The Click Fraud Blog | ClickCease

DIY Click Fraud Protection

Click fraud is all too real. You can manage it yourself with four main tips and tricks.

Whether it be your competitors trying to sabotage your business by draining your advertising budget or bots and click farms.

Whatever the reason may be there is something YOU can do about it.

Search engines are constantly trying to prevent this from happening but like most things in life, it’s far from perfect.

Now it’s time to take matters into your own hands through either manual analysis or automated solutions.

First Things First: Internal Reporting

Information, information, information. The source of all power. Should be your first step in your plan for attack. It’s important to know what you’re up against.

Here’s the info you’ll need to gather:

  • IP Addresses
  • Click timestamp
  • Action timestamp
  • User agent

An IP address tells you where your viewer is viewing from. It’s important to check your IPs in order to monitor and track suspicious behavior.

Traffic coming from the same place is a red flag in click fraud detection but it could also just be coming from a public server like a coffee shop or university.

Click timestamps are the arrival on site after click ad. While an action timestamp is when the action is complete on the site. Multiple click timestamps with no action time stamps are huge indicators of click fraud.

A user agent identifies whether a person on said IP is indeed the same

4 DIY Tips for Click Fraud Protection

1. Set Up IP Exclusions in Adwords

Assuming you’ve done your homework in order to identify the fraudulent click IP addresses (and this is different from the invalid clicks you may be seeing on your account)  you can now block these specific IP addresses for future references.

1. Start by signing into your Google Adwords account.

2. Next, at the top go to the Campaigns main tab then drop down to and click Settings tab

3. Click the specific campaign you would like to exclude the IP address from

4. Scroll down to where it says Advanced Settings, then click on IP exclusions

5. Click Edit, which can be found next to “Manage IP Exclusions”

6. A box will appear, here you can type in all the IP addresses you would like to exclude. One per line, up to 500 different addresses at one time

7. Click Save

2. Run GDN Remarketing Campaigns

If publisher based fraud is a problem for you then your solution is remarketing. These ads will only be displayed to those who are actually interested in your website which eliminates publishers. Additionally, this will focus on those who have already viewed your site in hopes to retarget.

3. Adjust Your Ad Targeting

Through adjusting your specific geographic regions such as certain zip codes, cities, etc.

Why is this useful? Click farms, often originating from poorer countries that have a relatively lower labor rates. One method to combat competitor fraud is by excluding their specific region.

The downside of this tactic is you may be in turn discouraging genuine traffic to your site. So it’s important to think twice before going exclusion crazy!

4. Social Media Advertising

Social media advertising may be your hail Mary when trying to reduce fraud clicking if these other tactics didn’t do the trick. This DIY tip eliminates third party publishers, which may be the source of some of your grief. It allows you to be specific with advanced targeting options. While making it increasingly more difficult for competitors/threats to reach you here. The downside of social advertising is the lack of user intent. Moving away from search platforms because of someone clicking on your campaigns should be a last resort.

But is it worth it?

All your time and money.

To collect all the information necessary for internal reporting it takes countless man hours, some of which you may not have extra to spare.

Another question to ask yourself is does your company have the capabilities to collect this data? If this data is not collected and analyzed properly then the DIY approach may not be possible for you.

Social media ads are indeed a solution but if you are B2B especially, your audience just isn’t there. So these may not be the channels you want to be focusing on.

Setting up IP exclusions in AdWords is an uphill battle, to say the least, it’s an ongoing process that needs constant updating to be effective.

Additional questions to ask yourself:

  • Have you identified all the correct IPs?
  • Are these indeed fraudulent?
  • Are they still relevant?
  • How often do I need to update to make this run efficiently?

Remarketing is a solution but only for publisher based fraud.

Final Thoughts

You have now been given the tools to combat click fraud on your own. But with great knowledge comes great responsibility. Protecting yourself against your competitors or bots is a big task that many small and even mid sized companies do not have the power or capabilities to handle. I recommend trying these tips first to see how they work for you but urge you to consider seeking professional help. The automated approach gives you a complete low down on who’s clicking on your ads and how much fraud is actually taking place. It is a small expense in the grand scheme of running a successful business.

Ilan Missulawin

Ilan is a co-founder and the CMO of ClickCease since 2015.
When he isn't dreaming about click fraud you can find him writing about it.
Two of his favorite things in life are: Peppa Pig and writing about himself in third person.

1 comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  • I don’t believe remarketing is any longer a magic bullet to prevent publisher click fraud. All a bot needs to do is visit my site, and then start clicking my ads on their site. I am finding it very difficult to run remarketing campaigns without being swamped with this kind of activity. Has your platform evolved since publishing this post to combat this type of activity?

Block click fraud from ruining your campaign!

Most discussed