I have experienced some click fraud, seems like some competitors are try to use up the budget. Patterns can be easy to spot, for example sudden large increases in CTR for high value phrases. Many people know this goes on, the issue is how do you prevent it. I have some ideas to share but am looking for other feedback and experiences to prevent tihs problem. Firstly Adwords (tools section) lets you ban up to 20 IP addresses from where you suspect fraud. You can find possible IP addresses in your hosting stats. For example look for those with repeat visits in one day and they view one page per visit. These have a profile of a someone trying to eat your Adwords budget ... but it is not very precise. There are better solutions with software that can track IP visitors and give you a list of possible IP addresses to exclude. You then ad them in Adword tools. There is also software that is more sophisticated, it spots possible fraudulent clicks and then flags a message to the clicker stating their IP address has been recorded for possible fraud. QUESTIONS: Any experiences in preventing this type of fraud? Has anyone found/used software to assist with this? Thanks, Gordano
I believe it is up to 100 IP addresses (or blocks of addresses if you use wildcards) per campaign these days. It's a step in the right direction, though I'm not sure why it's not far more than that.
Going through the server logs is time consuming and simply not feasible. We run a 5 figure per day PPC campaign and were forced to live with what we believe was click fraud. We weren't looking for $1 or $2 credits, like we you see from time to time from Google. Finally our Google rep suggested a click fraud detection and prevention tool called DoogleOnDuty. DoogleOnDuty provides real-time click data consisting of the user's IP address and user ID. DoogleOnDuty also allows you to set warning thresholds. This is very effective in stopping click fraud all together. Listen, I'm not humping Doogle, I'm telling you that if you are in PPC and don't have a tool to identify the user's IP address, you don't belong in the game. That's all.....
I'm a fan of Statcounter. It shows real time visitors including whether they've come from Adwords and IP addresses and approximate locations.
We looked at Statcounter . However, I believe they only offer 1/2 of the equation. In order to track a CTR from a specific PPC campaign, you need a script placed on the landing page or web page script. You also need a piece of code added to the CRT tag. The landing page script and CRT tag communicate with each other and generate real-time data including the IP address and user ID of the individual that actually clicked on your specific ad. Statcounter only tells you how many users click thru from AdWords, but not individual stats per click as related to a specific PPC campaign. Therefore, with Statcounter data telling me knowing that 200 CTRs came from AdWords doesn't help me prevent or deter click fraud.
If you can parse the raw server logs there are clues you can look for. It all depends on the sophistication of the fraud. Proxies, referrers, various other headers. You can also port scan for open proxies, see patterns across sets of IP addresses.
I believe it is up to 100 IP addresses (or blocks of addresses if you use wildcards) per campaign these days
1. google will do it for itself 2. try to change your marketing campain, and after 3. do the same with your competeters!