ad fraud data and facts logo
New Research Report: Quantifying The Cost Of Ad FraudView Now
New Report: Quantifying The Cost Of Ad Fraud View Now

What is Click Fraud?

what is click fraud

Block click fraud with Fraud Blocker

Table of Contents

Have you ever wondered why your online ads sometimes don’t deliver the results you expect?

If you’ve run ads on channels like Google, Facebook or Instagram, terms like click fraud, invalid clicks, and bot traffic are probably terms you’ve heard before. And while it is true that ads are a great way to reach your customers, solving the problem of fraudulent traffic can be a challenge.

The first step in conquering a problem is to understand it. So if you’re spending any money with online digital advertising, this guide will explain all you need to know about click fraud and the related problems of ad fraud and bot traffic.

What is click fraud?

Click fraud refers to any form of interaction on paid online advertising which has no genuine interest or chance of converting. This can mean clicks on paid search results, display ads, sponsored ads, videos or sponsored app downloads.

By repeatedly clicking on an advertisement in an ad campaign, the fraudulent party can achieve one of two end results:

  1. Wasted budget: the advertiser pays for a click that has zero chance of converting, thereby wasting and potentially depleting their ad budget. Or…
  2. Fraudster profits: The fraudulent party profits from the click due to the placement of the ad on their own website or app.

In the first scenario, a business competitor might click your ads repeatedly, depleting your ad budget and effectively removing your ads from search engine results (this tactic is known as competitor click fraud). And in more organized cases, a fraudster can potentially accrue large sums of money through generating fake clicks on ads hosted on their own sites or apps.

Simply put: the publisher and/or advertising network, or an individual compensated by them, make money at the expense of the advertiser’s ad budget without having any interest whatsoever in the product or service being advertised.

Why is click fraud so prevalent today?

The often stated problem of click fraud and ad fraud is a growing problem, and one that has not been tackled effectively by the ad networks. And despite the consistent growth of the digital marketing, and a demand for PPC campaigns by businesses in almost every industry, click fraud shows no sign of slowing. But why is it so prevalent?

It is easy to commit click fraud
What makes click fraud so commonplace and difficult to combat is the fact that it is such an easy crime to commit. All one needs is a webpage with some sort of PPC advertisement running on it and a method to exploit that ad through repeated fake clicks and voila.

Fraudsters can create hundreds, if not thousands of websites and populate them with low grade content. It’s then a simple process to integrate a display ad, or video ad, and click away to collect that ad revenue.

Sounds simple? There are countless Made For Advertising (MFA) websites online which host low quality guest posts, or simply scraped content, and are then crammed full of ads.

Hidden ads and other tricks
Another sneaky trick by fraudulent website owners is to hide ads in various manners. From ad stacking to pixel stuffing, there are various ways to generate fraudulent clicks on ads that you can’t even see.

In fact, many advertisers are buying ads not even viewable by the human eye or clicked on by a human finger, without even realizing.

Many advertisers are buying ads not even viewable by the human eye or clicked on by a human finger.

Click fraud can be hard to detect
Another challenge is that click fraud can also be very difficult to detect. Or, that is what the ad networks would have you believe.

Bot traffic has become much more sophisticated in recent years, but there are still tell-tale signs that can flag up suspicious traffic. The problem mostly is that automated bots now are programmed to mimic human behavior, and can even record and trace genuine human activity to be used on a website again and again. You visit, you scroll, you click. That behavior can be logged and used to commit click fraud across other apps or fake websites.

Is click fraud just “collateral damage”?
One of the biggest problems is that many advertisers simply shrug click fraud off as part of the process. In some instances, it’s priced into the advertising budget.

Large advertisers with multi-million-dollar advertising budgets are often uninterested in investing the time needed to identify the fraudulent practices, nor are they willing to attempt to track down those responsible, assuming that is even possible.

