Click Fraud Crap

Posted by

I keep seeing a new story every day about how the paid search placement is UBER F00ked because of all this click fraud…. Whatever…. I am pretty newb to this whole ppc game. I just started about jan/feb of this year but I learned very quickly how to generate my own fraud reports and submit them to the ppc engines. Every-time I have been refunded for the fraudulent clicks.

What do I do ? Its not really rocket science… I take a hash of the users ip and browser agent and store that into a database along with the timestamp they clicked. Then at the end of the month I generate the report of duplicate hashes over X amount (sometimes this is 10k or more duplicate/fraud clicks). I then send a summary report to all the ppc engines respectively and attached is a complete log.

I think GOOGLE/YAHOO/MSN CLICK FRAUD sells a lot of papers and it might be going on but they do everything in there power to stop it and also refund you. As long as you provide them with the information.

I know many of you are probably thinking well SURE WE DO ALL THE WORK FOR THEM…. well that is a good point and I dont really have a answer for that. Perhaps someday we could get the big 3 PPC engines to work together on a single reporting standard for fraud clicks where we all can just submit our reports the way they want them.

41 thoughts on “Click Fraud Crap

  1. graywolf

    So if they are willing to give you the refund that must mean they are able to verify and agree with your findings … which begs the question why haven’t they put a similar solution in place …

  2. Hone Watson

    Well I think its pretty obvious why they haven’t put a similar solution in place.

    So Shoe… could you elaborate on your click fraud report system? I’d be willing to pay for your click fraud report system and I bet plenty of other people would too.

    I’ve tried submitting various click fraud reports of my own but so far it hasn’t worked.

  3. ShoeMoney

    ppc has been around since the 90’s as I said in my post I have only been doing it since jan/feb and only spending a decent amount since the 40,000$ experiment last spring

  4. ShoeMoney

    I would make a free webbased tool but then people would have to upload there apache logs and I dont think people would want to do that and also those logs are way to big

  5. mad4

    Is somebody clicking the same advert twice click fraud? How long would the period between clicks have to be for the clicks not to be deemed fraudulent?

  6. SEOEgghead


    What we don’t know is how many of the clicks were refunded even before the report. Can you give us a before/after #, or a percentage discount? I totally believe that you’ve gotten 10k garbage clicks. But if you actually got charged for more than 30-40 of them, I’d be extremely scared.

    Your method will also filter out some legit clicks. But who cares? I’ll implement this right away. Let _them_ prove that more than 10 clicks a month from an IP/UA combo is legit.

    This is just a way to keep Google on their toes. Even if they don’t agree with this simple heuristic for finding fraudulent clicks, you’ll get a discount regardless.

    Brilliant idea Shoe.


  7. Mykel79

    So Shoe, you have to keep a month’s worth of logs so you can submit them to the search engines if needed? How many terabytes does THAT take up?:)

  8. Art

    Wow, just wow. I’ve been puzzling over the past few days about the perfect solution to minimizing loss from clickfraud. So after reading your post I was inspired enough to write a tool to analyze old Apache logs for multiple G/Y/M clicks from the same IP addresses to cover clickfraud from the past. Funnily enough, there were massive amounts of clicks from user agents like “Playstation Portable” :S

    Now I’m working on a similar DB/monthly report implementation to monitor things from now on in.

    Cheers for the great ideas Shoe! That post came at the PERFECT time I was musing over ideas.

  9. Bulbboy

    Good to know that they refund the money.
    I’ve seen a few people write that they think G just keeps the money to line its own pockets.
    I guess the respond favourably to someone informing them in a logical and ordered fashion.

  10. Brian Turner

    Sounds like you’ve got a valuable set of business tools in a market increasingly demanding them. :)

    If you didn’t want to distribute them yourself I wouldn’t be surprised if some of the PPC management companies would love to licence that sort of project from you.

    Also, apologies for the typo on MySpace – Show=Shoe. Late night. :)

  11. brandomir

    What are you constituting as a fraudulent click Shoe?

    – How many clicks from the same IP do you tolerate?
    – What if an IP just clicks on 1 or 2 different keywords, that is fairly legit no?

    Also…question for Art.

