We came across a great article from the famous Forbes Magazine today which tackles the issue of click fraud and 12 steps you can take to reduce it. We were not surprised when they recommended using “third-party tools” and implementing click fraud monitoring. We couldn’t agree more. If you’d like to read the article in its entirety, you can do so by clicking the link below:
The second most common type of click fraud after competitor driven fraud is probably a surprise to most people. IT isn’t necessarily bots. Many times, it can be your own customers.
Friendly fire fraud can happen in a couple of ways. First, it can be the result of excessive comparison shopping. You may know the domain and address of your website, but your potential customers don’t. They may be searching dozens of ads and they will click on yours, then perhaps go to a competitor’s site and check the price or features there and then click your ad again, forgetting that they were just on your website a few minutes or hours earlier. And this won’t necessarily happen only once. It may happen again and again. This is one of the main reasons PPCSecure allows you to have a set number of clicks you will allow before displaying a friendly warning message to your potential customer, asking them to kindly bookmark your page for future use instead of clicking your ad.
The second kind of friendly fire click fraud is most commonly seen inside apps, videos, and display/content network pages. It happens when someone accidentally clicks your ads. Many times, even though the click itself was not intentional, the cause of the click is. Many website owners and app developers who rely on advertising revenue to fund their operations will purposefully place ads very close to other popular website features. A good example would be an ad that appears at the bottom of a downloadable game or app which is close to the controls for the app. Another example would be an ad which is located directly adjacent to the scroll bar. The worst kind, however, is a link to an ad which looks like the feature or button the client was looking for. You can see this on certain software download websites. There will be a big green button that says download now but then another button lower down which has a similar function but a slightly different look or name.
Funny story…we actually received an email from a concerned parent a few weeks ago because their child clicked an in-app ad too many times and saw a PPCSecure warning message. This caused the child to confess to the parent and the parent contacted PPCSecure to let us know about the excessive clicking. The good news is that our warning worked as designed. The clicking stopped. Because our client used PPCSecure click fraud monitoring, they saved at least a few bucks on bad clicks. I can only imagine how much less careful that child might have been or how many more times they may have clicked our client’s ad had we not intervened.
Click fraud can happen at any time. And it’s not always a robot or a rival. Sometimes, it is innocuous or from an unexpected source and the only way to stop it is to monitor, detect, warn and then block. We can help you do all of the above.
While watching the President’s recent State of the Union address, we got to thinking, why not do something similar in regards to the state of click fraud in 2018. As a leader in monitoring and prevention, perhaps we could offer a summary of where things stand that would be helpful to our many customers around the world. So, here goes…we proudly present PPCSecure’s unofficial “2018 State of Click Fraud” address:
No matter the President, when giving their address, they will typically start out by saying something similar to “The state of the union is STRONG” or “The state of the union is GOOD”.
Well, unfortunately for our friends reading this who engage in online advertising, the state of digital media fraud in 2018 is not so good. We’ve been providing click fraud monitoring for almost 10 years now and honestly, the situation has not changed much overall. As a percentage of total clicks, the amount of clicks which are fraudulent is still between 16 and 27% for most advertisers, virtually unchanged from ten years ago. Invalid clicks are still costing businesses between $10 and $20 billion dollars per year, depending on whose statistics you believe. And the worst industries for click fraud are still the worst (we’re looking at you, locksmiths and plumbers). Competing businesses still click on each other in hopes it will eat up their competitor’s daily budget, and bots still roam the web seeking for targets to exploit.
What has changed is the TYPE of click fraud that is most prevalent. The search engines do a much better job than they used to in detecting and stopping the most obvious forms of click fraud (such as 20 clicks in a row from a single IP address on a device being controlled by a human targeting a single ad over a 2 minute period). These simpler types of fraud have been reduced significantly in the last five or six years.
Many people will see this development and say “bravo”. And certainly, the search engines should be applauded for their efforts. But let’s not kid ourselves on their motivations. Fixing this problem is just good business. Imagine a world where the majority of clicks are fake. We’re relatively certain the major search players have sat around a board room table and discussed that very real concern. And they know that their bread is buttered by advertisers who need to feel SAFE when they hand over their ad budgets. Advertisers who believe their money is being wasted on fake clicks are going to naturally seek greener pastures. So, it is incumbent on the search engines to ensure click fraud is monitored and kept at a reasonable level.
With that said, click fraud detection is still key because although certian loopholes have been closed, other ones are now being exploited. Invalid clicking has become more sophisticated in the past few years, which has provided new challenges for the industry. Excessive clicking used to be mostly “friendly fire” and “competitor driven” which is frankly, easier to identify and stop. But, today, we are seeing more bot-driven fraud, especially in display network advertising. This is because the owners of websites where your ad is displayed earn a profit for each click. And some people will go to great lengths to artificially inflate their click numbers. Bots are a good way of doing this.
