The biggest flaw in PPC advertising programs is that they're susceptible to a form of fraud known as click fraud that harms the advertisers, the advertising services, and the sites hosting the ads. This article explains what click fraud is and what you can do to protect yourself from its effects.
Three Kinds of Click Fraud
Broadly speaking, click fraud occurs when someone deliberately clicks a pay-per-click ad with no intention of actually visiting the advertiser's site. There are three common kinds of click fraud:
- Enriching click fraud. Most click fraud is an attempt to make money for the person or persons committing the fraud. They create web sites, join a PPC service like AdSense, and then proceed to click the ads (often through intermediaries or automated means) in order to increase their earnings.
- Depleting click fraud. Sometimes click fraud aims merely to deplete an advertiser's ad budget. Because an advertiser pays each time an ad is clicked, competitors or even disgruntled customers may click the ads solely to cost the advertiser money.
- Disbarring click fraud. On rare occasions, click fraud is directed against the site hosting advertisements and not the advertisers themselves, though it still causes grief for the advertisers. This is done in order to get the site banned (disbarred) from the advertising service due to invalid clicks.
The click fraud type rarely matters to the advertisers, though, since they lose real money with each undetected fraudulent click. Advertising services also care about click fraud: While they may make money from click fraud in the short term, they stand to lose out in the long term if advertisers abandon it due to rampant click fraud.
Site owners, on the other hand, may or may not care about click fraud, especially if they're the ones instigating or committing the fraud in the first place.
Who Commits Click Fraud?
Sometimes click fraud is perpetrated by well-meaning persons, such as friends and family. This is why programs like AdSense have rules forbidding web sites from drawing undue attention to the ads. Some sites outright ask visitors to click ads as a show of support, but such sites risk being banned from their ad program for failing to comply with the program's rules.
Large-scale click fraud is a bigger problem. Defrauders (often referred to as fraudsters) literally hire people, often in a foreign country with cheap labor, to click ads. Or they use networks of zombie computers (computers controlled remotely by unauthorized parties due to virus or spyware infection) to click the ads.
Detecting and Preventing Click Fraud
Click fraud prevention is obviously a concern for advertisers, who can now buy software for detecting possible click fraud. It's also an area of ongoing research for the advertising services themselves, who see widespread click fraud as a threat to their advertising revenues. (In a widely reported story, Google's chief financial officer called click fraud a threat to Google's financial health.)
Although most of the burden for detecting and preventing click fraud falls on the advertisers and the advertising services, web site owners can also take steps such as these to combat click fraud:
- Not encouraging or enticing visitors to click ads. Asking visitors to click ads or otherwise unduly drawing attention to the ads is against the advertising service's terms and conditions.
- Carefully monitoring ad clicks. Pay attention to sudden increases in the number of clicks, especially when the ratio of clicks to page impressions (usually referred to as the clickthrough ratio) also climbs.
- Logging server activity. If possible, keep detailed logs of all the pages requested by browsers. Capture not only the time and IP address of a request but other information such as the referring page and the type of browser, easily obtained from standard HTTP headers included with each request.
- Proactively reporting suspicious activity. If you suspect click fraud, immediately report those suspicions to the advertising service. Provide as much information as possible, including extracts from your server logs if necessary.
- Removing ads from certain pages. Sometimes click fraud occurs on only a few pages of a site, especially with depleting click fraud targeted at certain advertisers. Temporarily or permanently removing ads from those pages can protect you from being a party to that fraud, although it will unfortunately reduce your advertising revenues. If you can figure out which ads are being targeted—this usually requires guesswork on your part—you may also be able to get the advertising service to filter out the ads in question.
Constant and open communication with the advertising service is your biggest defense in the war against click fraud. Ultimately, it's the advertising service that determines whether click fraud has occurred and what the consequences are for the site(s) involved. Google has been known to arbitrarily suspend sites from its advertising program for failing to do anything about click fraud, even if those sites didn't actually instigate the fraud.
The truth is that pay-per-click advertising will always be susceptible to some form of click fraud, no matter how sophisticated click fraud detection becomes. The key for Google and other advertising services to be successful with the pay-per-click model in the long term is to minimize the amount of click fraud that occurs. As a web site owner benefiting from the PPC model, you should do your utmost to help the services avoid click fraud.
