With so much money at stake with PPC and online ad campaigns, ad fraud is a growing worry for businesses. But what is ad fraud and what are the implications for your business?
Put simply, ad fraud is the practice of defrauding any form of online advertising using practices that can either artificially inflate income for the fraudster, or sap the budget of the advertiser. Although these practices often go hand in hand, ad fraud can also simply be malicious. These fraudsters aim either to divert legitimate traffic from websites or eat up their advertising budget.
Ad fraud is estimated to steal around $26 billion from advertisers in 2020, with that amount set to rise. As ad fraud isn’t technically illegal, there are currently very little resources deployed to combat it, although Google, Bing and others do have some processes to protect against the most obvious sources of click fraud.
What Are the Different Types of Ad Fraud?
Although the definition of ad fraud often involves bots or automated processes, there are other methods that include the human touch. These ad fraud techniques are the most common that you’re likely to encounter.
Hidden Ads or Ad Stacking
There are several practices whereby sites can display an ad on their site which is technically not viewable by the human eye. Displaying the ad in a 1×1 pixel square, stacking multiple ads on top of one another or displaying the ad outside of the viewable area are the most common practices.
Using this approach the site owner will get a payout for the ad being displayed, but the advertiser will see little or no traffic or clicks as a result.
- Ad displayed in an imperceptible format
- Zero to extremely low chance of traffic
- Often used by fraudulent publishers looking to profit from multiple ads on their sites
Click farms are one of the main forms of
A click farm can be an actual place, usually a warehouse in the developing world with hundreds of people assigned to like, click and interact with content for hours a day. Click farms can also take the form of remote workers, you might have seen those ‘make $ working from home’ ads online, which are often a type of click farm.
- Real people from unique IP addresses make click farms hard to combat
- Non genuine traffic with no chance of a conversion
- Used by organisations looking to boost their views (often through paid campaigns)
The number one source of ad fraud, bot traffic refers to automated systems set up to click or interact with sites. However, not all bots are created equal. Simple bot programs are often set up to do simple repetitive tasks such as scanning through domains clicking on a set group of ads or performing a single repeated action across multiple sites. These types of bots are relatively easy to spot as they have a consistent IP address and cookie profile.
You might have noticed simple bot behaviour with spam messages in your inbox, or if you run a blog or website you will probably have seen spam comments.
Increasingly sophisticated bot traffic is where headaches start for advertisers. These can do more complex tasks such as:
- rotating IP addresses
- mimicking user behaviour
- using proxy servers to disguise their location
These bots can play the PPC system, both
- The main source of fraudulent clicks and ad fraud
- Simple bots are easy to combat as they have predictable and simple behaviour
- Complex bots are often used by criminal organisations to boost their income
Hijacking Clicks or Ads
This clever method uses malware to hijack the ad (also dubbed as: malvertising) on a website and replace the code in the
This can also work to redirect clicks to a different site even if the original ad is displayed. So the advertiser pays for the click but the hijacker benefits from the traffic generated.
- Malware designed to change the code of a display ad in the hijackers favour
- Can either divert traffic from genuine ads, or display a different ad on top of the advertisers’
Impression Laundering or Arbitrage
This clever form of fraud siphons off legitimate display advertising onto less relevant, or sometimes downright shady sites. These sites usually also have high traffic. This usually hits advertisers with a high price CPM (cost per mile) campaign, where the ad success is measured in impressions rather than actual clicks.
By using a series of clever redirects, as far as the advertiser is concerned their ad is being displayed on legitimate partner sites.
- Ads can be seen on irrelevant sites, or sites promoting illegal activity
- These sites tend to be high traffic so impressions can be very high
How to Protect Yourself From Ad Fraud
Although these are the most common types of ad fraud, the goalposts are always moving and new forms of digital fraud are developed almost daily. And, as the practice isn’t outlawed, it can be very tricky to minimise or even be aware of your exposure to ad fraud.
There are a few things you can do to limit your exposure to these potentially expensive practices. Some are things you can do in your PPC campaign set up, others will involve using a paid service. Depending on the potential for gain or loss, you might want to weigh up which is best for your business.
Monitor your data
At the absolute minimum, keeping an eye on your traffic sources and CTR data will help you to identify if something fishy is going on. If traffic appears to be coming from a suspicious location, or you’re experiencing a high CTR but little in the way of conversions then look closely at your advertising partners and consider limiting traffic from certain locations.
If you suspect dodgy traffic is coming from some less salubrious partners, you can blacklist certain domains and IPs of “users” that click. As you have little control over malware or traffic coming through those sites, keeping them blacklisted is a good way to avoid the fraudulent traffic that they might be attracting.
Click Fraud Protection
With the rise of digital fraud and especially click fraud you’ll find services such as ClickCease designed specifically to defend and protect your ad campaigns against suspect practices. The sophisticated algorithms help protect against bot traffic, click farms and multiple clicks on ads from suspicious IP addresses.
Click fraud protection is particularly suited to high value campaigns, especially those targeting competitive keywords.
If you’re planning a PPC campaign and you want to be sure you’re getting the most for your money, then take a look at how ClickCease can make your money go further.