Click fraud, a scam based on the highly profitable search advertising business, dipped in the first quarter after hitting an all-time high in the last three months of 2008.
The incidence of click fraud fell to 13.8 percent, down from 17.1 percent in last year’s fourth quarter and from 16.3 percent in 2008’s first quarter, according to the quarterly report by fraud monitoring company Click Forensics, released Thursday.
Click fraud happens when someone clicks on a pay-per-click (PPC) ad with malicious intent or by mistake.
For example, a competitor may click on a rival’s PPC ads in order to drive up their ad spending. Also, a publisher may click on PPC ads on its site to trigger more commissions. Click fraud also includes nonmalicious activity that nonetheless yields a click of little or no value to the advertiser, such as when someone clicks on an ad by mistake or two consecutive times.
While the use of botnets played a big part in click fraud activity late last year, the first quarter saw a significant increase in the use of scripted attacks by scammers, Click Forensics said.
This newly detected type of attack uses malicious Javascript programs that get triggered when an unsuspecting user visits a legitimate-looking Web page. Transparently to the user, the malicious programs launch “off-screen” fraudulent clicks. Users’ computers aren’t infected with any type of malware.
In addition, the incidence of click fraud continued to shift from search engine pages to third-party sites that carry search ads, because the scam is harder to detect in the latter.
Click Forensics attributed the drop in click fraud incidence to several factors, including an expected seasonal drop, a decline in scammers’ motivation due to lower per-click prices, and better detection and blocking by ad providers such as Google and Yahoo.
Click Forensics generates its quarterly click-fraud incidence report using its Click Fraud Index, which gathers data from more than 4,500 online advertisers and agencies that use ad services from all major search engines.
Click Forensics, which provides services to monitor ad campaigns for click fraud, has been publishing quarterly click-fraud incidence reports since April 2006.
Those reports often irk Google, which maintains that Click Forensics exaggerates the magnitude of the problem. Click fraud is a highly sensitive issue for Google, which generates most of its revenue from the type of online advertising affected by this problem.
In January, after Click Forensics said click fraud incidence had hit an all-time high in the fourth quarter of 2008, Google took issue with the report’s validity. “These estimates continue to count clicks Google does not charge to advertisers as fraudulent, so they are not actually click fraud estimates,” a Google spokeswoman said via e-mail at the time.
“Furthermore, their estimates have never reflected the invalid click rates we see at Google, which we have previously stated have remained in the range of less than 10 percent of all clicks every quarter since we launched AdWords in 2002,” she said.