Last updated: 14 July 2025

If you’ve noticed unusually high e-mail open rates or clicks on your e-mail links, you’re not imagining things. Bots are often behind this - but why?

What is click fraud?

Click fraud is a sophisticated scam where criminals use bots to generate fake clicks on online ads, draining advertisers’ budgets and producing bogus leads. These bots mimic human behavior to trick advertising networks into treating the traffic as genuine, costing businesses billions every year.

Fraudsters create websites with copied or unoriginal content and open publisher accounts with ad networks like Google Ads or Microsoft Ads. Instead of waiting for real visitors, they deploy bots that simulate searching for high-value keywords and clicking ads to earn revenue.

A typical click fraud process

  1. A fraudster creates a website with copied blog posts or generic content and adds a search box.
  2. They open a publisher account with an advertising network to place ads on their site.
  3. Ads related to lucrative keywords (e.g., “New York lawyer”) appear in search results on the fraudulent site.
  4. A programmer builds bots that use residential and cellphone proxies (for unique IPs) and advanced bot frameworks to mimic real visitors.
  5. Bots visit the site, perform keyword searches, and click on ads.
  6. Bots also submit fake conversions - such as filling out lead forms, creating accounts, or adding items to carts - to fool ad networks into thinking the traffic is high quality.
  7. This process is repeated thousands of times daily, generating significant revenue for criminals and losses for advertisers.

Why do bots create fake conversions?

Because bots never actually buy anything, their traffic risks being flagged as low quality by ad networks. To avoid this, bots submit fake leads or actions that appear as legitimate conversions, tricking networks into continuing to send traffic their way.

Why are scammers receiving marketing e-mails?

One common fake conversion is account creation on advertiser websites. When an account is made, a confirmation e-mail is sent to verify the address - which must be opened and clicked to activate the account.

Criminals program bots to open these confirmation e-mails and click links en masse, ensuring accounts are verified automatically.

Why are bots opening marketing e-mails?

A major reason bots open your marketing e-mails and click on links is because “good” bots, employed by e-mail providers, scan every incoming e-mail to check for phishing scams, viruses, and other security threats. These security bots open e-mails and click links to ensure the content is safe before delivering it to recipients.

There is also another reason bots open your e-mails, though at a much lower rate: click fraud bots. These bots are linked to scammers who create fake accounts and sign up for your marketing newsletters. Programmed to open every e-mail and click on links, these fraudulent bots inflate open and click rates, making it appear as if your campaigns are more successful than they actually are.

From an advertiser’s perspective, this activity can be misleading. Polygraph’s research estimates that about 5% of marketing e-mail opens are caused by click fraud bots, distorting your campaign analytics and making it harder to gauge true audience engagement.

Why does this matter?

Many marketers report frustration when their e-mail open rates and click rates seem unusually high - sometimes 90% open rates and 100% clicks - but they cannot tell whether these interactions are from humans or bots. This uncertainty leads to unreliable analytics and misguided marketing decisions.

How does Polygraph help?

Polygraph detects and blocks click fraud bots, protecting your ad budget, stopping fake account sign ups, bogus newsletter subscribers, and improving your campaign accuracy. We can also identify bot activity in your marketing e-mail engagement, helping you understand the true effectiveness of your e-mail campaigns.

For example, if you had 5,000 link clicks from an e-mail campaign, Polygraph might show that 4,000 were from bots - and we can differentiate between “good” security bots and click fraud bots, allowing you to see how many of your e-mail opens are actually caused by fraudulent activity. This means only 1,000 real people visited your website after clicking your e-mail.

In summary

Bots opening your e-mails and clicking links is a widespread problem that skews analytics and wastes marketing resources. Understanding why bots behave this way - and using tools like Polygraph to filter them out - is key to getting real insights and improving your e-mail marketing success.