Another new and concerning development is competitors using VPNs and proxies to hide themselves and click each other’s ads. This is problematic because it makes it much harder to block a single IP or group of IPs and it also increases the difficulty of locating the offender geographically. PPCsecure was on the forefront of building a solution to deal with this type of click fraud by introducing “device ID tracking” a few years ago. We can many times track a device even if they switch IPs, delete their cookies and cloak themselves.
The third major factor for why click fraud continues to remain steady and may even be growing despite the efforts of advertisers, search engines, and third party firms like PPCSecure, is the increasing amount of users on the internet, especially from emerging countries. In 2002, most internet traffic (and ad clicks) were confined to the U.S., Europe and a few pockets in first-world industrialized nations among a few hundred million relatively wealthy users. But today, there are literally billions more people connected (and clicking ads) compared to ten years ago. And many of them hale from poor or emerging countries where there are no laws set up to deal with online crime and there is little in the way of concern regarding malicious online behavior. This is why we always recommend strictly geo-targeting your advertisements. If you are selling widgets in Kansas City, USA, and suddenly see clicks coming from Nigeria and India, you may need to be concerned.
One final type of fraud that is not new but has changed forms slightly is “friendly fire”. With the advent of so many small touch screen devices over the past decade, it is easier than ever for people to accidentally click your ads. This is why monitoring time on site and conversion rates is so important in 2018. If your ads are being shown within apps, videos, or games, for instance, you may have significant problems with this type of invalid clicking and not even know it. PPCSecure offers a solution to this by allowing you to monitor how much time each user spends on your site. By monitoring this, you can plainly see which clicks fall into this category.
In summary, the state of click fraud in 2018 is that it is more well controlled, but still growing, because even though certain types have been curtailed, others have emerged. The criminals are always one step ahead of the law and the technology, because they have a vested interest in doing so. And with more people connected to the Internet than ever before, the amount of fraud should not be surprising. So, if you are expecting the situation to improve heading into 2019 or 2020, you may be sorely disappointed.
And this is why solutions like PPCSecure still exist and are still so important in the overall fight against digital advertising fraud. Monitoring is still key. Actively blocking IPs that are doing the most damage is still the smart choice. Don’t leave yourself unprotected.
Most online advertisers aren’t aware their campaigns are under constant assault. Statistics show that as many as 1/3 of your clicks could be invalid. But who is behind all of these fake and nefarious clicks? There are many types of invalid clicking which occur, but the most common types can be broken down into a few main categories: Competitor-driven click fraud, Friendly-fire, and bot attacks. Today, we will focus specifically on the first category.
Type One: Competitors Clicking Your Ads
This is by far the most well known (although not necessarily the most common) type of assault on your campaigns. And so it comes as no surprise that the vast majority of our clients are specifically interested in stopping what they perceive as an attack by a competing business on their ads.
Every business has a key rival. And when your online ad bill suddenly soars, you might immediately imagine your main business rival sitting at computer terminal mercilessly reloading Google again and again, draining your daily budget. You see red. You think of ways to retaliate. And then you look for ways to stop it (Hint, hint: PPCSecure).
The biggest issue is just how easy and risk-free click fraud remains in 2018. If someone stole $100 from your business’ cash register, you’d call the police and they’d go to jail. But what if someone clicked your ads causing $100 in fees to accrue to your AdWords account? Same amount of damage, but the perpetrator faces almost no consequences. Not to mention how convenient it is. In the first example, they’d need elaborate planning for the robbery and getaway, they’d have to visit your place of business, and then hope they don’t get caught. But in the second example, little-to-no planning is required, they can do it from the convenience of their couch or office chair, and who is going to stop them?
But the other question we often get asked is WHY? Why would a competitor even bother to click your ads constantly? The answer is two-fold. First, every dollar that gets drained from your marketing budget is one less dollar of profit for you. Second, they are hoping to cause your ads to stop showing. If you ads are online 24/7, but most of your customers search between 8am and 4pm, all your competitor needs to do is click your ads enough prior to 8am that your budget it exhausted and your ads do not show for the rest of the day.
So, what can be done about all of this? Here are some free and easy strategies you can use right now:
1. We recommend that you strictly geo-target your ads to only the exact areas you serve.
2. Show ads more evenly throughout the day as opposed to serving them up as quickly as possible (this is an AdWords setting).
3. You should strictly limit the hours your ads are shown.
4. Use click fraud software such as PPCSecure to monitor your ads and automatically block bad IPs.