Additionally, every layer of the supply chain from the supply-side publisher to the demand-side advertiser is riddled with fraud. These players are constantly thinking up new ways to exploit advertisers, running schemes that range from fairly simple to highly complex

By the time you finish reading this sentence several hundred or even thousands of small crimes will have been committed online. While each occurrence of these crimes is seemingly insignificant – a few cents here, a dollar there – they collectively add up to a staggering number that has a devastating financial impact on advertisers and ecommerce. In fact, click fraud losses are estimated to reach $172 billion per year by 2028, according to Juniper Research.

In this article we define the types of click fraud in more detail, discuss the impact it is having on the advertising industry, provide some real-world examples to demonstrate the seriousness of the problem, and conclude with methods for preventing it.

click fraud global report

Types of click fraud

There are many types of click fraud, some are relatively small in scope and involve simple processes, while others are wide ranging and employ highly sophisticated techniques. Here, we cover some of the more common types of click fraud.

Pixel Stuffing
Pixel stuffing is a popular method where a fraud publisher loads ads, or an entire website, all within a 1×1 pixel on their site. The advertiser is charged but the ads are unviewable by humans.

click fraud pixel stuffing
Learn more about pixel stuffing →

Ad Stacking
Multiple ads are stacked on top of each other. Similar to Pixel Stuffing, these ads are not viewable by humans, unbeknown to the advertiser.

click fraud ad stacking
Learn more about ad stacking →

Location Fraud
Fraudsters can spoof the geo location of their traffic or use a Virtual Private Network (VPN) to artificially change the country to where they receive more money per click or impression, typically in the US.

Video Viewing Fraud
YouTube, Twitch and other popular video services rely on viewer counts to determine how popular a video or channel is. These can be easily faked with bots and advertisers ultimately end up paying for the ads that play which aren’t seen by real humans (also known as “invalid traffic”).
Learn more about viewbots →

Click Bots
One of the largest schemes to produce fraudulent clicks is to inject malware or other code onto a suspect’s computer. The malware will work quietly in the background, making use of the infected computer to repeatedly click on ads. Large bot schemes can infect millions of computers around the world and they are difficult to detect since the IP ranges appear organic.
Learn more about click bots →
Learn about good bots vs bad bots →

Incentivized Clicks
Many companies will incentivize their users to click on ads and watch commercials in order to receive cash or credits for those activities. This is popular in gaming where you watch a video to receive a reward in the game. This can be considered ad waste since users only click on the ads to receive the credit and they have little to no real interest in the advertised product.

Click Farms
One of the most wide-spread and largest fraud activites today are click farms. These are businesses that hire individuals whose job it is to simply to click on ads all day. Click farms are typically hosted in poorer countries where labor can be purchased cheaply. Often these individuals are given some form of training to employ techniques that give the impression that each click is from a different user.

click fraud click farms
Learn more about click farms →

Affiliate Ad Fraud
Advertisers rely on cookies to pass information about the user and the web site source of their visit. Fraudsters will place cookies without the user’s knowledge.

Source Spoofing
The “header” of a source website provides information such as browser, device type, geo location and more. Those details are modified by a fraudster to help boost their user’s credentials and to hide their tracks.

Domain Spoofing
With domain spoofing, the domain name is changed in the supply chain and re- labeled as coming from a more premium site, such as changing from junknewssite.com to Bloomberg.com.

click fraud domain spoofing

Competitor Click Abuse
Competitors, especially those in high-cost PPC industries or with disgruntled former employees, can repetitively click on your ads to intentionally drive up your advertising costs without any sales or conversions. These is one of the easiest forms of fraud to commit.

Redirect Attacks
Redirects, or hit inflation attacks, uses multiple redirects to increase the number of clicks. When a user clicks on an ad, he or she will be redirected to another ad and then redirected back to the original ad. This often happens very quickly and the sources appears to be organic since they are real users clicking on and viewing the advertisements.

Examples of click fraud

There are countless examples of click fraud and ad fraud in recent years. And barely a month goes by without a new exposure of some fraudulent network or an app loaded with click bots.

These are just a few of the most (in)famous examples of click fraud and click farms which have been uncovered in recent years.

