There are various types of click fraud in online advertising. One form involves competitors clicking on your Pay Per Click ads. They do this to waste your budget on worthless clicks, discouraging you from continuing to advertise online. With typical per-click charges ranging from a few dollars to tens of dollars, it doesn’t take long to burn someone’s daily budget and take their ads off the air.
While both Google AdWords and Microsoft adCenter claim to refund charges for “suspicious” clicks, we have seen instances where consistent clicking by competitors has required manual requests for refunds. Both platforms allow IP address blocking of ads. Let’s review how this works to understand what can (and can’t) be accomplished with IP address blocking.
Every device browsing the web presents an IP address (for example 22.214.171.124) detectable by the site they are visiting. If you’re at home or work for a small company, your IP address is probably assigned dynamically (changes from time to time) by your Internet Service Provider (ISP). If you work for a medium to large company, your IP address might be a static (unchanging) IP that’s assigned to your company. If you’re on a network, your router assigns IP addresses to all internally connected devices. These “local” IPs typically begin with 192.168 and are generally not visible to the outside world. But all of these devices will present the same IP address to external sites.
A free and easy way to see what IP address you are presenting to the outside world is to visit the website www.whatismyip.com.
Not only does every user connected to the Internet have an IP address, but every website has an IP address as well. Some websites have a unique, dedicated IP address, but it’s also common to find multiple websites sharing one IP address because website hosting is typically cheaper with a shared IP address.
Larger companies are more likely to have one static IP address or an IP address range and host their own website. In this case, you can perform a reverse-lookup of the website to determine its IP address and then block this IP address in your AdWords or adCenter account. Once that’s done, if the people in that company present the same IP address as the website, then they will not see your ads. Of course, if they can’t see them, they can’t click on them.
Many companies do not host their own websites. For example, here at Market Vantage, we host our site with a large web hosting company called Hostgator. Our site does have a dedicated IP address, 126.96.36.199. If you type this IP address into your browser, you will see our website come up. But if you block this IP address in your AdWords or adCenter account, we will still see your ads because our company uses a local ISP and we present a completely different IP address when we’re surfing the web or sending email. You would need to block our ISP-assigned IP address in AdWords and adCenter to block us from seeing your ads.
Unfortunately, while there are reverse lookup tools that can give you the IP address of a website, for example, http://www.networksolutions.com/whois/index.jsp, determining the network IP address of a company is not so easy. If you receive an email from a person within the company, you can find their IP address in the expanded header of their email. Their IP address is also readable by your webserver when they visit your site, including when they visit your site via an ad click. But anyone who takes their laptop to Starbucks or the public library will temporarily be assigned a completely different IP address.
While it would be nice to preemptively block all possible fraudulent clicks, we have found that the most effective way to use IP address blocking against unwanted clicks requires that you first detect repeated unwanted clicks. Most of your competitors probably won’t be engaging in this form of sabotage anyway, so blocking your ads from all of them is a waste of time. You need to block the repeat offenders. If you have the right tool, this is fairly easy to do.
You can subscribe to a service like Google Attribution. You can also use a general-purpose web analytics tool that reports on individual visitors. Note that Google Analytics does not do this and therefore is of no use in detecting fraudulent clicks from competitors. IVA, on the other hand, does provide click fraud detection. It will send you an email detailing the suspicious activity after a user-definable threshold (for example, 3 or more clicks) has been exceeded. You can simply forward this email to a Google or Microsoft account rep to request a refund.
To view a demo of IVA’s click fraud detection, visit our Web Analytics page and click the link for the “demo of IVA Web Analytics.” Then in the left menu, under Campaigns, choose Click Fraud > Repeat Clicks. This tool offers a rich assortment of ways to be alerted for various suspicious activity via email or on-screen reports.
Both will show you the IP address of the offender. Copy that IP address and paste it into the exclusion list on AdWords or adCenter and you can sleep better knowing that your money will henceforth be going toward bringing prospects, not competitors, to your website.