What is this click fraud that is costing Google billions?

Search-based Internet marketing is a huge business. It makes search engines money; it makes Web sites hosting search-engine ad results money; and it makes advertisers money when someone finds them through a search. But it's not the old "Put my banner ad here" type of advertising — it's a web of multi-step transactions. So to understand why click fraud is such a big problem — it reportedly costs Google about $1 billion in lost revenue annually, and it can run a small-time advertiser out of business — it's helpful to have a basic understanding of how this type of advertising works.

First, when an ad shows up with Google search results, it's because that advertiser has purchased the word or phrase you typed into the search box. So if you're looking for, say, a new computer, and you type "computer" into Google's search field, the ads that appear at the top and to the right of your search results are paying to be associated with the keyword "computer."

If you click on one of those company's ads, Google charges that company for the click. It's a cost-per-click (CPC) system, and some clicks cost more than others. Different keywords sell for different amounts based on their value. "Computer," for instance, is probably a high-value keyword. Lots of people are searching for it, and people who click on an ad associated with "computer" are probably considering a high-cost purchase. A "computer" advertiser could be paying Google, say, $40 per click, whereas a company that purchases the keyword "llama" might only pay 5 cents per click.

That's the basic setup. Things get a little bit more complicated when second-tier publishers enter the picture. The publisher of the ad is the actual Web site where the ad is showing up. Sometimes Google is the publisher; sometimes it's not. HowStuffWorks is a second-tier publisher. When you perform a search using the HowStuffWorks search engine, along with your HowStuffWorks results you also get a few "Sponsored Results" supplied by Google.

Google, its advertisers and its second-tier (or even third-tier) publishers make up Google's advertising networks. If someone clicks on a Google-provided ad that shows up in the HowStuffWorks search results for "computer," Google pays HowStuffWorks for that click, and the advertiser pays Google for that click. Next, learn about the different types of click fraud.

You may be starting to get an idea of why a person or a company would commit click fraud. Network click fraud is the most common type. When a company commits network click fraud, the idea is to fraudulently increase the money it makes as part of Google's ad network. If a partner publisher were to generate false clicks on an ad, it would get paid a lot more money by Google than if it relied solely on clicks by people actually interested in that ad.

And while it may seem like Google would profit from this type of ad fraud, too, because the advertiser would be paying Google for each of those fraudulent clicks, the overall results are actually bad for Google. Click fraud degrades the quality of its advertising network. The value of a network ultimately lies not only in its ability to generate ad views and clicks, but also in its ability to generate productive clicks. The more clicks that don't result in a sale or even an inquiry, the lower the quality of the network and the less Google can charge for its keywords. Google has filed at least one lawsuit against a partner publisher for alleged network click fraud.

The other main type of click fraud is more malicious. Competitor click fraud targets a specific company's ads, generating false clicks in order to run up that company's Google marketing bill. The idea is to deplete a competing company's marketing budget. If we go back to our theoretical cost-per-click of $40, just 30 fraudulent clicks in one month — a single click a day — adds up to $1,200 flushed down the toilet. None of those clicks even had the potential to result in a sale. For a small business with a limited marketing budget, $1,200 a month in click fraud could mean the end of its advertising ability or the end of the business entirely. If the scheme succeeds, the competing business wins the market by click fraud.

But Google has methods of detecting click fraud, and it doesn't charge advertisers for clicks it finds to be fraudulent. Google reports that it uses a three-step system to detect and identify click fraud: first, a set of automated filters looks at each click as it happens, checking for signs of fraud such as time and date patterns and IP address problems; next, a similar analysis happens offline, with both computers and actual people analyzing clicks to make sure they appear to be legitimate; and finally, if an advertiser reports suspected click fraud, Google investigates. According to Google's ad contract, if it finds the complaint to be legitimate, it reimburses the company for the bad clicks.

So how do you know if you're the victim of click fraud? Sometimes it's obvious — like a Google advertising bill that suddenly goes from $200 a month to $5,000 a month. But other times, it's more subtle. There are actually companies out there dedicated to detecting click fraud. A company can hire one to track all of its ad clicks, analyze IP addresses, and look for invalid clicks. In one case in precedent-setting case Oregon in 2004, Scott Hendison, who owned a Web-based insurance-consulting firm, suspected he was the victim of click fraud [source: Schwartz].

He investigated on his own and saw that a huge number of his ad clicks were coming from a single IP address. Hendison hired one of these companies to put an end to the abuse, which was costing him hundreds of dollars a month. The company confirmed the suspect IP address, provided data on who was doing the clicking, and set up Hendison's ad so that the next time the person with the offending IP address clicked on it, a Hendison-composed message popped up.

It said, "Stop, you weasel! I know who you are and have reported you to the proper authorities." One click later, the problem was solved. Hendison reported the issue to Google, and he says he was only reimbursed for 50 percent of the fraudulent clicks. The biggest click-fraud complaints against Google are that the company isn't properly reimbursing advertisers and it's not doing enough to identify bad clicks in the first place.

A lawsuit in 2005 also accused Google of hiding its click-fraud numbers from the public — thus, perhaps, the increasing attempts at transparency [source: CBS News]. In a February, the company reported that less than 10 percent of its advertising clicks were fraudulent, and that its detection system had caught almost all of them before advertisers were charged.

Google claims that only 0.02 percent of its system-validated ad clicks turn out to be fraudulent. It's the combination of reimbursing advertisers for that 0.02 percent and tossing out the nearly 10 percent of identified bad clicks that costs the company that reported $1 billion a year.

Click fraud presents a significant challenge to the world of search-based internet marketing, impacting advertisers, publishers, and the search engines themselves. As the internet marketing ecosystem relies heavily on the integrity of ad clicks to drive revenue and business growth, the prevalence of invalid clicks can distort the entire PPC advertising market. With estimates suggesting that click fraud costs Google around $1 billion annually and can even bankrupt small businesses, it's clear that more robust solutions are necessary.

Google's three-step system for detecting and neutralizing click fraud is a critical defense, but the persistence of fraudulent activities indicates that this battle is far from over. While technological advancements in detection are essential, the industry also needs increased transparency and better reimbursement practices to maintain advertiser trust. The complexity of click fraud, involving both networks, competitor, and click farms, requires continuous innovation and cooperation across the advertising network.

Ultimately, the fight against click fraud is an ongoing process. For internet marketing to remain a viable and effective business model, all stakeholders must remain vigilant and proactive in identifying and combating fraudulent activities. Only through these concerted efforts can the integrity of digital advertising be preserved, ensuring that clicks translate into genuine interest and potential sales, rather than merely inflating costs and distorting market dynamics.