WeChat Click Farm

In 2017, three Chinese nationals were arrested in Thailand and accused of running an extensive click farm operation. The scheme made use of 476 cell phones and 347,200 SIM cards to amass fake “likes” and views on WeChat – a Chinese social media mobile application.

By utilizing a large number of SIM cards, the group was able to create the impression of hundreds of thousands of unique users. The fraudsters created thousands of fake accounts with fake email accounts. In order to appear like legitimate traffic, the click farmers had to constantly switch between accounts. Repeated clicks by the same user or even a similar pattern of users could tip off advertising platforms that employ algorithms to detect fraud practices.

wechat 2017 click fraud example

Inmoderatus

In another example, Imoderatus used fake employees, fake corporate websites, more than 125 Android applications and websites, and a variety of techniques to create fake traffic to defraud advertisers. The scheme worked by selling ads to companies that were supposed to appear on applications and websites operated by the shell company.

One of the main Android applications used by the fraudsters was called MegaCastChromecast Player. The ads that were sold would often be hidden on screens and even appear while the application was closed, running up ad revenue without alerting users to the practice.

Research firm Pixalate estimated that the app was serving 1,400 impressions per day for each user. The ads consisted of 60% display ads and 40% video ads. Pixalate concluded that the scheme could be costing advertisers in excess of $75 million per year.

Methbot

Perhaps one of the most well known ad fraud cases was that of a criminal gang who ran this hugely successful fraud operation. Spearheaded by several Russians, the Methbot team used fake websites and flooded them with fake traffic, sourced from hired data centers and IP addresses. They used a variety of sophisticated methods such as copying human behavior to perform simple tasks including scrolling, clicking, half playing videos and being signed into Facebook accounts.

The same gang also had previous success with the 3VE botnet, which was a malware bot installed on 1.7 million computers. This was also used to load ads on fake websites and was partly used to help the gang siphon off between $7 million and $180 million, depending on your sources.

See more examples of click fraud →

How click fraud works

Online advertising should be simple. You sign up for an ad platform, create and run your ad, potential customers click and buy and you get sales.

Easy.

But as this infographic simply explains, click fraud is part of the online advertising ecosystem. In fact, anecdotal evidence suggests that click fraud affects 90% of all PPC campaigns.

How click fraud works [Infographic]

How big of a problem is click fraud?

Depending who you ask, click fraud has been labeled as either the biggest or the second-largest organized-crime scheme in the world. By most metrics, ad fraud and click fraud have overtaken credit card fraud as the single most profitable form of global fraud. The statistics on click fraud are staggering and emphasize what a growing crisis the practice has become, particularly for pay per click ads. Here are a few key stats:
21% of ad impressions on Chrome were from “non-human” sources (Source: Wall Street Journal)
20% of all digital ad spending is wasted (Source: CNBC/Adloox)

25% of all desktop clicks were determined to be fraudulent (Source: Pixalate)

There are large amounts of data that show both the broad scope and crippling effect that click fraud has on the advertising industry, especially within pay per click ads. The fact is that with such large amounts of money being spent on ads each year, there will always be bad actors who seek to get a slice of the pie.

But the practice goes far beyond individuals or groups seeking to profit by repeatedly clicking on ads displayed on their websites.

Your competitors can easily engage in click fraud to drive up your advertising costs and/or exhaust your budget. By using up your daily ad budget quickly, your competitors will be able to advertise and reach real users while you’re waiting for your budget to restart the next day. Not to mention you would see no conversion rates.

And yes, this does really happen. As evidenced here, here and here

Every click matters as keywords can be very expensive. In fact, many industries see fake clicks on keywords costing well over $100 each. (Read more: The most expensive Google Ads keywords).
Even disgruntled former employees or customers can hire a click farm, organize a click fraud campaign or setup a bot to financially harm your business. While less common than some other forms of click fraud, it is important to recognize that bad traffic can originate from multiple sources. Combined with the staggering amount of money to be made, it is easy to see why click fraud is such a widespread problem.

How much money does click fraud cost advertisers?

