-
Website
http://www.marketingpilgrim.com/ -
Original page
http://www.marketingpilgrim.com/2006/12/google-click-fraud-rate-two-percent.html -
Subscribe
All Comments -
Community
-
-
Top Commenters
-
Popular Threads
All Comments
Great story, but here's a question.
In Q3 of 2006 Google AdWords brought in $2.69 Billion in revenue, does this mean that there was somewhere around $50,000,000 in click fraud committed in Q3 2006 alone?
If so, that's a whole lotta click fraud.
Click fraud technology was developed to influence the original banner networks that paid on a per-click basis. When DirectHit came along and based its rankings in part on click-throughs, the click fraud technology was adapted to manipulate DirectHit's results. I've been told it is also being directed at Yahoo!'s click-through processing.
The more sophisticated click fraud networks use multiple servers in geographically diverse NOCs cycling through dozens of IP addresses that reside in multiple C-blocks. They used timed routines to simulate random but apparently natural surfing activity, whereby the "surfers" stay on pages for certain lengths of time.
Adapting this technology to influence a PPC network like the search engines operate would be child's play because the technology predates what the search engines have done.
Until the search engines start outing these proxy networks, they have failed miserably to indicate that can even detect their existence.
I would, however, be be better satisfied if the search engines explained -- in at least as high a level as this presentation -- how they strive to monitor such proxy networks.
I had a nice chat about this issue with Tom Cuthbert from ClickForensics a few weeks ago and he seemed to be very enthusiastic about coming up with some industrywide click fraud standards that everyone can accept.
Until Google and others continue to encourage services like AdSense for Parked Domains, there is little sense in talking about serious effort to combat click fraud.
- Eric Itzkowitz
p.s. If this number's changed please let me know.
Ghosemajumder has since clarified that it's less than 2% of all invalid clicks, which means unidentified click fraud at Google is just a fraction of a percent!
My gut reminds me of the old Rumsfeld quote, "As we know, there are known knowns. There are things we know we know. We also know there are known unknowns. That is to say we know there are some things we do not know. But there are also unknown unknowns, the ones we don't know we don't know."
We all know Google has a ton of really bright people who must spend a great deal of time on this problem since it direct threatens their business model. At the same time the "unknown unknowns" make me wonder.
The reality is, we don't, and Google doesn't, know how many clicks are fraud and REMAIN UNDETECTED as fraud. Only a very careful accounting of every single click for some slice of traffic could turn up something close to valid data for that question, but it certainly would vary wildly depending on circumstance. Until we see any actual proof of a valid study, this is all fudging around with numbers in a spreadsheet.
It's certainly the first time they've revealed their own internal numbers - or at least a very strong hint.
Some google guy showing you some powerpoint presentation doesnt prove alot really.
First, some industries are more attractive to fraudsters. More specifically, completive industries where fraudsters stand to gain more than a pretty penny per click. However, in the areas where the price of a click is at a premium, I would stand to wager click fraud is more than 2%.
We experience no click fraud when promoting car forums, pictures or research. However, when we move into the more lucrative areas, such as automotive loans, we notice questionable clicks not only abound but thrive.
http://adwords.google.com/support/bin/answer.py...
The last paragraph is particularly relevant: "Depending on the design of the site, a parked domain site will be classified as either a search site or a content site. That means your ads may show on parked domain sites if your campaign is opted in to the search or content networks."
WTF? Google will charge its customers (the advertisers) paid clicks on the search network that originate from parked domains. A company that engages in this sort of practice is not going to appease its advertisers regarding click fraud with a few pretty pictures.
For your next exclusive, can you find out what percentage of PPC traffic comes from parked domains? Of that, what's the split between search and content network? Now, that'd be worth something.
Proof? Is Google blowing smoke?
I really don't see why they would. Other traffic sources have, and it has seriously impacted their credibility. Advertisers can easily cross-check this type of info against the tendency of clicks to convert.
If you're working on real accounts, you can often see during the holiday time the conversion rates and cost per order numbers trending into very affordable territory. You aren't going to see conversion rates of 5-10% on mediocre, relatively unoptimized ecommerce user experiences, if there is tons of fraud floating around out there. To me, having watched a large number of campaigns closely, Google's account rings true. I won't believe it all when it comes to the AdSense network, but then again, we all bid low on that inventory, don't we?
