How to prevent click fraud?

April 8, 2022 ∙ 5 minute read

Click fraud is a massive problem, and is costing some advertisers up to 80% of their ad budgets. In this article we will explain what is click fraud, how criminals earn money from click fraud, and then discuss two strategies for preventing fake clicks on your ads.

What is click fraud?

There are three main players when it comes to online advertising: the advertisers, the publishers, and the ad networks. Advertisers pay money to have their ads displayed online, publishers earn money from displaying other people's ads on their websites, and ad networks sit in the middle, taking money from the advertisers and sharing it with the publishers.

Advertisers usually have to pay a small amount of money to an ad network every time someone clicks on one of their ads. For example, a flower store in New York might pay Google Ads $3 every time someone clicks on their "Buy Flowers Online In New York" ad. If the click happens on a website run by a publisher, Google Ads will share the $3 with them, typically in a 60/40 split, with the majority going to the publisher.

This business model has caught the attention of criminals, and they've realised they can make thousands of dollars per day by posing as legitimate publishers and repeatedly clicking on the ads displayed on their websites. These fake clicks are known as click fraud (or ad fraud), and they're costing advertisers billions of dollars every year.

You can read more about click fraud in our in-depth article What is click fraud?

How do criminals earn money from click fraud?

Criminals open publisher accounts at the ad networks, and use those accounts to display other people's ads on their websites. They then click on the ads to earn income. If the criminal repeatedly clicked on the ads using their home computers, the ad networks would detect this, and their account might be closed, so instead they use technology and trickery to make the clicks appear as if they come from real website visitors.

There are a number of ways to generate fake clicks, but a common one is to use bots (computer programs posing as humans) to visit the criminals' websites and click on the ads. Typically the bots will be running on a server, but their traffic will be routed through "residential proxies" (innocent people's computers) to make the clicks look like they come from real people. This may sound complicated, but it's easy to find bot creators and residential proxy services using a google search.

The bots visit the criminals' websites tens of thousands of times per day, and occasionally click on the ads. By keeping the number of clicks low (roughly 5% of visits will result in a click), they maintain the facade that these are real people visiting the website.

Every time there is a click on an ad, the ad network charges the advertiser, and transfers a portion of the money to the criminal.

Click fraudsters usually have multiple websites displaying ads, so the amount of money being stolen from advertisers is huge.

Why aren't ad networks detecting click fraud?

Some ad networks, such as Google Ads, do make an effort to detect click fraud, however most ad networks do a poor job. A cynical person might say this is because they aren't incentivized to detect click fraud, as they also get paid every time there's a fake click. More likely, it's because detecting click fraud is not their main business, and their operations team are focussed on maintaining the performance and reliability of the ad network.

Polygraph monitors multiple click fraud gangs, so we understand the techniques they use to generate fake clicks. Our company's entire focus is click fraud detection and prevention, so we can protect your ads from fake clicks. Try Polygraph today, free of charge, no credit card required.

A simple way to prevent click fraud

Since Google Ads makes the most effort to detect click fraud, you should limit your advertising to Google Ads only. Additionally, as a Google Ads advertiser, you can choose to display your ads on the Google Search Network (within the Google search results) or on the Google Display Network (on publisher websites). If you restrict your ads to appear on the Google Search Network only, your ads will no longer appear on any publisher websites, meaning the click fraud gangs will no longer see nor click on your ads. The downside is legitimate publisher websites won't be able to display your ads either, so you will lose out on valid clicks, and as a result, lower your sales.

To display your ads on the Google Search Network only, follow the steps below:

  1. From within your Google Ads account, choose a campaign and click on Settings.
  2. Click on Networks.
  3. Uncheck Include Google search partners and Include Google Display Network.
  4. Click Save.

Your ads will now only display within Google's search results, and will no longer be a source of income for the click fraud gangs.

The best way to prevent click fraud

The problem with limiting your ads to Google's search results is you're losing a lot of potential customers who may discover your business through an advert displayed on a legitimate publisher website. A better solution is to continue advertising on publisher websites, but use a click fraud detection service like Polygraph to monitor your ads for fake clicks.

Polygraph tackles click fraud from multiple angles, using the criminals' own playbook to defend our customers from fake clicks.

First, we tell you which of your ad keywords are high risk. We do this by analyzing which ad keywords are being targeted by the click fraud gangs (the ad keywords they target are not random), and then warn you if you're using any of those keywords in your ad campaigns. You can then decide if you want to remove those keywords from your campaigns, which will greatly reduce your risk of click fraud, or continue using them and price the fraud into your product.

Second, we block active click fraud bots and bot proxies from being able to see your Google Ads' ads, further reducing the risk of your ads appearing on criminal websites.

Third, we list the scam websites which are responsible for the fake clicks on your ads. You can then block these click fraud websites from being able to display or click on your ads. This greatly reduces your risk of future click fraud.

We also give you the details of every fake click you've received (who, when, where, how), so you can get refunds from the ad networks. This isn't a prevention strategy, but at least you can hold the ad networks accountable and get them to return your wasted ad spend.


Click fraud is costing you money, and it's a mistake to rely on the ad networks to protect you. If you limit your advertising to Google's search results only (exclude publisher websites from displaying your ads), you will greatly reduce the amount of click fraud you receive. However, you're also going to lose out on sales, as legitimate publishers can no longer advertise your business to potential customers.

The best solution is to continue advertising across the internet while using a click fraud detection service like Polygraph to ensure your risk is minimized. Polygraph helps you avoid click fraud by giving you insights into which of your ad keywords are being targeted by criminals, and prevents active bots and bot proxies from seeing or clicking on your Google Ads' ads.

Try Polygraph today, free of charge.