Six Best Practices to Prevent Ad Fraud

Six Best Practices to Prevent Ad Fraud

Prevent Ad Fraud

There is a noticeable disconnect between economic growth in the US and the country’s annual ad spending, and experts have pointed to ad fraud as being one of the causes. For this reason, companies should employ best practices to prevent ad fraud in order to save money and see desirable results.

In 2017 the total ad spending in the US amounted to $200 billion, around $72 billion of which was on digital ads. However, the US economy was still lackluster. This is also a reflection of the global economy — there are billions to trillions of ad spending that should translate to a significant improvement in the economy, but didn’t. Ad fraud is seen to be a major factor in this inconsistency.

Advertisers are, of course, the most affected in the prevalence of ad fraud. Juniper Research estimates that advertisers lose $51 million a day to ad fraud. In 2018 alone, $19 billion of ad spend was wasted because of this crime.

Before I discuss some of the best practices in preventing ad fraud, let’s get acquainted with the common types of ad fraud first. This way, you will know what you are dealing with and avoiding it will be much easier. 


Ad fraud is committed when agencies employ bots to increase ad click through rate, create fake traffic to the ads, and deliver ads to consumers without them knowing it. This is the simplest definition of ad fraud, although we will discover a lot of other methods in which it can be committed if we delve deeper into the subject.

Brands and marketers should be familiar with common ad frauds so you will know how to go about preventing it. Here are some types of ad frauds that are prevalent today:


Mobile fraud is increasingly being committed, as mobile usage also increase. As a matter of fact, there were 150 million of this type of fraud committed in just the first half of 2018. This is according to research conducted by ThreatMatrix, which said that there is about 24% increase in mobile fraud each year.

Mobile fraud is done by injecting malicious software into the users’ mobile devices. This software will then create fake installations of apps, which in turn make the app’s install rate skyrocket, although the majority of the installations are low quality and do not have any value to the advertiser. 


Bots emulate a site visitor’s actions on an advertiser’s website in order to increase impression rate. The clicks are not from a real person, but it will seem like it and thus will be counted towards ad impression. This fraud is made possible by:

Executing bots within a data center run by the fraudster.

Injecting viruses on people’s devices that will crawl advertisers’ websites and imitate users’ behavior. 

A glaring research has found that in some ad campaigns, 77% of the clicks are from bots or other fraudulent means.


Credits : Infogram.com


When a customer is about to make a purchase, ad fraudsters use the customer’s first click or last click before the actual purchase. What they do is that they stuff clicks using the customer’s personal details so the clicks will look real and authentic. 


Fraudsters have found a way to play ads automatically in the background without the user’s permission and knowledge. As content marketing continues to shift towards videos, more methods to commit video ad fraud will eventually crop up. 


20% of video play from TV had been flagged as fraudulent, as seen in the Infogram report above. Marketers must be aware and up to date to prevent this fraud.


By the name itself, ads are made invisible on the website using several techniques, but the impressions will still be reported and the publishers still earn. The most common method in committing this fraud is by displaying ads in 1x1 pixel frames, making them too small for the human eye.


Attackers can disguise their websites as legitimate premium websites, but when a user clicks on a link,  a malware is injected in the browser. This malware takes over the ad tags and injects ads in the user’s browsers, no matter what website they visit. 


Since advertisers can detect bots, attackers employ the cheap services of real people to click on ads. The clicks will be counted towards CTR, and won’t be flagged since they are from real humans. However, advertisers won’t earn from these people, but they still pay the attacker.


Ad fraud adversely affects advertisers, and even the global economy, which is why Google took steps to fight it as early as 2015. Large brands such as Financial Times, P&G, and Unilever have also taken notable actions to combat fraud and they even reduced their budget for ads to show how serious they are. 

Proctor and Gamble, for instance, cut their budget by $750 million in 2017 and ended its contract with almost half of its advertising agencies because of ad fraud. This drives home a very important point: If global companies like P&G and Unilever are taking steps to prevent ad fraud, small and medium sized enterprises should all the more do everything they can to fight this crime. 

Google had also taken the initiative to refund advertisers the portion of their ad spend that went to ad fraud, although 80% of digital marketers didn’t know this, according to a research by FraudIt.


Credits : Infogram.com

As an advocate of the free web where every user — individual and entity alike — should be safe and secure, I have researched some best practices that every brand owner and marketer should employ to prevent ad fraud. 


The most basic practice to prevent fraud is to know your numbers well. As a digital marketer, you have to know your normal statistics so that you will notice at once when there are numbers that are way beyond normal.

Take note of the following outliers that are associated with ad fraud:

High bounce rate, low time on-site, and low scores on other engagement metrics.

Unusually high CTRs for AdWords campaigns

Uncommonly high traffic isolated only to the web pages where you have bought ads.

The glaring need for digital marketers to use analytics tools like Google Analytics is once again emphasized, but this time it is to combat ad fraud. 


Manual monitoring can be done to detect ad click fraud, but it requires a lot of manpower hours. Let’s say that you pay people to manually monitor and analyze all click through data. You would have to ensure that someone is manning the project 24/7, which translates to 168 hours a week or 744 hours a month. That’s a lot of manpower hours and labor cost!

