Commentary

Low-Tech Or No-Tech Ways to Fight Ad Fraud

In my previous post, "How Ad Fraud Messes Up Measurement," I talked about scenarios in which advertisers are inadvertently sending more money to the bad guys who are committing ad fraud. For example, advertisers optimizing for higher click-through rates (CTRs) might allocate more budget to bad guys’ sites, which use bots to create higher CTRs with fake clicks. Advertisers may also spend more ad dollars for higher viewability sites, not knowing that bad guys easily cheat and make their ads appear to be 100% viewable by stacking them all above the fold. 

Advertisers might think they need advanced technology solutions to detect and fight ad fraud. And yes, there are certain circumstances when attacks are so pernicious that advanced technology is needed. However, there are low-tech and no-tech tactics that advertisers can use to uncover and stop ad fraud that is still very widespread. 

Let’s start with the no-tech way. This starts with looking at your own analytics more closely and identifying the telltale signs of foul play. Fraud hides easily in averages, so for this to work, you need line item details. Once you can see every line item -- like where your ads were placed or what sites are sending you traffic -- then suspicious activities become obvious. 

For example, when referring sites send you lots of visits that have 100% bounce rates, you know those visitors are not useful to you. Or a large number of different sites each send you exactly the same amount of traffic per month, or exactly the same number of pages per visit. it's easy to see that this is the handiwork of bots, which are programmed to create traffic at specific quantities per hour or day, like “hit this Web site 10,000 times an hour."

In your analytics, you may also see “rectangular traffic patterns.” This is a bot “traffic firehose” being turned on and then turned off. Look for the sources of this kind of pattern and blacklist them. Also, humans sleep a night -- so you should see lower traffic between 2 a.m. and  5 a.m.. If you see traffic sources sending you lots of traffic in the wee hours of the morning, look into that. It’s probably not humans. 

Then there are sites that show 100% CTRs on ads in paid search campaigns. No matter how optimistic you are, those CTRs are not real; they are from greedy bad guys that program their bots to click on every ad, so they steal the CPC ad revenue. 

Bottom line is, insist on line item details in your analytics, and look closely at them yourself. Don’t assume someone else looked at them carefully enough to weed out the fraud for you. Anything that is too high or too low or otherwise suspicious should be investigated more thoroughly

I typically look at the metrics from organic search to get a sense of what is normal, human behavior on a particular site. Then I compare the metrics from other sources against these benchmarks to see if anything deviates too widely from these. If they do, I investigate them further.

Low-Tech Ways to Fight Ad Fraud

When those obvious forms of fraud and waste are minimized, then we can step up to the next level and use some additional technology to help detect useless traffic.

For example, while analytics platforms report the number of users that come to your site, it usually takes more digging to reveal where those visits came from -- for example, from data centers. Sometimes you might see this as a high concentration of traffic coming from cities like Ashburn, Va. or Boardman, Mt. (the middle of cattle ranch country). If you knew that these were the locations of large Amazon cloud data centers, then it becomes obvious that these visits are from bots, and not humans. Humans, after all, don’t access the Internet through data centers. They use cable modems, DSL providers or wireless carriers.

When you see data center traffic, you can add some code to your own Web servers to filter out this traffic, or you can pay for third-party services that do this for you. These technology services can also help you defend against over-frequency (a user hitting your site 1,000 times a minute -- which can’t be a human) or DDoS (distributed denial-of-service) attacks that overwhelm a site with traffic.

So, use advanced tech to help you detect and fight fraud when you need to. But be sure to also look into low-cost or no-cost actions you can take  to reveal obvious fraud and reduce its impact on your ad budgets right away.

Next story loading loading..