Let’s face it, Ad fraud, in general, has become an increasingly frequent, large scale, digital marketing industry issue. Although it can easily be resolved, it is still highly present, especially in the form of invalid traffic. Without quality traffic, it is virtually impossible to monetize through any available platform. So aiming at Organic Traffic is what all publishers should strive for. Today’s guide will strictly focus on explaining, recognizing, detecting, and blocking Invalid traffic.

Let’s start with the basics.

What is Invalid Traffic?

According to official Google Ads reports; We can define Invalid traffic as an activity that does not come from a real user with genuine interests. Invalid traffic can manifest itself through many forms such as:

  • accidental clicks caused by invasive ad integration,
  •  many factors cause fraudulent clicking, but generally, it refers to competing advertisers that generate fraud clicks through click bots, bot farming or perhaps through software that generates fake traffic.
  • Through advertising bots.

If we look through the prism of Google AdSense, we can define invalid traffic as an artificial inflation of publisher ad revenue. That particular fraudulent activity is done either through bots or through encouragement of both ad clicks and accidental clicks. Such activities completely violate AdSense TOS and generally lead to Publishers being banned.

An illustration of General Invalid Traffic vs Sophisticated Invalid Traffic

However, invalid traffic exists only in its two main forms:

  1. GIVT(General Invalid Traffic)
  2. SIVT(Sophisticated Invalid Traffic)

Defining General Invalid Traffic

General invalid traffic is a classification of IVT that refers to traffic that is identified through routine filtrations. Whether it be application lists or standardized parameter checks, this type of invalid traffic is considered as easily identifiable. 

General Invalid Traffic includes bots, spiders, search engine crawlers, as well as traffic from IP addresses that generate non-human traffic. GIVT can also include activity-based filtrations through campaign data; and browsers that pre-render pages. However, GIVT is still generally easily identifiable and even easier to filter out.

Defining Sophisticated Invalid Traffic

Sophisticated Invalid Traffic is comprised of fraudulent bots and scripts that initiate various types of illegal activities. The Media Rating Council defines this as traffic that; consists of more difficult to detect circumstances that require advanced analytics, multi-point coordination as well as significant human intervention.

Detecting Sophisticated Invalid Traffic surpasses simple patterns and behavioral matching techniques used for GIVT. Ultimately, Sophisticated Invalid Traffic requires a considerable amount of advanced statistical analysis in an attempt to differentiate fraudulent and genuine activities.

SIVT typology includes:

  • Bots impersonating human visitors
  • Hijacked Devices in which non-user ad requests are made, along with hijacked ad tags and creatives
  • Invalid proxy traffic
  • Malware, adware, and similar threats
  • Analytics manipulation through bots
  • Misrepresentation of sites and ad impressions as well as data manipulation
  • Cookie manipulation through stuffing, stacking, and harvesting
  • False location data

Cookie Stuffing

This particular type of SIVT includes insertion, deletion, or misattribution of cookies in an attempt to manipulate prior user activity. We can also name this particular activity as: “Cookie Dropping”. Cookie Dropping includes fraudulent manipulation of visitor cookies in order to disguise actual user cookies.

Cookie stuffing can potentially generate invalid affiliate income for the cookie stuffer himself through overwriting legitimate affiliate cookies. Website visitors may receive third party cookies from websites that are completely unrelated to the website they visited; without actually realizing it happened.

Should a visitor enter a targeted website while completing transactions or making purchases, then cookie stuffers earn illegal commissions; ultimately depriving the legitimate affiliate of his earned commission.

Invalid Proxy Traffic

According to the Media Rating Council, we can define invalid proxy traffic as; intermediary proxy devices that exist to manipulate traffic counts to create non-human traffic that fails to meet protocol validations.  Invalid proxies may be used to steer bot traffic originating from data centers in an attempt to hide its actual purpose.

Bots impersonating human visitors

Bots, spiders, and other crawlers are a clear representation of non-human activity on the web. In some circumstances, we can interpret these bots as good, but only because they classify as GIVT. However, bad bots, spiders and crawlers are classified as SIVT and unlike good crawlers, they use standard browser identifiers.

Should a crawler use standard browser identifiers that specifically means that he is trying to impersonate human visitors. Web crawlers might represent a page load speed testing method; however, in many cases, it’s used to present invalid impression quantities. In order to identify and track non-human crawlers, a sophisticated analysis is what’s necessary.

Hijacked devices, user sessions, ad tags, and creatives

This is a specific form of SIVT where malware attempts to manipulate the device into faking real organic traffic. What this basically means is that illegitimate activity is generated from a legitimate device. For example, a malware hijacks a mobile device to generate invalid traffic.

False location data

It’s a well-known fact that marketers use geolocation to enhance targeting. However, location data can be fake in an attempt to generate illegal revenue. We can see a clear example of that through GPS opt-in, Ipp address or WIFI access points.

Location data is purposely altered during ad transactions to stimulate illegal revenue. Such traffic is almost immediately flagged as fraud.

Malware, adware, and similar threats

We define Malware as malicious software which is installed on a user’s machine with or without their consent. Adware, on the other hand; is content which attempts to install malware on the user’s machine hidden behind what appears to be a legitimate ad.

Installed Malware has numerous roles. However, in the advertising world, malware hijacks the user’s computer in an attempt to simulate legitimate activity to hide the fraud itself.

How do you detect & block invalid traffic

Despite the fact that invalid traffic and ad frauds are a high risk to publisher ad revenues; Google is unfortunately not very clear on how to deal with this particular situation. They usually provide publishers with generic propositions such as precaution in terms of traffic sources and tracking Google Analytics.

However, these propositions are almost always futile. Why you ask? Simply because IVT comes from sources that Publishers do not even intend to facilitate. Google did provide publishers with guidelines. On the other hand, it did not provide them with means to tackle unintended traffic sources. Consequentially, this leaves Publishers in a very sensitive environment where they’re forced to constantly analyze and double-check their data.

Many solutions provided to publishers simply provide them with ad fraud reports after the whole process is complete. Sorry to break it to you, but at that point, it’s obviously too late. The only real solution is restricting ads from invalid traffic serving to prevent network ad bans and revenue losses.

MonadPlug is highly strict in terms of ad fraud and Invalid Traffic. Therefore, we have prepared a set of measures you should take into consideration if you fear you might be experiencing this:

Know your Users

With enough knowledge and experience, you can easily recognize audience discrepancies through Google Analytics. Focus your attention on sudden fluctuations in user quantity, or perhaps behavior you deem suspicious.  Metrics such as average session duration and page scroll depth can also be a very good indicator in this situation. For example, 1-second visits combined with less than 10% page scroll indicates bot traffic presence.

Avoid Clicking on your own Ads

Never engage in such behavior. IP address monitoring can easily recognize ad clicks that are generated by publishers themselves. The sole purpose of the advertisement itself is to gain conversions through genuine user clicks, not your own.

Vet your traffic by a third-party

There are many methods that companies use for ad fraud detection. Such companies aim at combatting invalid traffic, just make sure that they are accredited by the Media Rating Council. Should you choose to do this, companies like WhiteOps and Pixalate will most certainly eliminate non-human traffic. Furthermore, through these same companies, you can protect yourself from different fraud types such as; domain spoofing, ad injection as well as ad visibility.

Was this helpful? Is there something you would add? Enjoying the content? Make sure you follow MonadPlug for more!

Beginners Guide: How to recognize Invalid Traffic
Article Name
Beginners Guide: How to recognize Invalid Traffic
Publisher Name
Publisher Logo