Annual estimates for the losses associated with click fraud are varied. A study conducted by Juniper Research found that advertisers lost $42 billion to advertising fraud in 2019, significantly impacting PPC ad campaign budgets. This include losses on multiple platforms including desktop, mobile and in-app advertising. A report released by Cheq, a cybersecurity company, estimates that advertisers lost about $23 billion globally to ad fraud in 2019. The report also states that other industry statistics regarding ad fraud, like those advanced in a study published by White Ops and the Association of National Advertisers which found that ad fraud cost advertisers $5.8 billion in 2019, are underrepresented due to a failure to obtain data from vendors that do not openly share data.

It’s possible that only 1% of ad spend is truly productive. What this means to advertisers is that the costs associated with reaching your customers are much higher than they would otherwise be. In other words, your bottom line is significantly reduced through a decrease in ad exposure and the related costs of failing to attract new customers through advertisements that are never seen by potential customers.

And it is not just the advertisers that suffer.

Publishers are being dropped by major brands to reduce advertisers’ potential exposure to bad traffic sources. For instance, JPMorgan Chase recently reduced the number of websites where their ads appear from 400,000 to just 5,000 that were deemed trustworthy publishers.

In other words, 395,000 publishers lost access to a major advertising partner, which surely included some publishers acting in good faith. Other large companies have also drastically scaled back their digital advertising budgets. In 2017, Proctor and Gamble cut $200 million in ad spending. Unilever followed suit with similar cuts.

The industries most affected by click fraud

While click fraud hurts the advertising industry as a whole, some industries are hit harder than others.

Perhaps not surprisingly, there is a direct relationship between expensive PPC keywords and the occurrence of click fraud.

In other words, highly competitive industries where advertisers fight for positioning to attract customers across multiple search engines or ad platforms are the most affected. This competitive landscape is further complicated by tactics like click fraud, which are used to manipulate rankings and inflate the click-through rate of a webpage on search engines.

In finance, some keywords can cost advertisers upwards of $100 per click, making them prime targets for large scale dedicated click fraud operations hired to artificially increase click volume on search engine results.

The legal industry, however, is notoriously very expensive for advertisers. Our own research shows it’s historically the most expensive keywords across every industry. Phrases such as “las vegas personal injury attorneys” or “los angeles truck accident lawyer” reached an astonishing $500 per click.

Examples of the cost of a single ad click among the top 5,000 keywords on Google Ads for the legal industry:

Business services such as hosting and conference calling average upwards of $60 per click. Attracting online gambling customers or forex traders will cost advertisers in the neighborhood of $100 per click. We see further evidence of fraudsters targeting these higher value keywords by viewing the levels of non-human traffic that each of these industries receives on average. Keep in mind that all industries are impacted in some way with ad fraud. The University of Baltimore found that 14% of all clicks are invalid with higher CPC industries seeing more cases of fraud traffic.

Are your ads affected by click fraud?

Chances are that the answer to this is a solid, yes. It’s estimated that 90% of all Google Ads campaigns are affected by some level of fraudulent invalid traffic, and ads on Facebook or Instagram might have an even higher fraud rate.

The best thing you can do is run an audit to identify click fraud on your own campaigns. Run our 7 day free trial to check and detect click fraud on your Google Ads or Meta for Business Ads (BETA).

By detecting click fraud, you could literally make the cost of a click fraud detection subscription back in days, if not hours for some campaigns.

Fraud Blocker helps with click fraud detection and prevention

Click fraud is occurring everyday at staggering levels and it’s predicted to grow exponentially in the coming years.

Fraud Blocker helps marketers fight back and quickly improve the quality of their traffic and leads on Google Ads campaigns, and soon Meta for Business campaigns too.

How?

We block bad clicks on your ads using proprietary and advanced algorithms to detect malicious practices. This automatically blocks bad traffic sources, preventing them from clicking on your ads in real time.

And of course this saves you time and money to help you level the playing field by employing software that is as sophisticated as the click fraud practices employed by fraudsters.

Start a no-risk 7-day free trial and see how much you can improve your marketing efforts today.

Facebook
Twitter
LinkedIn
Email