Foiling the Click Fraudsters
I've been promising to address the issue of click fraud, and I'm spurred to do so by an article in today's New York Times on the topic. I don't suppose this entry will be the final word on the topic (meaning that you can expect more from me on it) but I'd like to start with the following issues: What is click fraud? Who is harmed by click fraud? What are the motivations behind click fraud? How easy is it to commit click fraud? What is the current state of the art in click fraud prevention and detection? How big a problem is click fraud? Note: I am limiting this discussion to Google, but it applies equally well to all purveyors of contextual pay-for-click ads.
1. What is click fraud?
Click fraud is intentionally following a pay-for-click link in order to gain financial benefit while having no real interest in the good or service advertised in the pay-for-click link. Specifically, Google AdSense policies forbid site owners from clicking AdSense ads on their own sites.
2. Who is harmed by click fraud?
The biggest losers are AdWords advertisers. If advertisers pay for fraudulent clicks, then they are overpaying for contextual ads. To the extent that click fraud is widespread, or perceived of as widespread, then it creates a problem for the entire pay-for-click contextual ad industry and content providers on the Internet that depend on this industry for their revenue stream.
3. What motivates click fraud?
I can think of three click-fraud motivations. I've already mentioned that it is a potential way for site owners to increase their revenues. Second, a malicious competitor might attempt to "stick it" to a competitor by engaging in fraudulently clicking the competitor's ads. The final motivation is the same as the motivation of the poor lost souls who write viruses: because it is there and a challenge and naughty.
4. How easy is it to commit click fraud?
Very easy on a small scale and almost impossible to do without detection on a large scale. If a site owner clicks a few times on the ads on their own pages from an IP that is different from the one used to register with AdSense, and deletes cookies from the browser following each pay-for-click click, it is impossible to detect. If the site owner's friends around the world each click an ad on the site once a day, no one will ever be the wiser. (Who knows? These people might end up buying something from the links they click through while they are at it.) There are also (unconfirmed) reports of distributed networks of users in India and China committing this kind click fraud campaign on behalf of clients.
However, any massive click fraud campaign -- say 100 clicks or more on the same ad -- whether automated or manual is certainly statistically detectable.
5. How is click fraud prevented and/or detected?
Click fraud prevention systems typically place their own cookies on a users system when the user clicks through, and then tracks the user, issuing discouraging messages to repeat clickers, and possibly denying access to the destination site. This approach has some drawbacks, however, as it may discourage legitimate prospects, and may be defeated by deleting cookies.
Detection of fraud is a statistical matter, and Google (and the other pay-for-click vendors) are close-mouthed about how they analyse the data (for obvious reasons). This link from SEO Website Marketing should give you an idea of the raw ingredients that go into a statistical hunt for click fraud.
While Google and the other major companies do put great effort into foiling click fraudsters, if you spend any kind of money using AdWords, you need to monitor for click fraud yourself. This link, also from SEO Web Marketing, gives you some idea of the kinds of things you should look for in your Web Server logs and analysis software. An industry has sprung up around helping AdWords customers detect click fraud; you can find many of the players by searching for "click fraud" in Google. One issue: a pay-for-click vendor like Google is the court of last resort if click fraud is alleged, and some advertisers have been less than overwhelmed by their responsiveness to allegations (e.g., they don't happily give refunds). Ultimately, to address this problem, the industry may need a click fraud referree.
6. How big a problem is click fraud?
A good question. One recent study by the Search Engine Marketing Professional Organization (SEMPO), a trade association showed only 6% of all segments of advertisers thought it was "a significant problem we are tracking." (In contrast, 31% either had not heard of it or were not worried.) As reported in the study, marketers felt that search spam is a much bigger problem, and I think this is right. I continue to believe that click fraud is an issue like retail "spoilage": it is a cost of doing business on a small scale (and some small scale perps are converted to customers), and detectable on a big scale.
Posted by Harold Davis at March 3, 2005 12:44 PM
