Click fraud is a type of digital crime that occurs when a person, automated script, or computer program imitates a legitimate user clicking on an ad to generate a charge per click, with no actual interest in purchasing the product or service.
Types of Click Fraud
Click fraud comes in many forms, each with a unique purpose. Some of the most common types of click fraud include:
|Click fraud bots||This type of click fraud is committed by automated scripts, also known as bots. Bots are programmed to visit websites and click on ads with no human oversight. Their purpose is usually to generate revenue for the person who created them.|
|Click farms||A click farm is a group of people who are paid to click on ads. The people who run them typically pay meagre wages to their workers, often located in countries with a low cost of living and lax working condition regulations.|
|Pixel stuffing||Pixel stuffing is a form of ad fraud that occurs when fraudsters embed a normal-looking ad with a fraudulent pixel that is “stuffed” with multiple ads. The pixel is so small that it’s completely undetectable to the naked eye. But the fraudster still collects money for “impressions” of ads that were never actually seen.|
|Ad stacking||Ad stacking is a type of click fraud that occurs when multiple ads are placed on top of each other to generate more clicks. This means that only the ad at the top of the stack is visible, all the other ads remain hidden “behind” it.|
|Location fraud||Location fraud is a type of click fraud that occurs when someone clicks on an ad from a location that is not the intended target market for the product or service being advertised. For example, if an ad for a product that is only available in the United States is clicked on by someone in Canada, this would be considered location fraud.|
|Video viewing fraud||Video viewing fraud is a type of click fraud that occurs when someone uses scripts or bot traffic to automatically play videos, or pays people to watch videos in order to inflate view statistics.|
|Competitor click abuse||Competitor click abuse is a type of click fraud that occurs when someone clicks on an ad for a competitor’s product or service to drain their competitor’s budget.|
|Incentivized traffic||Incentivized traffic is a type of click fraud that occurs when someone is paid or given an incentive to click on an ad. This can be done by offering a prize for clicking on an ad, or by giving a discount on a product or service in exchange for clicking on an ad.|
|Data centre traffic||This refers to a type of non-human, illegitimate web traffic. It comes from unknown servers that deliberately avoid identification, making it difficult to track and block.|
Consequences of Click Fraud
Click fraud can have several consequences for both advertisers and publishers. Some of the most common consequences of click fraud include:
- Advertisers lose money. Click fraud means advertisers end up paying for clicks that aren’t from real people. So they’re not getting their money’s worth from their ad spend, as they are not reaching their target audience, thus wasting their budget.
- Advertisers may stop advertising. Another consequence of click fraud is that advertisers may stop advertising. If advertisers feel they are not getting a return on their investment due to click fraud, they may decide to stop advertising altogether. This would be detrimental to many businesses, as advertising is often essential for generating sales.
- The quality of ads may suffer. If advertisers are concerned about click fraud, they may be less likely to invest in creating high-quality ads. This could lead to a decline in the overall quality of online advertising, which would be bad for both businesses and consumers.
- It may become more difficult to measure the effectiveness of ads. Click fraud can also make it more difficult to measure the effectiveness of PPC campaigns. If clicks are being generated by people who have no genuine interest in the product or service being advertised, it’s difficult to gauge whether an ad campaign is successful. This can lead to businesses wasting money on ineffective advertising campaigns.
- It may encourage other forms of fraudulent activity. Click fraud may also encourage other types of fraudulent activity. If people realise they can generate income by clicking on ads, they may be tempted to engage in other types of fraud, such as creating fake websites or signing up for multiple accounts with different email addresses. This could lead to an increase in digital crime, which would be bad for both businesses and consumers alike.
Who Commits Click Fraud?
Some of the most common groups include:
- Advertisers are the most common type of click fraudster. They use click fraud to inflate their own click-through rates and improve their ad rankings. Advertisers may also commit click fraud in order to artificially increase the number of impressions for their ads, which can result in higher ad revenue.
- Competitors may commit click fraud in order to deplete an advertiser’s budget or to lower their ad ranking.
- Affiliates may engage in click fraud in order to earn greater affiliate fees from those they’ve partnered with. This type of fraud is typically done using automated scripts that generate fake clicks on ads.
- Publishers falsely inflate their numbers by clicking on ads themselves to generate more revenue. They make money by inflating the number of pageviews on a website or by generating fake clicks on ads.
