• by Laurie Sullivan , Staff Writer, August 13, 2025

Advances in large language models (LLMs) are changing the way Google detects and fights against invalid traffic (IVT) and ad fraud in digital advertising that often manifests as clicks and impressions not generated by humans. 

By leveraging AI LLMs, the Ad Traffic Quality team with Google Research and Google DeepMind achieved a 40% reduction in IVT from deceptive or disruptive ads by combining machine learning tools with traditional backend data processing and analysis.

Through this automated and manual process, the technology can now precisely identify ad placements generating invalid behaviors.

Advertisers, agencies, and publishers depend on advertising to reach customers and support their businesses. To ensure a fair system, Google has advanced the technology through its teams of experts that work to prevent invalid activity and advertising fraud.

The process is not yet fully automated and continues to run extensive manual checks to ensure advertisers are not charged for IVT, even if an ad serves.

LLMs, which can analyze and identify advanced anomaly and pattern recognition, are probably one of the most advanced technologies to identify IVT, and it should not come as a surprise to anyone because LLMs can analyze various patterns and anomalies in ad campaign data.

The technology can identify pattern spikes, detect suspicious user behavior, unusual traffic sources, and other indicators of fraudulent or non-genuine activity. Continuously learning and adapting to new fraud tactics, AI would eventually teach itself how to detect changes and advancements in IVT.

Google has already this year battled a major botnet operation on internet-connected TV apps. In July, it took legal action against the BadBox 2.0 botnet.

The company filed a lawsuit in New York federal court against the botnet’s perpetrators. An earlier version was first identified in 2023. 

The botnet compromised more than 10 million uncertified devices running Android’s open-source software, which lacked Google’s security protections. Cybercriminals infected these devices with pre-installed malware and exploited them to conduct large-scale ad fraud and other digital crimes.

The malware ran in the background, mimicking human behavior to fake ad views, simulate website visits, and trigger hidden web browsers to visit ad-heavy gaming sites or click on real ads. It also directed revenue to fraudulent publishers.

The company’s Ad Traffic Quality team identified and acted against this threat, and we updated Google Play Protect, Android’s built-in malware and unwanted software protection, to automatically block BadBox-associated apps, Google described in a blog post.