We’ve all heard the horror stories about click fraud: an ecommerce company’s ad campaign suffers a malicious botnet invasion that drives up the CTR (click through rate) and ultimately ends up costing the company tens of thousands of dollars in click fraud with no offsetting revenue benefit. Unfortunately, these stories are heard all too often, with recent reports suggesting bad bots will cause more than $11 billion in wasted ad spending this year alone. Such projections show that the problem of click fraud is not only getting bigger, but harder to detect.
Bot Evolution
The use of bots for click fraud has become more sophisticated over the years. Bots used to be simple executables that were only able to send or get post requests. They evolved into being embedded in actual web browsers with the capability of downloading all assets on target websites, along with the ability to execute javascript and flash. Now, bots hijack user cookies to further masquerade their true identities making them seem legitimate. On top of all that, today’s bots are easier to deploy than ever. This has lowered the barrier, allowing more people to use bots, while at the same time, making bad bots harder to detect and stop.
The Bot Impacts
Click fraud by malicious bots results in a damaging trickle-down effect. Click fraud impacts the ecommerce site paying for advertising by maxing out daily budgets and making them pay for clicks and impressions that are not real people. It is not uncommon for online retailers who fall victim to click fraud bots to report CTRs as much as 10-20 times the normal rate. Click fraud also hurts the reputation of the ad network because the advertisers ultimately see lower conversions from the ad network. Ultimately, click fraud hurts the reputation of the advertising industry by diluting the confidence in online advertising.
Bot Protection
So what can be done about it? Fortunately, solutions exist that have the ability to detect and identify bad bots and block them from clicking on a company’s ad. These solutions can ensure that the clicks companies are paying for are actually human visitors. This results in spending less money per lead and having better qualified conversions.
Recognizing a Bot Invasion
Recognizing click fraud is easier said than done. Fraud bots are very hard to detect because they look like real people, using real cookies and legitimate computers. Companies can follow some good marketing practices to help detect any fraudulent activity. First, segment the advertising campaigns and measure each purchase individually in terms of effectiveness. The ROI for each individual website traffic is bought from to potentially help identify any suspicious behavior. At the end of the day a bot will not transact, and so lower than expected conversions is a great way to inspect the validity of a source. These tips can potentially be the first steps in determining whether you have a click fraud problem.
Take a Bot Out of Crime
Click fraud’s multi-billion dollar price tag has not gone unnoticed. For the first time, the advertising industry has acknowledged the problem as is evident from the formation of the IAB Traffic of Good Intent Task Force. The U.S. Senate’s Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations also recently held hearings on malicious advertising. High profile attention on online fraud will continue to build awareness and educate the public on the subject. Through this awareness and by working together, it is possible to take a “bot” out of crime and successfully combat click fraud.
Rami Essaid is the CEO and Co-Founder of bot detection and mitigation firm Distil Networks.