How Click Fraud Works
There are several ways that click fraud can be committed. Understanding how malicious actors operate is the first step in protecting yourself, your company, or your organisation from this type of cybercrime. Some of the most common methods include:
- Manually clicking on ads. This is the most basic form of click fraud. It involves someone manually clicking on an ad, usually multiple times, in order to generate false clicks and inflate results. This method is relatively easy to detect and doesn’t use any automated programs in the process.
- Creating fake accounts. This method involves creating multiple fake accounts, often with different email addresses, and using each account to click on ads. This type of fraud is more difficult to detect, as it can be difficult to tell the difference between a real person and a fake account.
- Automated clicks. Automated clicks are generated by software programs that mimic human users. This method is difficult to detect and can lead to a very high volume of fake clicks in a short period. Bot traffic is one of the most common types of invalid traffic. And automated scripts are becoming more and more human-like in their behaviour.
- Botnets. Botnets are networks of computers that have been infected with malware and can be controlled by a single individual. These computers can generate fraudulent clicks on ads without the owner’s knowledge. Botnets are one of the most sophisticated and difficult to deal with forms of click fraud.
How to Prevent Click Fraud
Click fraud is difficult to detect and quantify because there’s no standard method of identifying it. However, there are some methods that may help prevent click fraud from happening, or at least make it more difficult to carry out:
Use Click Fraud Prevention Software
There are several click fraud detection tools available on the market. These tools work by analysing your website traffic and identifying patterns that may indicate fraudulent activity. Once click fraud has been detected, prevention software can then block it at its souce.
Block IP Addresses That Are Known to be Associated With Click Fraud
If you’ve been the victim of click fraud, you may be able to identify the IP address or addresses that were used to generate invalid clicks. Once you have identified them, you can then block them from accessing your website. This will help to prevent future click fraud attempts from the same IP address. Unfortunately, it will not prevent click fraud from happening altogether, as malicious actors often use VPNs to mask their IP address and simulate different geographic locations.
Use a CAPTCHA System On Your Website
A CAPTCHA system is a type of security measure that requires users to enter a code before they can access your website. This code is typically displayed as an image that contains text that is difficult for computers to read. By requiring users to enter this code, you can help to prevent automated programs from accessing your website and committing click fraud.
Limit the Number of Clicks Per IP Address
One way to fight click fraud is to limit the number of clicks that can be made from each IP address. This will help to prevent automated programs from clicking on your ads multiple times and driving up your costs.
Monitor Your Website Traffic for Unusual Activity
Another way to prevent click fraud is to monitor your website traffic for any unusual activity. If you notice any sudden spikes in traffic or clicks coming from certain IP addresses, this could indicate click fraud. By continuously monitoring your traffic, you can quickly identify and take action against any potentially fraudulent activity.
Use an Advertising Network That Offers Click Fraud Protection
There are some advertising networks that offer protection against click fraud. These networks typically use sophisticated systems to detect and prevent invalid clicks. If you are concerned about click fraud, you may want to consider using one of these networks for advertising.
Educate Yourself About Click Fraud
The best way to prevent click fraud is to educate yourself about it. By understanding how it works and what to look for, you can be better prepared to identify and prevent it from happening. Click fraud can be a complex and difficult topic to understand, but there are a number of resources available that can help you learn more about it (like this blog).
Report Any Suspicious Activity to Your Advertising Network
If you suspect you’ve been a victim of click fraud, report it to your advertising network. By doing so, you can help to ensure action is taken against the individuals responsible.
Monitor Your Costs
One of the best ways to detect click fraud is to keep track of your costs. If you notice a sudden increase in your costs, without a corresponding increase in conversions, this could be an indication that click fraud has occurred.
Is Click Fraud Draining Your Ad Budget?
With Lunio, you can focus 100% of your budget on genuine buyers.
Industries Affected by Click Fraud
All industries that rely on paid advertising for revenue are affected by bot clicks. This includes, but is not limited to, the following industries:
The eCommerce Industry
The eCommerce industry is based almost entirely online, which makes it susceptible to many types of malicious cyber attacks – click fraud being one of them. Since eCommerce businesses rely on website traffic to generate sales, any sort of fraudulent activity that brings down their website visits can result in lost revenue. In fact, research suggests that click fraud cost eCommerce businesses $6.5 billion in 2017 alone.
