When I talk to advertisers debating whether to explore paid search or not, one of the biggest sources of hesitation is Click Fraud. It may sound like paranoia, but it’s actually a very valid concern for many PPC practitioners.
However, fear of Click Fraud is not a reason to avoid PPC altogether. As long as you are aware of this phenomenon, monitor your account carefully, and take proactive measures to protect yourself, you will be in good shape!
What is Click Fraud?
Click Fraud is a black hat technique for accidentally inflating the number of clicks on a pay-per-click ad. Click fraud is often driven by one of two incentives:
- Advertisers try to sabotage their competitors by increasing their costs and meeting their budget limits early in the day.
- Ad publishers click on ads displayed on their sites to generate more revenue for them.
What Are Search Engines Doing About It?
For years, search engines have received a lot of criticism for not going the extra mile to identify and stop Click Fraud. This doubt is not unfounded. Note that regardless of whether a click is malicious or not, the search engine pays to view it. That’s why, to protect their reputations (and to rest the minds of weary advertisers), all the major advertising platforms have set their own task force to tackle click fraud.
How Does Google Combat Click Fraud?
Google has created the most robust anti-click scam program to date. Detection systems use a three-pronged approach, starting with automatic filters. Advanced algorithms detect and filter out invalid clicks in real time, before advertisers are charged. Because these filters cannot be relied upon to catch all fake clicks, Google’s Ad Traffic Quality Team also performs manual, offline analysis and removes any clicks it considers invalid before charging advertisers. Alongside these proactive measures, Google also initiates investigations based on reports of suspicious activity from advertisers. When malicious clicks are detected, they are labeled as “invalid” and credit is given to the account.
How Can You Detect Click Fraud in Your Account?
Now that you know the details of click fraud, you are probably wondering if YOUR account has malicious clicks. Before you jump into a full-blown paranoia crisis, I can assure you that there are TON of things you can do to determine if you are a victim of Click Fraud! Depending on the time and resources you can devote to tracking click fraud, you can approach the problem in one of two ways: through manual analysis or an automated solution.
If You Want to Detect Click Fraud Yourself
If you want to detect Click Fraud yourself, I have two tips on how to do it:
First, you will need internal reporting. In general, regardless of whether it’s Click Fraud or not, it’s always good to have some form of internal reporting because Google can only tell you if a click is a lead. Internal reporting will tell you whether this lead is a sale or not. Knowing this information can help you adjust your bid to favor terms that are more likely to result in a sale.
To track Click Fraud with your internal reporting, there are a few pieces of information you’ll want to make sure you collect:
- IP address
- click time
- action time
- user agent
It is necessary to identify them well. After you identify this fraudulent IP address, you can block ads to that IP address or addresses. You can change the target audience and exclude certain provinces from the advertisement. You can stop ads for a while and return to social media ads. The way to prevent this is to deter. Although Google says that it is struggling with this, it is unfortunately insufficient!
The requirement of the IP address is pretty self-explanatory, but why do you need the other three? Click time and action time should go together because you want to see IP addresses that clicked on an ad to come to your site but do not or rarely convert.
Click time is when someone comes to your site after clicking an ad.
Action time is when that person completes an action on your site.
If you’re seeing an IP address with a bunch of click times but no action time, it’s probably Click Fraud scam.
Finally, the user agent is really useful for determining if someone at a particular IP is the same person. It takes note of all the characteristics of the device used to access your site, such as the type of computer or device, internet browser, software, and more.
When you discover a potentially fake IP address, you should always quickly check the IP on a site to see who it belongs to.
Sites like www.whatismyipaddress.com and www.whatismyip.com are good resources to refer.
My second piece of advice is to be careful with proxy servers. It’s not uncommon for a client to panic because a significant portion of their traffic is coming from the same place, but eventually discover that the suspicious IP address belongs to the proxy server in a public place like a cafe, airport, or university. Doing some research on your IP can help you figure out if this is the case. If you’re still unsure, look at all the calls triggered from the IP in question. If the calls are very different, it’s probably a proxy server. If the search queries are similar and occur within a very short period of time, the clicks are most likely fake.
How to Avoid Click Fraud?
Despite claims that Google has gone the extra mile in eliminating Click Fraud, many advertisers still consider it a major problem. If you think you can’t rely solely on Google to weed out invalid clicks, roll up your sleeves!
1. Turn to Social Media Ads
The great thing about using these platforms is that your ads are shown ONLY on these platforms (!); that is, there are no third-party publishers involved in the process. This eliminates an important source of Click Fraud. OK, but what about clicks from malicious competitors? In fact, this version of Click Fraud is less common on paid social networks as its advanced targeting options are very specific. Because ad placement is based on a keyword search, it’s much harder for competitors to find your ads.
2. Set IP Exclusions in Google Ads (formerly AdWords)
If you have done your due diligence and identified the IP address associated with the fake clicks, you can prevent your ad from being served to that IP in the future. To set an exclusion, all you have to do is go to the Settings tab and navigate to the IP Exclusions setting. From there, simply enter the offending addresses and you’re good to go!
3. Organize Remarketing Campaigns
If you are concerned about publisher-based click fraud, this is the way to go. It is easily avoided by remarketing because ads are only shown to those who visit and show interest in the advertiser’s website. Publishers don’t risk clicking on ads because they can’t see them!
4. Set Your Ad Targeting
Sometimes all you have to do is make a small change to your targeting to weed out invalid clicks. If you suspect click fraud is coming from a specific geographic area (often “click farms” are located in poorer countries with low labor rates), it may be helpful to exclude these locations and related languages. Or if you suspect a competitor is committing click fraud, enter the zip code, city, etc. You can exclude. One thing to note here is that it is critical not to eliminate GOOD traffic while doing this. Only set these exclusions if you truly believe that most of the clicks generated in these areas are fake.
Now I turn to you, my friends, victims of Click Fraud, what clever tactics have you used to eliminate malicious clicks from your accounts?
