You might have heard / read about Facebook or Google ads not giving the full returns on the ad spend. There are fake likes from the different parts of the world which is hurting advertisers (businesses) as much as Facebook / Google.
Click Fraud can be Manual or Automatic. Also, there could be 2 motivations for click fraud – someone aiming to deplete the ad budget or someone trying to increase their revenue share. Based on the source of fraud, the mechanisms for Detection, Prevention and Containment are to be identified.
The various sources of click fraud attacks are:
- Manual clicks
- Click farms (people hired to click on ads)
- Click bots
So how to manage the click frauds?
To answer the question, the first thing is to understand the anatomy of click. As depicted in the snapshot below, there are 5 key milestones in the ad click-process [Ref. “ViceROI: Catching Click-Spam in Search Ad Networks”].
The second step is to understand whether the click is from Human or a Bot. There are many ways to find out the answer – Browser Type, Mouse click positions, IP, Bounce rate etc. The sure shot way is to check the useragent (browser) – bots have empty useragent.
Once the source is identified, companies take the following approaches to contain them:
- Proactive: Statistical analysis of the clicks to proactively contain fraudulent clicks
- Algorithmic, rule based route to automatically track fraudulent ad clicks
- Manual verification for exceptions.
So Google / Facebook might be using Statistical Analysis and filters based on following parameters to identify the fraud clicks:
- Location: Identify the location from where the clicks are coming. There could be a pattern.
- Click Through Rate: If the number of clicks are high and CTR is below average, we need to do a deep dive to check the source.
- Referral traffic: What is the source website of the traffic
- Cookies: Check the cookies set on the system.
- IP Address: Check the IP Address source. Validate it against the White and Black Lists.
- Clicks: Check whether there are random clicks
- Time on site: How much time is spent on a particular site (what is the Bounce Rate). Are there any return visits, how often were they?
- Behavior: What is the behavior of clicks / visits – Are there daily revisits from same IP? Are the visits made during specific hours of the day?
Use of Botnets and ClickBots
Fraudsters are leveraging Botnets and ClickBots to automate the fraudulent click process. Bot operators provide Bots-on-hire or Fraud-As-A-Service for programmers to leverage the existing C&C module. To further understand the anatomy of a Clickbot, refer to this very interesting paper by Neil Daswani – The Anatomy of Clickbot.A (https://www.usenix.org/legacy/event/hotbots07/tech/full_papers/daswani/daswani.pdf)
Even though ad-networks do their best to create these walls to stop fraudulent clicks, bringing in complete transparency in clicks might be tough due to interests of different parties involved.