What do I mean by this? Take AdWords Starter Edition for example. It hides the complexity of AdWords by not letting advertisers opt out of the search network or content network. It hides the notion of CPC by using the Budget Optimizer. Would you recommend that a brand new advertiser use contextual advertising? Would you recommend they use the B.O.? They can't "bid low on that inventory" because they don't even know it exists. Now, when they start tracking their results, they're going to *think* they're experiencing click fraud because they're getting all this traffic that's NOT search engine advertising.
Note, too, the the newly offered hosted business pages are tied to AdWords Starter Edition. Any business that uses that new product is locked into the content network and can't set lower bids. Is this going to help with the perception of click fraud? Frankly, I don't understand why more people haven't dug into the details. Google should kill off Starter Edition. Yes, we *all* need to bid low on the content network - especially new advertisers.
Google, are you listening?
If I know my wife meets 100 men a year and I [personally] find her cheating with two guys a year, it doesn't mean her "cheating ratio" is only 2%! I most likely don't know about the other 8-20 guys she sleeps with since most of the time I work out of town.
I would also like to point out that there are ways to cleverly generate traffic that looks like any other traffic that arrives at a site. This can't be reliably distinguished by algorithms, humans, or anything else. Such traffic is generated from botnets, viruses, and click rings.
I'm still unconvinced of these claims.
Click fraud on Google.com is likely very low, since there is nothing to gain except frustrating a competitor - and few people make the effort to automatically click lots of ads. There is no incentive.
However, there is a huge incentive to falisify clicks on your own adsense website, and this is where the numbers lie.
I also speculate that google may be sharing data from North America only, as click fraud is generally higher in other areas.
http://www.stareclips.com/?click-fraud-rate
If you're ruler is not to scale, your measurements will be off the mark.
Now, look at the big boys. Mesothelioma. Structured settlements. $100/click. You think those are only 2%? There's a LOT of money to be made off of those clicks.
If you believe that percentage is accurate for those terms, I've got a bridge to sell you.
We can all argue until we're old and grey about what methods Google is or is not using to detect this click fraud but I bet that they'll never reach that goal of 100% detection. It's a nice goal tho isn't it?
G-Man
After analyzing site traffic and sales the most likely explanation is a recent surge in content network fraud, our estimates point to 90% click fraud.
We also don’t believe this is unique to our company, we have seen similar content network metrics on accounts belonging to 2 of our clients.
The bottom line in our case, turning off the content network completely results in a 90% reduction in ad spending with no change in leads or sales. In a higher volume ad campaign with the same metrics spending would stay the same and sales would increase by the amount of fraud.
We were shocked to see that google claims only 2% click fraud or “invalid clicksâ€. This is a no brainier, is it really in google’s best interest to stop this as they make 70-90 percent of the revenue generated from this fraud without having to commit the fraud themselves.
If this is the worst example of "fraud" we can dredge up, then things must be pretty rosy indeed.
I'm not sure that this really provides much proof of actual fraud, and even if some is getting through, it wouldn't be hard to combat by lowering bids a bit. Fraud on the search network would be more serious.
400 clicks on the content network should only be costing you around $160 or less if you're bidding correctly. Just because the traffic isn't converting on those 400 clicks doesn't mean it's fraudulent. It may mean your ad is showing up somewhere it shouldn't be - somewhere that isn't very targeted.
Increases in clicks aren't surprising, either. New publishers are always being added onto the network, or your position may jump up so that you actually appear on pages that would have shown your competitors' ads previously. This may be a sign that they have lowered bids, so you should, too.
You haven't offered much evidence of anything untoward, as disappointing as it may be that $160 worth of clicks didn't convert to anything.
These are just the non-US clicks that are identified.
Google has never been close to my figures, and when I do get reimbursed its a fraction of the submitted amount.
