing, seem innocuous; others, like botnets, are obviously malicious. Each method can leave a trace of it behind, making the click fraud detectable.
Crowdsourcing is the practice of encouraging users to click on an ad via text or images. Google’s AdSense guidelines forbid this behavior. Even phrases such as “support us” or “visit these links,” which seem innocent enough, are forbidden as the clicks that result from it are not “natural” clicks. Users must be aware that what they are clicking is an ad.
Incentivized traffic goes a step further by rewarding users for clicking on an ad. Google AdSense prohibits this tactic as well, stating that publishers may not “compensate users for viewing ads or performing searching, or promise compensation to a third party.” In other words, even non-monetary “prizes,” like online game codes, are disallowed. The result of incentivized traffic is that users are clicking on an ad for a purpose other than actually viewing it.
Click farms, most often located in developing countries where labor is cheap, employ people to click on ads. Although simple, this can be more inconspicuous than botnets because actual humans are clicking on ads. The click farm can instruct its employees to mimic actual user behavior in order to make the clicks look genuine. A red flag for this method is many clicks from a country that the business does not operate in.
Hit inflation attacks redirect actual users to the advertisement, regardless of whether or not they clicked on the ad. The user doesn’t even actually see the ad, either; the redirect is usually so quick that the user is none the wiser.
How Do I Avoid Click Fraud?
The Interactive Advertising Bureau’s Good Intent Task Force recently released a paper, “Best Practices on Traffic Fraud,” to help advertisers combat click fraud; the first on their list is “educate yourself about [click] fraud.” Beyond just knowing what click fraud is and the different methods to commit it, however, there are several other steps to take.
1. Set clear advertising campaign goals.
Make sure that you understand each step of the process and set limits on how much you are willing to pay for certain types of ads and publishers, keeping in mind that more reputable places often cost more. In the long run, however, reputability decreases the chance of click fraud.
2. Meticulously track your campaigns.
Don’t let your campaigns fall by the wayside and get surprised by the bill. Know where your ads are, what the publisher is doing to combat click fraud, how many legitimate and illegitimate clicks there are, how much you’re spending, and more.
Measure as much as you can. Video completes, ad views, clicks, click-through rates, and cookie attribution are easy for botnets to fake; purchases, subscriptions, and surveys are not.
3. Be careful about who you publish with.
IAB provides a set of questions to ask the publishers before creating a PPC campaign. Although it can feel like an interrogation, it’s imperative to do so as you’re putting your trust into someone who has control over how much you’re spending.
4. Use the tools at your disposal.
Manual detection can take a lot of time and isn’t always the most cost-effective manner of click fraud prevention and elimination. You can spot click fraud manually by monitoring the number of clicks from a single IP or the location of the user, but using sophisticated tools can spot harder-to-identify illegitimate clicks.
Google’s AdSense provides its own campaign tools to monitor your campaigns; SEO company Fruition is gearing up to release its own Click Fraud Tool that detects click fraud (It's a pretty nifty tool and there is a growing waiting list to use it. The click fraud tool will be released around Black Friday and you can sign up for early access).
Online criminals have exploited pay-per-click advertising since its inception, and the practice has only grown. Utilizing in-depth knowledge of click fraud methods—and developing strategies to combat it—can help keep the Internet a viable advertising avenue.