Suppose that your small business uses pay-per-click advertising as some part of your marketing strategy. But your click advertising budget has begun to disappear at an alarming rate with no noticeable return. Could you be a victim of click fraud?
Fighting click fraud takes some appreciation of what’s going on. It occurs in two basic ways: publisher, or network fraud, and competitor fraud. There are many variations within those categories, and the latter has lately taken a particularly nasty turn with the apparent involvement of Russian organized crime. Whatever the particular flavor of the offense, though, small businesses have four basic ways to fight back.
Publisher Click Fraud
Once upon a time, webmasters and bloggers discovered an additional source of revenue in posting advertising links. Business-minded moms could monetize a family news blog with links to children’s clothing sites. The clothing business paid a miniscule amount per click to increase exposure through a network of potential customers. Friends and family of the blogger might click on the ads just to help her out and with no interest in the product, but the fraud was small-time and arguably worth the risk to the advertising company.
Then the industry grew to support middlemen, including Google and Yahoo! Search Marketing. The networks collect a fee per click from the business that wants to advertise, take a share, and pay the publisher or website owner the remaining portion.
A system with many layers becomes ripe for less innocent and potentially much more expensive cybercrime. Scammers may simply sign up with the middlemen, post the links on traffic-less websites, and have online robots or poorly paid employees click furiously away, billing the underlying business for every fraudulent click.
Competitor Click Fraud
This is yet another, more malicious variation, in which competitors try to drain their rivals’ advertising budgets by constantly clicking their ads. When the budget runs out, the ads come down. With the competitors’ ads down, space opens for the perpetrator’s own marketing. It can be cheap and quick with automated script, bots or computer programs.
More outrageous still, at least since 2012, competitors can openly subscribe to a click fraud service from GoodGoogle, an established fraud on Russian-language crime forums (and no relation to Google). For $100 an unscrupulous business can block between three to ten ad units for 24 hours, or for $80, 15 to 30 ad units. For a flat fee of $1,000, small businesses can sideline a handful of competitors’ ads indefinitely. The seller even offers support and a warranty for the first three weeks.
Tell-Tale Signs of Click Fraud
As with many insidious conditions, the first sign is generally a sudden change. Look for clues such as:
- Many clicks from the same IP address,
- Activity that is uncharacteristic for the ad — either sudden dramatic changes or fluctuations in click counts,
- Significant click count differences between very similar terms,
- Clicks from parts of the world where business is not done and
- Unusually high click activity on expensive key words.
Protecting Your Business from Click Fraud
Click fraud can be difficult to identify because it involves knowing the identity and intention of the clicker. An argument about fraudulent activity usually has to be constructed through an analysis of patterns that might indicate motive. Competitor click fraud using GoodGoogle may be a particularly thorny issue. Nonetheless, there are four things you can do to protect your business.
The first step, obviously, is to independently monitor your pay-per-click traffic and results, so that you can detect changes.
Several years ago Google, Yahoo and a number of other intermediaries were sued for failing to prevent click fraud. Even if your business has not budgeted for litigation against an internet behemoth, you may be able to negotiate with them. The second step, then, is to review the terms of your advertising agreement, with particular attention to language requiring you to pay for “actual” or “valid” clicks, since that implies that you need not pay for fraudulent ones. Try to negotiate a customized definition of what constitutes a “click.” This would be a good time to involve your business attorney.
The third step is to raise any suspicious activity with your search engine. They will often write off some of the costs, although likely not all. Perhaps in the aftermath of the earlier suits, they have also become more vigilant in detecting and shutting down click fraud through their own internal security measures. Both customer and provider should benefit from continued customer input about suspicious activity.
Finally, your business may want to consider third party security options. Various companies specialize in detecting, documenting, and preventing click fraud for advertisers. Others have produced software designed to do the same. These companies use a variety of techniques, including analysis of a company’s blogs for suspicious patterns, and placement of small files such as cookies on an ad visitor’s computer that provides useful information for identifying suspicious clicks.
A little self-help may go a long way in deterring fraud, as it did in 2004, when Scott Hendison, owner of a Web-based insurance-consulting firm, fired off a message to an identified click fraudster that began with the words, “Stop, you weasel! I know who you are and have reported you to the proper authorities.” Problem immediately solved.
Pay-per-click advertising can be a huge boon to small businesses trying to maximize the impact of smaller advertising budgets. As with all things internet, however, paying attention to security is essential. If you monitor your click traffic, try to negotiate or at least understand your advertising agreement, raise suspicions of fraud with your search engine and buy as much third-party security as your budget will allow, it can be a great tool for growing your market.