GaryTheScubaGuy
Anyways, I had some questions about the conclusions drawn in article above. (1) Am I to suppose that the discovered levels of click fraud by advertisers are equivalent with the actual amount of click fraud that escapes the previous 3 tiers? That I may discover 2% of fraudulent clicks does not mean that I've discovered them all. (2) Does anyone have the ratio of allowable clicks to invalid/fraudulent clicks? For example, of 100 clicks on an advertisement how many are fraudulent (before any screening measures)? Google may in fact be rigorously trying to minimize fraudulent clicks, but my concern lies in terms of how many total clicks are fraudulent. Detecting 98% of fraud is a laudable achievement, but are they catching 98% of detected fraud, not total fraud?
I appreciate your comments to these questions. I would also ask that you point me in the direction of further resources to continue my research into the matter. Anyone else involved in the class action suit?
Take care and happy holidays.
bg, if I may say so, you seem obsessed with click fraud.
Is there a marketing program lurking anywhere in there?
As for the class action suit. Isn't that a red herring? I've been in these before, with other similar situations. LookSmart ripped us off, misled us, and we applied and received a small credit in the suit. That's class action for you.
Meanwhile it absolutely does not mean that Google has no further obligation to you. Perhaps it means you have fewer options to actually sue them, but you weren't going to do that anyway.
What you can do, is document any click fraud that may have occurred, if indeed it did. And then directly request a refund. That process hasn't gone away just because there was a suit.
And now, back to your regularly scheduled marketing program. There is one, isn't there?
Only the fraudsters know how much actual fraud there really is. The engines may be able to detect all the fraud, but may not, depending on how clever the fraudsters are in making it look like "legit" traffic. This isn't that hard to do, when using botnets, spyware, or click farms.
As to the class action, I don't know that there is much that can be done, since you didn't opt out. There are some US Congressional inquiries into click fraud, but it's not clear yet that anyone will see any money from them.
My advice to you is to reduce your ad spend in accordance with the fraud you suspect, and look into alternate, less fraud-prone options such as CPA or fixed fee advertising.
Whenever this issue is raised, it's met with silence (except from individuals such as Bruce Schneier and Lauren Weinstein from the Internet technical community).
Google's response might be, "Yes."
Then someone could ask, "Is the passcode at least 4 digits long?"
The answer, "yes."
"Is it at least 6 digits long?"
"No."
"So it's just 4 digits? How secure is that?"
"No, it's not 4 digits."
"Aha, so it's 5 digits!"
"Correct."
"But, is it something easy? Like 12345? That would be terrible if it was!"
"No, it's not easy."
"Are there 5 unique digits in the number, or is there a repeated digit? I would imagine one is more secure than another, right?"
"There are 4 unique digits, with one repeated. There are only 30,240 possible combinations of 5 digits if all of them are unique. Many more number combinations are allowed if a digit can be repeated."
"Ah, that's good... that's good. So, it's pretty secure, right?"
"Very."
"Can the control panel be seen through a window?"
"Yes. There is a south-facing window where the control panel can be seen."
"Couldn't someone point a camera into the window to see what code is being punched into it?"
"When the code is being entered, our staff is trained to block the view from the south-facing window."
"Ah, good... good. Very secure."
This hypothetical discussion of security, and making sure the building is secured well, only makes things less secure. With this information, someone is now armed with knowledge as to how to thwart the security. For instance, someone could look through the south-facing window to see which numbers on the keypad appear more worn or used than others, then knowing that one digit is repeated and that the remaining digits are unique, one could come up with a short list of possibilities rather than being faced with the much larger set of possibilities.
So, the more information Google reveals about HOW it DETECTS fraud, the more information they would give to would-be-fraudsters to circumvent their detection.
In any case, I would like to illustrate a method that Google COULD be using. By analyzing the user behavior on a controlled website, Google would be able to formulate statistics that represent normal non-fraudulent user behavior. For instance, they might see that a 90% of typical users spend about 19.3 seconds on a website before leaving the page, that 8% of typical users spend 11.2 seconds on a website before clicking an advertisement, and that 2% of typical users spend 3.9 seconds on a website before clicking on one of the ads. By analyzing this data using various barometers, Google could then detect anomalies in activity. Maybe there seems to be an unusually high number of users in a group that are only spending 1.2 seconds before clicking on one of the ads. These anomalies could be investigated further to determine if there are other patterns of behavior that would suggest fraud. By catching these, stopping the fraudsters, but not revealing their secret formulas, would-be-fraudsters would be stuck trying to GUESS (and mostly failing) what this formula is, or how to appear as a fully legitimate user and not a statistical anomaly.
http://www.stareclips.com/?click-fraud
Since the site is controlled, it is not typical of any behavior except those individuals who participated in the study.
