Octavia DrexlerJuly 21, 2022

Digital ad fraud has been growing at the pace of technology. To each way of legitimately making money online, there is a way of making money from digital fraud. Click fraud is among the most worrying types of fraud out there: it is estimated that around 17% of PPC clicks are fraudulent. 

In order to understand why click fraud is a worrying issue for businesses, we need to first understand how fraudsters make money from click fraud. 

Device-Driven Fraud vs. Content-Driven Fraud

People are generally not aware that not all web traffic is driven by humans and that not all the engagement from digital ad campaigns comes from legitimate and interested users. 

Recent research estimates that the value of digital ad spend lost to digital fraud will reach $68 billion globally in 2022 - a rise from $59 billion in 2021. 

How fraudsters make money from click fraud depends on the way that fraud is employed. Depending on the focus of the fraudulent activity, we can talk about either device-driven fraud or content-driven fraud. 

device driven fraud

Device-driven fraud uses computers, servers, mobile phones, and other devices to mimic real ad impressions and engagement. 

This kind of fraud uses bots that act as real internet users. Complex algorithms are used to make the fake clicks deployed by bots look like real user activity. How fraudsters make money by using different devices is pretty straightforward: by sending traffic to publisher sites or devices and getting paid for those impressions or clicks. 

content driven fraud

Content-driven fraud is even more complex. It involves the practice of creating fake websites and apps and selling ad space to advertisers who believe their ads are showing up on real publisher websites.

The most common form of content fraud is the sale of ad space on “ghost sites” or “cashout sites”: these are websites that have no content, just ad space. These sites are visited by bots that generate fake clicks. 

How fraudsters make money from content fraud on ghost sites also has to do with web traffic. The fraudsters get paid for the bot traffic that they send to ghost sites. 

More complex content-driven fraud involves creating fake (or “spoof”) versions of reputable websites and “posing” as legitimate websites. If this succeeds, the fraudsters earn more from the placement of ads. 

The Main Types of Click Fraud 

In order to understand how fraudsters make money and how complex click fraud is, we need to dig a little deeper into the ways that click fraud can be implemented. 

Click Spam

Click spam, also known as click flooding, is done by generating fake clicks while a user is running an app or engaging with a website. The clicks are executed in the background, without the user even being aware that this is happening. 

The most common and effective way of deploying click spam is through click bots - which are essentially a piece of bad code hidden in an app or website. These get triggered when a user engages with an app or while the app is running in the background (e.g. in the case of system apps like battery savers). 

Incentivized clicks and competitor clicks

This is also a form of click spam, but it involves real people instead of bots. In this scenario, people actually click on ads with the purpose of deploying the ad budget of a certain business - most likely, the competition. 

This action can be incentivized - people get paid for clicking ads. Though more time-consuming, this type of click fraud is more difficult to spot, as it involves real human behavior. 

Click Injection

Click injection is a more sophisticated kind of click spam. This method involves the fraudsters generating clicks that do not originate from the user interacting with an ad. By injecting one click at the right time, after the user has decided to download an app, the download process is “hacked” and the fraudsters get credit (and money) for that install.

Install Farms

These are real locations where devices are used to generate installs. The process is done manually, with the fraudsters clicking on ads and installing apps to generate the activity for which they are paid. This process can be repeated multiple times by changing the IP address for each install. 

Domain Spoofing

Through domain spoofing, a domain is made to look like another better domain. One low-value site mimics a well-reputed one. This way, the fraudsters get paid more for each click on that web page. 

SDK Spoofing

This type of ad fraud makes fake installs look legitimate. SDK spoofing occurs when a fraudster breaks open the SSL encryption between the communication of a tracking SDK and its backend servers. The fraudster then generates a series of test installs for the app. Once the fraudsters “decipher” the URL structure and how in-app actions are tracked, they can generate fake installs. 

Pixel Stuffing And Ad Stacking

These are both ad frauds that are used for artificially generating a high number of impressions for ads. Both these methods are used for making money out of campaigns that target a high number of impressions, rather than clicks. We are however including them on our list, as they are pretty common.

Through pixel stuffing, a publisher uses 1×1 pixel ads on their site. The ads aren’t really visible for humans, but the advertiser will get charged for the impressions. 

Ad stacking is quite similar but doesn’t use pixel-ads. Instead, the publisher just “stacks” several ads on top of one another. Only one ad is visible, but the fraudster can claim credit for all of them. 

Affiliate Ad Fraud

Affiliate marketing is based on cookies - which pass information about the user and the source of their visit. In this click fraud scheme, fraudsters place cookies on a browser without the user’s knowledge. Once the user visits an affiliate publisher, the fraudster gets credit (and gets paid) for that traffic. 

Location Fraud 

Location fraud is used when fraudsters fake or “spoof” the geolocation of their traffic. Advertisers usually want their ads to only show in certain locations. Also, costs for different locations vary greatly. This fraud scheme is used to either get traffic from locations not targeted by the advertiser or to get traffic from better-paid locations. 

Redirect Attacks

In this case, multiple redirects are used to increase the number of clicks. When users click on an ad, they are rapidly redirected to another ad and then back to the original one. This often happens very quickly and the user can’t even tell that it’s happening. The fraudsters, however, get to generate more clicks on ads.  

How Fraudsters Make Money from Ad Fraud 

If you’re still wondering how fraudsters make money from ad fraud, you should understand that this is a “lucrative” business. Making money from click fraud is essentially easy: create as many artificial clicks as possible and collect the income.  

While a cost-per-click (CPC) may not sound like a big amount of money, by using bots and automation technology, fraudsters can easily get hundreds and thousands of clicks every day. This is how fraudsters make money - lots of money. 

Using bots is the most efficient way to engage in fraudulent activity, as the fraudster has very little to do than to roll out the fraud scheme and wait for the money to come in. Unless detected, of course. But even if they are detected, the cybercriminals can move on to infecting new devices or creating new fraudulent content. 

Since ad fraud is difficult to spot without specialized tools, there are many unsuspecting victims out there. This means that criminals can carry out their work with little adjustments and intervention. The fact that international legislation isn’t yet very clear on the illegality of click fraud also makes it difficult to prosecute fraudsters. 

Can You Stop Click Fraud? 

While we have looked at how fraudsters make money from click fraud, one important question remains: can you stop click fraud? While it isn’t easy to identify click fraud, it can be stopped. You just need to take a proactive approach to identify and stop it:

  1. Monitor and analyze: if you are running PPC campaigns, always monitor and analyze the data on your campaigns and your website. Use analytics tools to get as much data as possible. Look for any unusual activity - like a spike in web traffic with little conversions; that might be a symptom of click fraud.
  2. Isolate and block: If you notice an unusually high number of impressions or engagement on your campaigns, something may be off. Investigate where suspicious traffic is coming from. Usually, you will be able to tell that the traffic is fake - it will most likely be coming from the same IP or strange locations. Once you isolate that traffic, you can block it using a click fraud protection tool. 

Now that you understand how fraudsters make money from digital fraud, you can work on not being a victim. Protect your investments by carefully monitoring your campaigns and by promptly blocking any fraudsters. 

If you want to find out more about how you can stop click fraud with ClickGUARD, don’t hesitate to get in touch! We’re always happy to talk about how to fight ad fraud!

I work with the Marketing Team and a team of writers to strategize, create, and coordinate quality content for digital marketing & PPC professionals