The Advertising Industry
Advertising is another industry that has been hit hard by click fraud. After all, most forms of advertising – including Pay Per Click (PPC) ads – are based online. Thus, when bots mimic real users and click on ads, it causes advertisers to lose money needlessly.
In addition, click fraud also decreases the overall effectiveness of advertising campaigns. That’s because PPC ads are only effective if people are actually clicking on them out of genuine interest. If a significant portion of those clicks is coming from bots instead of actual humans, then it devalues the ad campaign as a whole.
The Publishing Industry
Just like eCommerce businesses and advertisers, publishers rely on website traffic to generate revenue. Thus, when their website takes a hit due to invalid clicks, it can lead to lost page views and ultimately decreased earnings.
What’s more, bot traffic can also skew analytics pertaining to website visitors. This makes it difficult for publishers to gauge which content is resonating with their audience and what needs to be improved upon. As a result, they may end up wasting time and resources creating content that their audience isn’t actually interested in consuming.
Click Fraud vs Law
Click fraud is illegal in many jurisdictions around the world and can be punished by both civil and criminal penalties. However, the perpetrators are often based in countries where the laws are not as strict, making it difficult to prosecute them.
In addition, most advertising networks do not have a mechanism in place for reporting or tracking click fraud. This makes it difficult to prove that fraud has actually occurred, which further complicates things from a legal standpoint.
Despite the challenges, there have been a few notable cases of click fraud that have resulted in legal battles:
- In 2006, Lane’s Gifts and Collectibles sued Google for click fraud, claiming the company had not done enough to prevent invalid clicks on ads. Google settled the case for $90 million.1
- In 2018, a small business Investor Village filed a lawsuit against Facebook claiming that the social media company was inflating metrics to boost ad revenue. 62% of small business owners in the U.S. believed that Facebook ads they bought were missing their targets, according to Pennsylvania television station YourErie.2
- In 2020, Motogolf.com sued Top Shelf for repeatedly clicking their ads and running up their PPC expenses. Although some charges were dropped, the judge still ruled that Top Shelf interfered with the plaintiff’s business relations through wrongful means.3
Trends in Click Fraud
Click fraud has been on the rise in recent years, and this trend is expected to continue in the years to come. The online advertising industry has been growing at a rapid pace. In just the past few years, spending on digital advertising has increased significantly.
As PPC continues to grow, so does the incentive for criminals to engage in click fraud. That’s because it’s relatively easy to commit and it can be quite profitable for those who do it.
The Future of Click Fraud
The future of click fraud is likely to be shaped by the rise of artificial intelligence (AI). As AI technology becomes more sophisticated, it will become increasingly difficult for businesses to detect and prevent click fraud.
What’s more, cybercriminals will also become more adept at using AI to commit click fraud. They will create more sophisticated botnets that can click on ads at a much faster rate. In addition, they will also be able to generate fake clicks from a wider range of IP addresses, making it even more difficult for businesses to detect and block sources of click fraud.
The future of click fraud is likely to be an arms race where businesses have to rely increasingly on their own AI to detect and prevent it.
Frequently Asked Questions
How common are fraudulent clicks in paid search advertising?
Fraudulent clicks are a major problem in paid search advertising. In fact, it’s estimated that as much as 25-50% of all clicks on paid ads are fraudulently generated. This means that businesses are losing billions of dollars every year to click fraud.
How can I tell if I’m being targeted by click fraud?
There are a few signs that you may be being targeted by click fraud. For example, if you notice a sudden or unexplained spike in website traffic, it could be a sign that your ads are being clicked on by a botnet. If you’re receiving a high number of clicks from a single IP address, it’s worth investigating that further too.
What is the difference between click fraud and click bombing?
Click fraud is when someone artificially inflates website traffic numbers by clicking on ads without any intention of engaging with the ad. Click bombing is when someone repeatedly clicks on an ad in order to cause it to be removed from an advertising platform. Both activities are illegal and can lead to fines and jail time.
How much does click fraud cost businesses?
Click fraud is a major problem for businesses that rely on paid advertising to generate traffic. It’s estimated that businesses lose $120 billion each year to click fraud. This money could be used to improve products and services or to hire more staff. Instead, it’s being wasted on fraudulent clicks.
Where do click farms operate?