It is trivial for fraudsters to manufacture traffic that looks like non-fraudulent traffic. They can use human clickers, or capture keystrokes from infected machines and replay them (possibly on other infected machines).
What it comes down to is that (except for some very basic attempts to defraud, such as repeated clicks from a small number of machines on a small number of ads), what separates fraudulent traffic from non-fraudulent traffic is intent, not pattern. When (if) the engines and networks are able to determine the intent of a click, they will have solved a far more difficult problem than click fraud. Aside from the security professionals I have mentioned, Dr. Tuzhilin has commented on the impossibility of solving this problem.
As your product becomes more valuable - theft whether it is shoplifting, counterfiting or click fraud becomes always more of an issue.
The classic neverending question is always " Do I as an innovator , seller or manufacturer concern myself with this problem and focus on it or do I focus my efforts on more major areas as profitiability or product research ?"
I guess it depends on how much fraud is actually out there. Or how
much expenditure can't simply be written off as the cost of doing
business.
Hey mongoose, what's that behind your back...?
Two slogans or historic sayings come to mind:
1) There are numbers and there are statistics
2)Figures don't lie but liars figger.
It is amazing how off the mark these experts and pros can be.
As if a representative of Google would be giving you the correct figure for which they have are stealing from their client's worldwide.
If you are stupid enough to believe this story, then all I can say is you deserve to be RIPPED OFF !!
Next thing we will hear from Google is that they are going to give all the fraudulant money created by their own click fraud to charity - All FIVE HUNDERD MILLION DOLLARS FROM ONE QUARTER ALONE - What a joke,
Truthfully Andy - WAKE UP TO YOURSELF
As if a representative of Google would be giving you the correct figure for which they have are stealing from their client's worldwide.
If you are stupid enough to believe this story, then all I can say is you deserve to be RIPPED OFF !!
Next thing we will hear from Google is that they are going to give all the fraudulant money created by their own click fraud to charity - All FIVE HUNDERD MILLION DOLLARS FROM ONE QUARTER ALONE - What a joke,
Truthfully Andy - WAKE UP TO YOURSELF
The messages are very useful. Keep it up.
Googlers are watching our site using which technique.Ill show my google analytics a/c. Where my site is popular in world wide which has unique users of 50% and New also in 50%
http://arrif.blogspot.com
bg, if I may say so, you seem obsessed with click fraud.
Is there a marketing program lurking anywhere in there?
Seriously, Google is doing a great job and people are still whining. I find that distasteful.
I guess it depends on how much fraud is actually out there. Or how
much expenditure can’t simply be written off as the cost of doing
business.
Why PPC waste/fraud is still continuing and why Google, Yahoo and MSN won’t help you find it.
I have spent time looking at all the reports Google/Yahoo/MSN have been providing it’s customers for some time now.
The one report that none of them provide is “Length of Visit by Keyword”.
This is a report that would help anyone with managing PPC campaigns in a major way.
So, why is this report not supplied by any of the search engines out there?
It’s simple!
If you knew which keywords people were clicking on and then just jumping out you could adjust you spending on those keywords accordingly.
All the major search engines have the data and tools available to provide you with this report.
I also believe that with the data that most of the major search engines collect that they could even provide us with a much better report than the “Length of Visit by Keyword” report I’ve been talking about.
I would love to see the raw data that Google collects on the sponsored ad clicks.
I bet if any of us could analyze that data we would save tons of money on our campaigns.
As a side note…
Wouldn’t you love to know what products have the best conversion rates and lowest advertising costs? Google and the others have this information. What power these people have!
Another note…
Google and the others know what products don’t sell well over the internet. They could come up with a list of products that have never sold well over the internet and at least warn people before they waste your money. I think a large percentage of people who try to sell something over the internet are wasting their money and I’m including the people who really know what their doing.
They won’t help us with this critical data because they know once you see the waste you will adjust your advertising campaigns to reduce it. That would cost the major search engines billions of dollars once you do.
Google and the others are basically hoping people don’t figure this out. Their saying lets give the customers a bunch of reports and analytics and hope they never notice what we’re not giving them.
