Click Fraud Blog
How to Spot Publisher Click Fraud
November 27th, 2007
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
In a previous post I gave a definition of publisher click fraud. I would like to expand upon this to give details on how to spot publisher click fraud from Google’s Adsense programme.
Capturing the Metrics
Every click from the content network comes complete with some very valuable information which helps catch the fraudster. This is called the referrer information. To get this information you will need access to an analytic package such as ClickTracks or be able to download your raw web server access logs.
When analysing the data, you should look for a string such as the one shown below.
http://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-0558200840132548&dt=1172774004749&lmt=1188167485&prev_fmts=468×60_as&;format=728×90_as&output=html&correlator=1172774004398&url=http%3A%2F%2Fwww.aminarts.com%2Faug_17_07.htm&color_bg=FFFFFF&colo
This may seem to be so much gibberish, but when it is parsed into more manageable chunks it is far easier to read.
http://pagead2.googlesyndication.com/pagead/ads
client=ca-pub-0558200840132548
&dt=1172774004749
&lmt=1188167485
&prev_fmts=468×60_as
&;format=728×90_as
&output=html
&correlator=1172774004398
&url=http%3A%2F%2Fwww.aminarts.com%2Faug_17_07.htm
&color_bg=FFFFFF&colo
Analyse the Metrics
When we break this down we see the unique publisher ID in the client section e.g ca-pub-0558200840132548 , and further down we can see the URL on which the advert was published. In this case the offending site was www.aminarts.com Please note this is data from a real click fraud attack. Full details of hte incident can be read on Click Fraud- A Story of Intrigue.
So we have the data, we know how to decipher the referrer string. It is now time to try and spot patterns in the data. The first stage is to spot repeated clicks from the same client publisher. This is of course not fraudulent clicks, rather it is the desired action from the content network. We need to correlate this data with repeated clicking from the same source. This is done by capturing the IP address.
The above may seem complicated, but it is relatively easy to do using excel, download your log file and import it into a spreadsheet. I will cover how to do this in a future post, please subscribe via RSS to get updates on future posts. The alternative is to subscribe to a click fraud software solution, these will spot multiple clicks from publishers for your automatically,check the review section of this site for information on the various solutions available.
At this point we have captured repeated clicks from one source address against one publisher, what does an Adwords user do next? Firstly supply the data to Google for a refund, please refer to my article Getting A Refund from Your PPC supplier for details on this. Next I would blocking my ads from thsi site. Consider if this site is giving you any return on your investment, if not, simply exclude the site using hte tools on your adwords account managment page.
campaign managment -> Tools -> Site Exclusion
I also use a belt and braces approach by excluding specific IP addresses from my campaigns to stop ads being displayed to repeate clickers. Again this is done from the tools section of your Adwords management page.
Conclusion
When conducting risk assessment reviews with my clients I ask, what value are you getting from advertising on the content network? Broadcast distribution to all and sundry is often very risky and the clicks are of low quality. If possible ditch these ads or target them more closely. Google now offers site targeting for CPC campaigns. This is where the advertiser can choose a site to display their ads on. It is advisable to choose site you feel you can trust.
Other posts you may like
Tags: publisher click fraud
Posted in
How To |