Distinguishing a click fraudster from an indecisive shopper
When a suspect appears on your Bunting account you will see an itemised history of their click activity to your ad campaigns. Records in red text show that the visit began by clicking one of your paid ads, whereas records in green are via an entry point which hasn’t cost you any money – for example, entering your website address directly into their address bar, or clicking on an organic search link.
Distinguishing a genuine fraudster from an simple indecisive shopper can be difficult and rarely airtight. You have to be prepared to make a decision based on educated guesswork, before planning a solution to the problem. However there are some touch points that you can consider, which will help you decide whether a suspect is a genuine fraudsters, or simply an indecisive shopper.
How many times have they clicked your ads?
Most customers will make a decision to purchase a product, whether from you or a competitor, within a relatively short space of time, sometimes a matter of days or less. This is especially the case if the products you sell are relatively cheap (eg, DVDs), and/or of a functional, unemotional nature (eg: Fridge).
You should not only take into account the length of time it has taken them to make a decision, but also the frequency of their clicks during this period. If a suspect has spent the past 2 months clicking your ads on a near daily basis then it is far more likely they are a genuine click fraudster, than a suspect who has spent the same amount of time clicking your ads, but at a more leisurely rate of perhaps once or twice a week.
What are their search terms?
You can judge a lot by reviewing the suspect’s search terms, if the data is available in the reports. Search terms can be found in the column marked ‘Information’ on your suspect’s history record, preceded by the abbreviation ‘KW:’.
Most customers will know what type of product they want to buy, and will search using targeted terms about that subject. For example, if a genuine shopper wanting to buy a TV may use the terms ‘TVs’, ‘Plasma TVs’, ‘Cheap TVs’, ‘Televisions’ etc.
If, however, your suspect demonstrates a sporadic array of unrelated search terms, then this may be very suggestive of a click fraudster, for example: ‘TVs’, ‘Fridges’, ‘Washing Machines’, ‘Toasters’. In the latter example it is doubtful a genuine customer would be searching for so many products. So what is your suspect searching for? Do their search terms indicate a genuine interest in one type of product, or rather, an unnatural shopping pattern covering a wide spread of your ads.
Does their IP address change?
Within Bunting you can see every IP address used by each suspect on their itemised history table. In its most simple terms, an IP address is a sort of electronic fingerprint – a way of identifying one person from another.
The majority of people from have a dynamic IP address – an IP which changes regularly, sometimes as often as several times a day. If the IP address of your suspect changes regularly then this is common. If however the IP address never changes then this would suggest that the suspect has a Static IP address.
Static IP addresses are most often used by companies, who request them specifically for a variety of reasons. Someone clicking from a company computer could be a competitor at their place of work. It could also, however, be a genuine customer who just happens to be browsing at work (in which case, review the times in which they click to see if there’s an increase around, say, dinner time). However, generally you should remain more suspicious of suspects whose IP address does not change over time.
Also be aware of this; if an IP address changes at some points, but regularly reverts back to a previously used IP address then this could well suggest that the suspect is visiting your website from one location with a static IP address (such as from an office), but then from accessing your website at other times from another location (such as their home). Look for IP addresses which continually reappear over time to deduce whether a Static IP address is likely being used.
Advert clicks in quick succession
Are there any instances where your suspect has clicked on your ads several times in the space of just a minute or two? This is possibly the most obvious sign of click fraud. You should review each suspect’s entire ad click history to see if any instances of this take place. Most advertising portals, such as Google Adwords, are good at spotting these sort of clicks in quick succession, so if you do spot it then you will probably already have received a refund. However, this pattern can still be used to identify whether the suspect is likely to be a fraudster, in order to determine how to stop the less frequent clicks that you probably won’t receive that deserved refund for.
What are they entering on your site?
On the suspect’s visitor profile you can click the tab labelled ‘Submitted Data’ to see what the individual has been entering onto your website. Have they given any personally identifiable information, such as their name or email address? If so the visitor is more likely to be genuine. What have they been entering into your search bar, if anything? Use this data to help make an education decision on whether you believe the visitor to be a genuine click fraudster, or simply an indecisive customer.