Most click farms are located in developing countries where labour is cheap, for example in China and India.
Do malicious actors click their own ads?
Yes, malicious actors will often click their own ads in order to generate revenue. This is known as “ad fraud” and it’s a major problem for businesses that rely on paid advertising.
Do legitimate users do anything that could be considered invalid clicks?
There are a few legitimate reasons why a user might click on an ad without intending to engage with it. For example, if they accidentally click on an ad while trying to scroll past it, this doesn’t mean that they’re trying to commit fraud.
Additionally, some users may click on an ad out of curiosity, even if they have no intention of purchasing the product or service. While this isn’t ideal from a business perspective, it’s not necessarily indicative of fraud.
Is it possible to eliminate click fraud completely?
Unfortunately, it’s not possible to eliminate click fraud completely. However, there are steps that businesses can take to minimise the risk of being targeted by criminals. Apart from manually checking clicks for signs of fraud, businesses can also use professional click fraud prevention solutions. These solutions work by analysing click data and identifying patterns that are typical of click fraud. By using a click fraud prevention solution like Lunio, businesses can significantly reduce the amount of money they lose to click fraud.
If I accidentally click on a pay-per-click ad without malicious intent, am I committing fraud?
No. If you click on an ad by accident, you’re not committing fraud. However, businesses have to pay for every click, whether or not it’s from a real person. So, even if you’re a legitimate visitor, accidental clicks can still waste their advertising budget.
What happens when click fraud skews user data?
Businesses may make bad decisions based on fraudulent data, such as investing in ads that aren’t getting clicked on by real people. Additionally, ad networks may charge higher rates for advertising space if they believe that there’s a high demand for it. However, if that demand is based on fraudulent clicks, businesses will end up paying more than they need to.
Do search engine algorithms factor in click fraud?
The algorithms used by search engines are constantly evolving, and it’s difficult to say definitively whether they take click fraud into account. However, it’s likely that they do consider it to some extent. After all, if a large number of clicks on a particular ad are coming from bots or click farms, it’s not a genuine indication of interest. As such, it’s possible that search engine algorithms could penalise ads that are being targeted by malicious invalid traffic.
Does click fraud affect your conversion rates?
Yes, click fraud can affect your conversion rates. This is because, if numerous clicks on your ad are coming from bots, it’s likely that few of those clicks will result in actual sales or leads. As such, your conversion rate will be lower than it would be if you were getting genuine clicks from legitimate visitors.
Can a high number of suspicious clicks affect your search rankings?
Repeated clicks from the same computer or from different computers with suspicious user profiles can certainly affect your search rankings.
Click fraud is a problem for search engines and websites alike and can greatly reduce the quality of the user experience. Some webmasters resort to shady tactics like hiring click fraudsters to generate fake traffic and boost their page rankings artificially – a technique known as black hat SEO, which usually only works short-term.
How can you stop bot clicks on your own websites?
There are a few things you can do to stop bot clicks on ads displayed on your websites. For example, you can use CAPTCHAs to verify that users are human. Additionally, you can monitor user behaviour and block IP addresses that seem suspicious. Finally, you can use a business-grade click fraud prevention solution to filter out invalid clicks automatically, which is often the most effective and pragmatic option.
How can fraudulent clicks affect your advertising budget?
Fraudulent clicks can affect your advertising budget in a few ways. First, you’ll have to pay for the clicks even though they’re not coming from real people. Additionally, if your conversion rates are lower than expected because of fraudulent clicks, you’ll end up spending more money on ads than you would if those clicks were legitimate. Finally, if your click-through rate is artificially inflated by bots, you may end up paying more for advertising space than you would if the number of clicks was accurate.
1 – Wong, Nicole (2006). Update: Lane’s Gifts v. Google. [online] Official Google Blog. Available at: https://googleblog.blogspot.com/ [Accessed 6 Oct. 2022].
2 – Garsd, Jasmine (2018). Does Facebook Really Work? People Question Effectiveness Of Ads. [online] Available at: https://www.npr.org/ [Accessed 6 Oct. 2022].
3 – Casetext.com. (2021). Motogolf.com, LLC v. Top Shelf Golf, LLC, 528 F. Supp. 3d 1168 | Casetext Search + Citator. [online] Available at: https://casetext.com/ [Accessed 6 Oct. 2022].