Commentary

Is Behavioral Targeting Being Used for Click Fraud?

by Steve Smith , Staff Writer @popeyesm, February 5, 2010

Spyware was and still is the bane of neophyte PC users. I don't know how many times over the years I have been enlisted to cure the dysfunctional computers of my teen daughter and her friends. In every case, their youthful, shallow-pocketed pursuit of "free" anything online had led them to sites that inevitably clog their systems with spyware, which, once on a system, opens the door to all of its spy friends. It can take less than a month for a new PC to grind to a halt under the weight of all of those competing background processes.

But according to Harvard Business School Assistant Professor Ben Edelman, spyware and its behavioral tracking is also hurting marketers by contributing to click fraud. In research he published to too little notice last month, Edelman found that spyware surreptitiously planted on PCs was deliberately tracking users' browsing habits to see their likely purchase intent. The spyware knows what merchants the user already visits and likely buys from, and then the system "fakes a click" on the Google pay-per-click ad for the same merchant the consumer already uses.

"If the user proceeds to make a purchase - reasonably likely for a user already intentionally requesting the merchant's site - the merchant will naturally credit Google for the sale," Edelman says in his report. "Furthermore, standard optimization strategy will lead the merchant to increase its Google PPC bid for this keyword on the reasonable (albeit mistaken) view that Google is successfully finding new customers. But in fact Google and its partners are merely taking credit for customers the merchant had already reached by other methods."

One of Edelman's correspondents likens the practice to hiring someone to give out street flyers advertising an establishment. But then the rogue plants himself at the entrance to hand incoming patrons the sheet, effectively getting credit for "converting" existing customers.

Edelman says he tested for this problem on a virtual computer in his lab that was running the Trafficsolar spyware software. He used the PC to browse to sports apparel vendor Finishline.com. He was able to detect that Trafficsolar opened an unlabeled pop-up window that eventually redirected back to Finishline.com via a fake Google PPC click. The path between the spyware and Finishline.com is extremely complex, but Edelman says his screenshots and packet logs show the click being generated on the test PC without user interaction, hopping across seven or eight redirects.

If these schemes are widespread, then they undermine the trustworthiness of the PPC model in several critical ways, Edelman argues. First, it makes the advertiser pay for a customer it has already acquired. Then it encourages inflated keyword bidding by giving the advertiser the false impression the campaign is working well. And finally, it is producing an illegitimate click, one that the user never actually made.

Let's say the PPC was valued at $1. Each of the many intermediaries is passing along some share of the original Google fee to the network that redirected the traffic. By the time the original spyware vendor takes a cut, it is likely down to pennies. "The many intermediaries and their many fees, reinforce why this is such a terrible deal for the advertisers," Edelman tells me. "The advertiser agreed to pay a high price for traffic that was supposed to be valuable - worth the full $1 per click. Yet the ultimate seller [the spyware that originated the click path] is willing to sell it for just a penny or two, because the seller is selling something that just isn't worth it. But through the series of intermediaries, the advertiser nonetheless gets charged the high price for the low value placement."

It is hard to say how prevalent or widespread the offending spyware software is, but Edelman's tests suggest a number of intermediaries are happy to participate in this system. In the model he describes, behavioral targeting is turned on its head to work against rather than for advertising efficiency.

behavioral targeting, click fraud

4 comments about "Is Behavioral Targeting Being Used for Click Fraud?".

Check to receive email when comments are posted.

Mark Yurik from Signswest.com, February 5, 2010 at 4:29 p.m.
Anyone with insight please respond, I've noticed on PPC search ( will not name search engine but it's big one ) there will come times when $ 67 or $ 123 is left unspent budgeted for the day with time constraint ending in 30 minutes. Then next day log in to manage keywords / campaigns and find that the remaining balance seems to always blow out everyday in final 30 minutes if unused for that day ? Thus doesn't make sense unless myterious forces are present. Anyone else experience this strange bleed the balance late in day mystery ?
Reply

Fj Rich from EPI, February 7, 2010 at 7:57 p.m.

Good info, worth looking into more carefully. However, the blog is written poorly. If I were not already aware of the problem, and w/ some understanding I would not be able to tell how the fake click is affecting the PPC mkt.

Need to speak to readers as though they know nothing about the issue and its affects.

Richard Bennett from ImServices Group Ltd, February 9, 2010 at 9:33 a.m.

This subject is nothing new. We caught more than a few companies pulling this when we started click fraud investigations over 5 years ago (we are a forensic auditing company). There were several companies making tons of money doing this. Following our efforts (which we did not publicize), the major search marketers put in controls to keep a better eye on their partners, decreasing the frequency. But there are still a few culprits who slip under the radar. In fact, my company got "bit" last year by a scheme like this.

Chris Nielsen from Domain Incubation, January 12, 2011 at 1:19 a.m.

Mark, Depending on what SE you are using it may be due to reporting delays. MSN is one of the worst for this and that may be the one are talking about.

It is possible they are speeding up your impressions so you are allowed to spend your entire budget. The main question I would have is are you tracking conversions and getting proper value for what you are spending or not? If you are not tracking conversions then you can't really tell or not.

By the way, one of my clients was using "Click Forensics" to track fraud and get refunds. What I just learned is that this worked at first, but later the SEs stopped making refunds despite continued fraud reports. They said there wasn't any fraud. This means that all you can do with the fraud reports is try to block keywords or sites that seem to be connected with it.

By the way, Google has a new feature that everyone should take a look at. Go to an adgroup, look at keywords, then select the "See search terms". This will show you what search terms your ads are showing for. If you see some wacky keyword or phrase that's not in your keyword list, chances are it's the new "broad session match" that was enabled as a default at some point. If it doesn't work for you, try not using broadmatch keywords and you may be able to avoid it with exact and phrase match.