The report should at least contain:
IP Address, Date/Time, Search term, Campaign keyword(s), Length of Visit, Number Pages Viewed, Conversion.
All the major search engines are guilty of not providing its customers with this information.
I have been looking for a tracking site that provides this information but have not had much luck.
I’m sure I could find a service or piece of code out there that will provide the important data but why we are not getting these reports from the major search engines out there is a crime.
Harvey Lawton
Just make sure you never go for any other channels than the search results in google.xxx because the fraud is not from your colleges, its from hungry AdSense sites.
Actually we where closed out by our Google Adsense testing, because our colleges in our local network was clicking on adds, and at that time we didnt now that (our colleges) and we went from PR5 to PR4 some days later.
Thats why we decided AdSense didnt make sense for us. I Assume theres a army of AdSense sites who wants to earn money, and they are asumeably very creative in their ways to make webdesign and have people clicking. Random AdWords Roboting who dont target your own pool but only occasionaly i have been reading about. I Love Google, that why i love to critize also, likewise with my husband... :-)
Reference: Jansen, B. J. (2007) Click fraud, IEEE Computer. 40(7), 85-86
I do not believe that the 2% applies to content ads.
As to what constitutes an "academic research article," we will have to disagree. This looks to me like a short unrefereed overview article in a magazine. Some of your other articles conform more closely to the norm of a refereed journal article that would be worthy of the title of "academic research article."
Here, I don't see the research. I see some decent common-sense definitions and terse recommendations and conclusions. But no independent data or critical insight.
@hlawton: Any decent analytics package, such as Google Analytics, will give you bounce rates by keyword, and time spend on site by keyword, if that's what you want.
This the only way to get all three data points in the same place -- the content provider, the search engine, and the attacker.
Basically, set-up fake online stores with sponsored search accounts. Then, attack these online stores with various click fraud techniques over a period of time.
Then compare logs from the Websites, the search engines, and the attacker logs.
Jim
I can only guess the good man Andy was expecting all this apposing feedback.
"Actually the reported 2% invalid clicks come simply from complaints buy advertisers".
As an advertiser myself,I only report about 1% of my estimated 6%. Its just a hassle, (like getting minutes credited for a dropped call). I think thats also one reason 'Google Analytics' wont report the ip addresses.
We spend a simple $40,000 a yr on Google This figure does not including customers you're charged for, that click on you two or three times in teh same day, for example if the customer needs to re-contact you they often will re-google you and re-click you.
Theres many things Google could do to give us more accurate information and results. Many feel if they do this they would loose millions. A general belief is you only give your customer better service when your forced to by competition, and currently Google has no competitor that offers thees options. But the ROI is much greater foe my company then the blood sucking yellow pages lol.(die) In that comparison I'm very happy.
He also mentioned multiple 301's in a short time span may have implications as well.
Thanks Adam!
GaryTheScubaGuy
The other thing that bugs me is how people let companies like Google and Apple off the hook. "You can't talk that way about our precious Google and Apple! We believe everything they say is true...because they are not Microsoft." Any publicly traded company is going to do WHATEVER is necessary to keep up the bottom line. Including showing us silly pictures like the one posted in the article with the three circles. Wake up! That's insulting!
We got massive amount of clicks from different countries in hours that people sleep there!
Google placed our adds along with Sex ads and Tourist guides...(we make scientific instrumentation).
Within 24 hours after we complained, all of those clicks disappeard. That clearly shows that Google got a hand in those clicks.
Our monthly bill is now 75% lower with no effect on our sales.
Webmasters, don't let them cheat you!
The simple answer to all of this "Do you believe in the tooth fairy ?"
regards
prasad
Wherever money and schemers are together it does not take too long for ideas of the "easy and softer way " to arise and develop
Some even enjoy or prefer to earn their money this way
To put it another way - figures don't lie but liars figger
Levels of Poor Service's last blog post..pizza e. (1.0/5) on Yelp.com
The bottom line is businesses that use Google services still make money. Enough to put up with fraudulent clicking I guess. For them(google) to come out though and say they will not track IPs for a business is absolute bull. They can instantly create a report on just about everything, but the ip of the machine that clicked through an ad...give me a break.