One of the key features about ClickCease is the use of session recordings to spot fraudulent visitor behavior. ClickCease hundreds of data points to analyse web traffic for potential fraud, which helps us to proactively block bots, out of geo clicks and other forms of suspicious traffic.   

But, you might ask, how can you spot bots and fraudulent behavior from a video of mouse movement on your website?

In this post we’ll look at how fraud behaves and how to spot the telltale signs in your dashboard.

How humans behave online

The average human website visitor will spend a minimum of 10 seconds on a page. This is the amount of time it will take for the information to load, for the eye to scan the page, extract the relevant information and maybe even scroll or roll down the page. 

If there is more information to digest, for example a list of benefits, a lengthy and informative block of content, or a catchy video, you can expect that engagement time to go up.

Bear in mind that we don’t necessarily read or engage with all the content on a page but scan and extract the information we’re looking for. This is especially true with PPC ads and landing pages for ads.

Depending on the page in question, a visitor could spend a few minutes on the page before clicking back, or moving to the next page.

In terms of mouse movement or screen touches, we humans tend to move in a fluid manner. 

How bots behave online

Click bots, which means bots designed to click on links or ads, will often perform the minimum engagement possible to beat fraud filters. This usually means they will click into a link, perform some movement or engagement that is often quite linear or rigid, possibly even erratic, and then click back.

They will almost never click any other links, and they will most likely perform some movement that just doesn’t look… Well, human!

Bot behavior on websites isn’t necessarily made for us to view, but to fool the algorithms and boost the chances of an ad click payout. 

Bot behaviour is different to human behaviour online

How fake engagement looks your ads

There are other forms of fake engagement which can land from your ads and interact with your site. A good example of these is the users of PTC or paid to click sites – a modern form of outsourced click farm.

So how can you tell…?

The obvious sign is that engagement is minimal. This means that a visitor might click into your site, engage for the minimum amount of time, performing few if any additional actions, and then leave.

Of course this can also happen with visitors who arrive on your site realize that your product isn’t for them. Or they may also be put off by the web page, load speed or other factors. 

How does ClickCease identify bad traffic?

Of course, ClickCease doesn’t just block invalid traffic based on a video replay. There are plenty of additional elements that give the game away, for example:

  • Browser – Bots and fraudulent traffic will often used a custom browser
  • Operating system – Bots don’t always use consumer grade operating systems such as Windows or iOS
  • Location – Although they might try and hide their location behind VPNs, invalid traffic often comes from out-of-geo or non-targeted areas
  • VPNs – Or virtual private networks, are commonly used by organized ad fraud operators to hide their true location
  • User Agent Spoofing, or UA spoofing – The user agent is used to identify the device and the software it is using. If there is a mismatch (i.e; it has been spoofed) this is often a sign of fraudulent behavior
  • Click thresholds – Genuine traffic will click once or twice within a specific period. Fraudulent traffic might generate clicks much more frequently.
  • IP addresses – Competitors or brand haters clicking multiple times from the same location can easily spotted and their IP addresses blocked
  • Developer tools – These are legitimate tools used by developers to automate application testing, but they can also be used to perform fraudulent activity at scale
  • Stealth browsers and multilogin sites – Often used to perform testing by developers, they can also be used to mask repetitive clicks and fake traffic 

These are all just pieces of the puzzle when it comes to our click fraud prevention algorithms. Of course ClickCease also uses machine learning to constantly stay ahead of the trends in click fraud and ad fraud.

How you can use session recordings

Our behavior analysis tool is available for pro and advanced subscribers with ClickCease. You’ll need to enable it in your dashboard, by first of all adding the ClickCease tracking code to your website.

You can read how to do that here (takes just a couple of minutes). 

Once you have some clicks that have been blocked, you can view them in your dashboard. You’ll find them under the Clicks Report section of your Fraud Analytics dashboard.

Watch a few of them and you should be able to see how bots behave. 

Is click fraud a real problem?

Although some still believe that click fraud is not a genuine problem, the sad reality is that it’s more widespread than ever. With competition for ad space leading to competitors clicking each other’s ads, and with fraud operators seeing the potential for an easy buck, marketers need to pay attention to who is clicking their ads as a priority.

And although the ad platforms do have processes in place to stop click fraud and ad fraud, it seems like a lot gets through the net. ClickCease customers stop, on average, an additional 14% of web traffic as fraud, often saving thousands of dollars each month.

If you run Google Ads, Facebook Ads, or Bing Ads, and you’re targeting high competition or high-priced keywords, we strongly recommend running a traffic audit. 

You can do this for free with a ClickCease 7-day trial.

Sign up and run your free web traffic audit today.