5 Most Common Types of Ad Fraud Affecting PPC Campaigns

Originally published: March 19, 2022 11:07:14 AM, updated: November 19, 2022 12:00:00 AM

PPC advertising can be challenging to get right at the best of times, but this becomes impossible if your campaign is subjected to ad fraud. Unfortunately, ad fraud is a growing problem for marketers and advertisers.

A 2020 study by economists at the University of Baltimore found that a staggering 1 in 10 ad-clicks across all eCommerce campaigns are fraudulent. The study predicted that click fraud would cost online retailers $3.8 billion by the end of 2020. Also indicating that click fraud spend - across all paid channels and social media - would rise to $23.7 billion

This article will explain what ad fraud is, the different main types affecting PPC campaigns, how to notice it, and what you can do about it.

What is ad fraud?

Ad Fraud, also known as Click Fraud or PPC Fraud, is a type of fraud in pay-per-click (PPC) advertising. Ad Fraud involves the practice of fraudulently representing online advert impressions, clicks, conversion, or data events to generate revenue. It usually occurs when a person, automated script, or computer program imitates a legitimate web browser user, clicking on such an ad without having actual interest in the target of the ad's link. This results in the ad's owner wasting money paying for an unproductive click.

Ad Fraud can be seen in all types of PPC campaigns, from banner ads, video ads, and in-app ads to search advertising through Google Ads. It is usually caused by one of the following parties:

• Competitors trying to sabotage similar companies by driving up PPC advertising costs with unproductive clicks,
• Ad publishers click on their ads to generate more revenue for themselves.

How does ad fraud usually occur?

Automated clicks from bad bots

There are real reasons for using bots, like collecting data and enhancing user experience, but growing use of 'bad bots' has been reported. In 2018, bots accounted for 40% of all online traffic, with bad bots making up over 20% of that and having grown by over 6% since 2017.

These bad bots are used to deplete ad budgets and increase the costs of PPC campaigns. They imitate human behavior and carry out repetitive tasks incredibly quickly, such as initiating clicks on advertisements across all types of PPC campaigns. With so much money wasted and fake results reported, they can soon make it impossible to manage a profitable campaign.

Employing click farms

Click farms are a more manual approach to achieving similar results to bad bots. They are simply a team of people employed to manually click on PPC ads with zero intention of reading the web page or making a purchase in their most basic form. They are usually in countries with cheap labor and fewer regulations regarding ad fraud like China, India, and the Philippines.

Click spamming on apps

Image source: Mfaas

Click spamming, also referred to as organics poaching and click flooding, occurs when fraudsters execute clicks on ads by hijacking real users when they open a mobile webpage or app. It occurs when:

• The user downloads an app infected with malware to their device.
• Code built into the app creates clicks on ads or allows an external device to click within the app on the users' device.
• These spam ad clicks are assigned to the developer or click spammer who profits from ad clicks, unrelated downloads from the app store, or in-app purchases.

The malware is often built into ads set to run in the background on devices so that they can be click spamming almost constantly. They can defraud marketers, drive up ad spend, and distort analytics data making specific platforms look way more effective than they are.

The fraudsters can create spam clicks through the following methods while the user remains completely unaware:

• Performing fake clicks in the background on existing ads.
• Click on invisible ads operating in the background.
• Send clicks from a user's device to random vendors and receive a payout for the referrals.

Hiding the origins of click-through geomasking

Image source: Brid

Advertisers will often assign different budgets to their PPC campaigns depending on the geographical locations they are targeting—for example, a local business targeting users in the surrounding area. Geomasking is a technique that fraudsters use to hide the actual geographical location of the ad clicks they are generating.

Fraudsters can create fake IP addresses, using VPNs to trick advertisers into thinking that their fake clicks are more valuable than they are. This results in payouts for fraudulent clicks. They also hide their actual locations, so it is harder to spot their fraudulent traffic through analysis.

Traffic from data centers and hosting providers

Data centers and hosting providers are equipped with the perfect tech for ad fraud. Their high-bandwidth networks, hardware, and anonymity mean they can be easily used to disguise fraud and launch malware or automated software like bad bots. Fraudsters have used hundreds of servers in cloud data centers to run browsers and emulators to generate vast amounts of mobile and desktop traffic.

How can marketers spot ad fraud?

Fortunately, through Google Analytics, you can recognize traffic from fraudulent clicks by looking at sudden changes in metrics like the following:

• Bounce Rates and Average Session Duration: A significant increase in bounce rates or a drastic decrease in Average Session Duration implies people visit your web pages and leave soon after. If a rise in PPC clicks accompanies this, it could easily indicate the work of bad bots or click farms.
• Page Views: A sudden massive spike in page views for those pages targeted by your PPC ads is an excellent way to spot fraud, especially when combined with impressive stats in other metrics and low conversion rates.
• Page Load Times: Malware, bad bots, and other fraudulent software can increase page load times when hijacking your site.

Keep in mind that it is uncommon to see a sudden, drastic uptake in typical PPC campaigns. So, if the clicks seem too high, then there is likely to be something wrong with your campaign.

Additionally, you can take several steps to help eliminate ad fraud in your PPC campaigns. You can use free and paid tools to block spam and other steps you can take on PPC platforms like Google Ads. In Google Ads, you can:

• Block high-traffic IP addresses you believe to be fraudulent,
• Configure their targeting to eliminate traffic from locations that could be home to click farms,
• Use the Google Display Network remarketing campaigns to display ads only to visitors who have visited the advertiser's website and expressed a real interest in the ads.

When done carefully and correctly, PPC advertising can provide an outstanding ROI for all types of businesses. Although fraudsters will always be in operation, the most extensive PPC networks like Google Ads have the expert knowledge, resources, and experience to combat crime. Their continual work to promote honest, productive clicks makes it less likely for you to blow your budget on fraud. Through carefully monitoring your campaign and website analytics, you can get your campaigns working for you.