Click fraud: botnet edition

November 4, 2020
by
|
6 min
 reading time
Tired of reading? Then listen to this post:

How to protect your PPC ads from botnets and bot farms

Protecting your PPC ads from smart botnets and bot farms

It seems there’s nothing computers can’t do these days. Machine learning helps businesses reduce costs, retain customers, and increase conversion rates. But advanced technologies are not always used for good. Case in point: using bots for click fraud.

These days click fraudsters are more frequently using smart bots. While previously click bots were easy to spot, smart bots’ behavior is becoming more and more sophisticated, making it hard to distinguish them from real users.

According to Scalarr data, smart bots account for 57% of mobile ad fraud (in this blog post, the Scalarr team describes how smart bots emulate real-user behavior to avoid detection).

The numbers for mobile ad click fraud are concerning, but PPC click fraud numbers are even worse: according to Marketing Drive, 54% of ad fraud in the US is carried out on desktops — and businesses running PPC ads are expected to lose $7.2 billion by the end of 2020 because of click bots.

Table of contents

Bots and click fraud

Bots and click fraud

What are bots?

A bot is a software program that performs specific tasks online. Some bots perform perfectly legitimate online tasks, but some are designed with a malicious intent, such as chatbots masquerading as real participants in online conversations, or click bots set up to impersonate website viewers.

How bots are used in click fraud

In addition to helping unscrupulous publishers fake their website visit numbers, bots can also be programmed to click on ads.

Click bots are capable of producing many more clicks than low-paid workers at click farms. These days, they can be programmed to avoid detection, for example by automatically clearing the browser cache between clicks. This is by no means a recent phenomenon: in 2014 Client Connections Media used sophisticated click bots to run a publishing scam.

Botnets and click fraud

Botnets and click fraud

What are botnets?

A botnet is a network of computers that have all been infected with malicious software and are working together towards a specific nefarious goal.

How botnets are created: phishing emails + botnet malware

Malware is a type of software designed to damage or gain access to a computer. Once a device is infected, it joins a network of computers — a botnet.

One of the most common ways for computers to become infected is through phishing emails. These emails may ask you to install a piece of software, which then infects your computer with malware.

Among its range of uses from bitcoin mining to banking fraud and identity theft, malware can be used for click fraud.

How botnets are used in click fraud

PPC botnets are not a recent phenomenon. For example, ZeroAccess was discovered in 2013, and deployed again in 2015. According to a ZDnet article, in 2013 ZeroAccess cost advertisers $2.7 million monthly.

There are several ways click fraudsters can use botnets. One is to provide advertising publishers with fake site visits, so that their websites appear more attractive to advertisers. This Forbes article has a great rundown of how web traffic bots can be used for ad fraud (don’t forget to check out the images of Chinese bot farms). 

Another way to use them is redirecting search engine traffic to online ads. That’s what the creators of the Redirector.Paco trojan were doing.

In most cases, botnets operate from the same set of IP addresses (for example, the cyber criminals behind Redirector.Paco had access to 900,000 IP addresses), which makes detection possible. However, determined hackers have been known to overcome this challenge. Here’s an example of how the Methbot creators found a workaround, and developed ways to avoid detection for a long time.

Bot farms and click fraud

Bot farms and click fraud

What are bot farms?

Bot farms are different from botnets: instead of taking over other devices and developing zombie armies of computers following the malware script, large bot farms come equipped with their own dedicated infrastructure.

Unfortunately, that makes them even harder to detect.

ClickGUARD has published an extensive article about bot farms and their infrastructure — check it out to know more about the way bot farms are set up and run.

How to protect your PPC ads from bots committing click fraud

Just as with any type of click fraud, the consequences go beyond losing your budget to cyber criminals: on top of that, your ads become less profitable, and your campaign ROI is skewed by those fraudulent clicks.

Blocking IP addresses and IP ranges is definitely doable through your ad campaign settings, assuming you can keep up with bot traffic coming in from different IPs, and have the ability to adjust your ad settings.

And, of course, Google Ads also blocks invalid clicks — but we repeatedly see that even the most experienced PPC marketers can’t stop all fraudulent clicks solely by relying on Google Ads protection:

Protect your PPC ads from bots and botnets

“many savvy digital marketers can eliminate at least 30% of fraudulent clicks without using any third-party solution. ClickGUARD’s optimization and blocking capabilities help them put a stop to 40% to 50% of the remaining fraudulent clicks”

Read more about protecting your PPC ads with ClickGUARD

Stopping bot click fraud with third-party solutions

What can third-party click fraud protection software do for you to help stop click bots? Third-party software inspects your clicks, finds suspicious sources of clicks, and replies to those malicious actions by blocking them with specific rules or algorithms. 

ClickGUARD takes it one step further by making those rules fully transparent and customizable, so that you can adjust your PPC ad protection based on what worked in the past.

How ClickGUARD can help you protect your ads from bot click fraud

Here are some examples of what automated ClickGUARD rules can do to protect your ad campaigns from bot farms and botnets:

Detect bot and botnet traffic with a free audit

Not sure if you should be worried about botnets and bot farms coming after your ads?

Sign up for a free audit and find out where exactly your ad clicks are coming from. ClickGUARD data scientists can show you the ratio of normal, invalid, suspicious, and fraudulent clicks, and walk you through the advanced tracking metrics.

Jason is a passionate data-driven specialist with extensive PPC & SEO experience. When not writing about SEM he can be found surfboarding the wildest ocean waves of the Argentinian coast.