How Does Click Forensics Work?

March 13, 2019
by
|
7 min
 reading time

Click forensics sounds sophisticated and boring? OK, I get it. But how about if I told you that 30% of your ads budget is being wasted by not having click forensics, does that sound like a "juicy enough" subject?

In pay-per-click advertising, the truths we hold evident and have to adapt to are the following:

One, Google reigns over digital marketing, pay-per-click included.

Two, there is no such thing as a “successful campaign” without precisely defined goals.

Three, everyone will deal with invalid or fraudulent clicks.

Click forensics is essential for any data-driven marketer

Google Ads is arguably the best PPC platform there is, so if your reading this you’re probably already on it. You can easily set a goal for a campaign if you think about the reason why you planned to launch it.

But fraudulent clicks? You can’t just let them be — they hurt campaigns, and yours won’t be an exception. Adapting to them means finding a way to fight back, and you can only do it using click forensics. Awareness that is built through a data-driven click forensics tool will allow you to mitigate the threats and build more successful campaigns.

I told you that click forensics wouldn't be boring! This is where it gets uber-exciting...

What Is Click Forensics?

Click forensics isn’t nearly as exciting as the forensic work you can see on TV. And the forensic work you can see on TV isn’t the most exciting part of police work, either.

But what it lacks in drama, click forensics more than compensates in usefulness. If you’re well-versed in it, you can look at certain data points and determine the likelihood that a click, or a group of clicks, is fraudulent.

When you know a click is fraudulent, you can ask Google to investigate it and maybe issue a click fraud refund. Even more importantly, you can block the IP the click came from, preventing it from being used to mess with your ads again. Click forensics should be a pillar of your Google Ads campaigns.

Shouldn’t Google Have Automatic Click Forensics

Google Ads already does some of the click forensics for you. That’s how it knows not to charge you for invalid clicks, for example.

The problem is that Google Ads isn’t necessarily looking at every possible data point when determining the nature of every click. Some clicks that would otherwise be invalid or fraudulent simply aren’t listed as such.

It’s obvious that this discrepancy can be exploited. Google Ads’ forensic net doesn’t catch every perp, so there’s room for you to get involved if you want better fraud protection for your PPC ads.

Click Forensics in Seven Rock-solid Segments

Ready to learn a thing or two about click forensics? Yes?

How about seven things? You want to be thorough, and to master the field of click forensics you’ll need to understand all seven segments of data you can analyze in a forensic inquiry.

1. The click segment will tell you useful things about the on-site behaviour of a person behind a single click.

You can see, for example, how much time they spent on the website, whether they are a repeat visitor, and whether they converted.

Photo: Real users and bots exhibit different behaviours. The image above shows a comparison between the two. Fraudulent visits usually don't trigger our on-page visit timer.

2. The platform segment contains data about browser fingerprints and more detailed data about the device.

If you didn’t know that browsers have fingerprints, now you do. But as opposed to your crime scene variety of forensic work, it’s the absence of fingerprints you use as evidence of click fraud.

Photo: Each device sends a unique fingerprint. It is very suspicious if you are not able to determine the operating system, browser, screen resolution, or any of the many other platform properties. The most common visits that do not have a fingerprint are those coming from data centres.

3. The target segment tracks one of the most important data points, the GCLID, as well as landing page info.

GCLID is a unique value given to every click on your ad. When you see the same GCLID in impressions coming from different IP addresses or devices, there’s a reason to suspect fraud.

4. The ad info segment is where you can see the attribution of the click in the context of the campaign.

For example, you can notice that whoever is clicking your ads is very good at picking the ads triggered by the most expensive keywords you bid on. If that smells fishy to you, it’s for a reason.

5. The visitor segment gives us data about the IP address and the device the visit is coming from.

Determining the IP address behind a click is one of the most basic, and most useful, techniques in click forensics. A large volume of clicks from the same IP address is the textbook example of click fraud.

Photo: A common tactic fraudsters use is to employ IP ranges. If you are able to detect the source, then you could easily set rules to block all clicks within a certain IP range.

6. The threat segment deals with several data points that help determine the level of risk from every single click.

This is where you’ll see if a visit is coming from a proxy server, or if there are bots or crawlers clicking on your ads.

7. The Geo segment contains information about the geographical origin of the click.

Location is a particularly important piece of info that’s getting increasingly hard to figure out. Clicks coming from outside of the regions you targeted with ads are important warning signs.

What’s the Next Step?

The segments, and the data points they contain, are parameters you’ll use to search for fraudulent clicks. To be effective, you’ll need to understand patterns that indicate fraud.

You’ve already read about some — a large volume of clicks from a single IP address, and clicks coming from outside of your geo-targeted areas are some of the patterns to be on the lookout for.

You can also notice things like browsers with unrealistic resolutions, the same device clicking on your ads using different IPs, or plenty of extremely short visits on multiple campaigns from the same IP or device.

Photo: "Normal vs suspicious behaviour" analysis on the device level. When you have your forensics set up properly, then you can easily spot a device responsible for click fraud. In this case, the user on the right-hand side of the photo was changing IP addresses and clicking on ads from the same device.

When you notice these signs of fraud, you can call on Google Ads to investigate. But more importantly, you can also block the IP, so that it stops putting dents into your budget.

Who’s Got the Time to Do Click Forensics Manually?

The real problem with click forensics isn’t in the limitations of the technology it uses. It’s in the time it takes to do it well by hand.

Blocking IPs is a huge time sink if you want to do it manually. But it’s still a good tool for combating click fraud.

ClickGUARD will detect and block fraudulent activity for you, minimizing the damage. ClickGUARD will help drive the performance of your campaigns, making it easier for them to reach your goal. And best of all, ClickGUARD will do all of this with minimal input from you, leaving you to spend your time in more productive ways.

If at this point you still think Click forensics isn’t that "cool". Still, it’s something that needs to be done.

So why don’t you let ClickGUARD do it for you?

The ClickGUARD editorial staff are responsible about communicating and sharing amazing content. They help with moderating guest posts, reviewing resource submission and writing different articles.