    Art, can you talk a bit more about why user agent is important? Do you think fraudsters are using things like PSP to generate the clicks thinking they will go unnoticed? Or, could’t those clicks in fact be legit?


  12. Ken Savage

    I drop a few modest $1000’s a month on ppc and would benefit greatly on something I can host myself to prevent or even find click fraud on my own sites. I would appreciate any help with your solution Jeremy or anyone else’s.

  13. ShoeMoney

    I do a hash of the browser + ip so that its a little more acurate then just doing ips (incase of proxies) then anything over the threashhold (currently 750 per month) I spit out on a report.

  14. ShoeMoney

    I do not submit them but I do make them web accessable user/password protected. Yahoo is the only company I have ever seen actually download them. MSN and Google just refund.

  15. ShoeMoney

    Hi –

    I answerd this from someone else above –

    I do a hash of the browser + ip so that its a little more acurate then just doing ips (incase of proxies) then anything over the threashhold (currently 750 per month) I spit out on a report.

  16. ROIGuy


    It sounds like you have a decent method for identifying potentially duplicate clicks from your logs. I am curious how much you actually generated in refunds from that list.

    Your approach does not begin to address the issue of invalid click network an other scams.

    I always tell my clients to avoid content matching and syndicated search networks, because the ROI is generally much lower. Yahoo’s “relevancy problem” for their CPC ads it really a result of the inability to prevent you ad from displaying throughout their distribution channel.

  17. Pingback: Click Fraud Claims and Dismissals at Niche Web Marketing and Viral Concepts by Tony Rocks

  18. Grant

    How do you submit them to google? Do you have a personal rep or do you just email them through the feedback link on the adwords page?

  19. Jeremy Palmer

    The conspiratorial side of me thinks in small part the media is motivated to write about click fraud to push advertisers back to their own dying advertising models. I agree with your thoughts – click fraud is over hyped. Sure it’s a problem, but it can be managed.

    What are your thoughts on botnets? Multiple PC’s infected with a click virus hitting your website from thousands of IP’s would be hard to detect with a simple hash.

  20. Andrew Johnson

    If you guys are lazy just try a hosted solution like adwatcher.

    I don’t think clickfraud is a serious problem with G/Y/MSN. All of these stories involve people who aren’t paying any attention to their logs and then all of the sudden figure out something isn’t right. Its the third tier engines where the fraud is a problem. Unfortunately for the clickfraud consultants, no one cares if they start talking about site no one has ever heard of.

  21. abeals

    Stupid question of the day . . .

    Define Hash: when you say you take a hash of their IP and browser.

  22. Art

    I was thinking that, but then the proxy clickers can be modified to have a random User Agent each time they click, giving wildy varying hashes.

  23. Stuart

    Shoe –

    The click fraud detection you are using will catch the obvious stuff, which, for the most part, engines are getting better at catching. It won’t, however, do any good against the more sophisticated bot-based programs that use 1000’s of compromised PC’s to generate fraudulent clicks against networks of MFA sites. Google “clickbot.a” or “KMeth Worm” for more. These approaches will use multiple IP’s to generate clicks from different systems with different browser names. Impossible to detect. You will only see declining conversion. Simple answer? Watch contextual ads carefully or avoid them altogether and stick with mainline search.

  24. Pingback: » From - Click Fraud Crap - Best AdSense News

  25. Pingback: Subscribe! » Names@Work » Blog Archive

  26. Sam

    I read your article and it looks very interesting, it never crossed my mind that google will actually accept an individuals complain and agree for retribution.

    I want to pursue this matter now, and I was wondering whether you can provide me with a little more details about the technical aspects of the report submission.

    1. At what point do you consider a clicker as fraud, how many times does he have to click to be considered fraud.

    2. Considering a certain threshold has been establish, do you include any click to any keyword, or only if its repeating within the same keyword.

    3. What amount do you request back, avg cost of that keyword for that timeframe?

    4. And last but not least, what about non aggressive clickers, lets say a particular user clicked 5 times, would you request back 4 out of the 5?

    Your response, and hands on experience on this matter will be greatly appreciated, and I’m looking forward to share your expertise on this matter.

  27. John

    PPC advertise would get traffic or not but affilates and ppc service owner will make money by fraud example google adsense they are billionaires.

Comments are closed.