You can do away with this when you automate the analysis and monitoring of ad clicks by using software applications like ClickCease, Fraud Logix,  and PPC Protect. 

Fraudsters have used technology to commit ad fraud for several years, and you should know that digital marketers can also use technology to track and prevent them from getting your hard-earned money. 

These software products can automatically detect malicious software, bots, and even manual click frauds. They can automatically hide your ads from fraudsters, whether bots or humans. Aside from these features, anti click fraud software also has reporting capabilities so you will know all fraudulent clicks and the methods by which the are done, all in one glance. 


Ad verification companies like WhiteOps and DoubleVerify can check ad placement and can customize your ads so that bot clicks can be detected. There are companies that find it necessary not to rely on only one third-party verifiers to make the findings more reliable. They employ multiple auditors.

Whether you use ad verification scripts or employ the services of third-party verifiers, a challenge for any ad verification process is the IP blocking done by fraudsters. When these people detect that somebody is monitoring them, they will prevent you from visiting their websites again by blocking your IP address. 

To effectively combat ad fraud, marketers and ad verification companies use proxy servers. Proxy servers help companies prevent IP blocking and at the same time mask their real identity so that fraudsters won’t know that the traffic is from ad verification. 


You can identify fake websites that are getting money from your ad spend by following these steps:

Login to Adwords and go to the Display Network.

Click on the Placements tab.

Check for outliers such as those listed above including uncommonly high conversion rates, high ad positions without clicks, high costs per click, and unparallel number of clicks and impressions. 

Once you identify the outliers, check the website associated with them, and determine if they are fake or not. 

You can then add these fake websites to your exclusion list so your ads won’t be shown there. Under the Display Network tab, look for the “Add campaign exclusions” and select “Placement.”

How do you know if the website is fake? There are obvious signs which include too many ads per page, very few web pages, and very few content. Along with these, if the domain is newly registered, that’s another sign that the site is fake. 


The best practice we discussed which involved identifying fake websites and adding them to an exclusion list is suitable if you manage just a few display websites. However, if you are managing more than 500 display websites already, it can become quite tedious to check for ad fraud one by one. 

A good alternative is to specify the websites where you want your ads to be placed. You can choose verified, or if possible, premium websites and create a whitelist. If you have time, you can check out this comprehensive video on how to target websites using Google Display Network campaigns so you can learn more:

In your Adwords account, go to Display Network > Targeting > Placement > Add Multiple Placements and mark the radio button that says, “Target and Bid” so your ads will be shown only on the websites on your whitelist. 

You also need to unmark the “Let Adwords automatically find new customers” button so Adwords will not automatically place your ads anywhere else. 


Google has definitely stepped up its game to combat ad fraud, so you will notice several features and functionalities available on Google Adwords. For instance, you’ll see “IP exclusions” when you go to the Advanced Settings page of a specific campaign.

This feature is very useful so you can block IP addresses you suspect of committing ad fraud from seeing your ads. Excluding IP addresses help prevent click farms, or those low-wage workers that are paid to manually click on ads. This type of ad fraud can get away from anti click fraud software, so excluding their IP addresses is an effective measure. 

First, you need to get the IP log of your website by searching for your web host’s IP log on Google. 

You can then extract the data to Excel where you can use pivot tables to know the frequency at which an IP address visits in a day. You can learn about pivot tables in the video below:

If an IP address appears more than ten times in an hour, that’s already suspicious.

You can further validate the IP address by going to InfoByIP.com so you can see the physical location.

Important note: Do not exclude IP addresses from libraries and schools since click farms do not dwell in these places. 

If your ad campaign is targeted to selected countries only, you can prevent ad fraud by specifying these countries and adding geographical locations to an exclusions list.  In your Adwords account, go to Campaign > Settings and edit Locations. Under the Locations Settings, click on Advanced Search > Bulk Locations. Here, you can specify as many as 1,000 locations to be excluded in your ad campaign.


Ad fraud is a nuisance not only to the e-commerce and advertising industry but also to any country’s economy as a whole. However, it is a nuisance that is hard to shake off since fraudsters seem to find newer methods to commit ad fraud. As brand owners and digital marketers, this doesn’t mean we have no choice but to accept that part of our ad spend will have to go to fraudsters. 

Following the example of leaders like Google, Unilever, and P&G, let’s take the necessary actions to prevent ad fraud. You can start with these five best practices and add other methods along the way, depending on your own findings and needs. To recap, these are the five best practices for preventing ad fraud:

  • Know your numbers and identify outliers
  • Use an anti click fraud software
  • Use ad verification tools
  • Identify fake websites
  • Place ads on verified websites only
  • Exclude IP addresses and geographical locations

Remember that the last method can also be done by fraudsters to you, especially when you fight ad fraud using ad verification scripts. They can also block your IP address, so make sure to protect yourself by using a proxy service.

Post Quick Links

Jump straight to the section of the post you want to read:


    About the author

    Rachael Chapman

    A Complete Gamer and a Tech Geek. Brings out all her thoughts and Love in Writing Techie Blogs.

    Icon NextPrevTop 10 Mobile App Ad Networks for Publishers in 2019
    NextHow social media proxies can help manage several social media accounts?Icon Prev

    Ready to get started?