According to Web analytics specialists Clicklab, as much as 50 per cent of pay-per-click (PPC) advertising could be susceptible to ‘click fraud’ – simulated click-throughs to online ads - and most advertisers are still unsure about how to address the issue.

In the final quarter of 2008, the Click Fraud Index, established by Click Forensics as the industry 'standard' in scoring and auditing traffic quality for the online advertising community, reached its highest ever point - at 17.1 per cent.

Simon Wajcenberg is CEO of Clash-Media, an online lead generation service. NMK caught up with him to get to the heart of the matter and find out what can be done.

What exactly is ‘click fraud’?

There are two elements of 'click fraud' and they depend on the type of situation. They both occur in scenarios where individual consumers or website owners can be rewarded for generating click-throughs or data submissions.

Click fraud in the traditional sense is where fraudsters will simulate click-throughs via tools like Google's AdSense. This will generate small amounts of revenue per click, which can be built up through fraudulent targeting.

The second type of click fraud occurs where organisations are generating a lead for a customer. This involves the capture of consumer data, including name, email address, telephone number and sometimes demographic qualification information. Here, fraudsters will enter bogus information into the data fields, usually on a serial basis, for example johnsmith1@hotmail, johnsmith2@hotmail.

Organisations pay anywhere from 10p/20p through to £1/£2 for every lead generated. Fraudsters cotton on to the most lucrative of these offers and either manually click through and submit bogus data or, more commonly, they set up an automated system. These ‘Botnets’ can generate thousands of clicks or date entries per hour, with the impression of being genuine consumers.

How widespread a practice is click fraud and where are the fraudsters coming from? Are they organised gangs or lone sharks?

Click fraud is not uncommon, but levels depend on how well policed the offers or lead generation paths are. Thankfully more and more data providers are taking these issues seriously and implementing quality control processes so that obviously fraudulent data is simply filtered out and the fraudsters cannot profit, which makes them give up!

It is difficult to say whether the fraudsters are organised gangs or not. There are more lucrative forms of online fraud – such as credit card and ‘Card Not Present’ fraud – which have backing from organised crime outfits. Click fraud can be set up by an individual and some lead generation providers will not police their offers very tightly.

Most academics and consultants who study online advertising estimate that 10-15 per cent of ad clicks are fake, representing roughly $1 billion in annual billings.

The level of fraud can vary greatly depending on how lucrative the value of each fraudulent click and how easy it is to generate. Some campaigns, if seriously targeted, can be afflicted with rates as high as 80 per cent of fraudulent data.

How does 'click fraud' work? Isn't it easily detectable by IP addresses frequently clicking on sites?

Many fraudsters will use different approaches to spoof IP addresses. They can either use IP generators that present a random IP address in place of the actual location of the computer. Alternatively, it is possible to piggy-back onto genuine web traffic and make it appear that every visitor has clicked through the link, when in reality they have not.

If a Botnet is set up to fill in data fields, it will use spoofed IP addresses, but they do leave trails in the data that they submit, which can be detected by a quality control system.

Who does this practice affect most? What can be done about it from a marketing manager's perspective?

Click fraud in all of its forms affects companies in the most competitive industries. Where leads are more coveted, their price is higher and so more lucrative for the fraudster.

In an ideal world, no-one will be affected by fraudulent activity because it will all be picked up before an organisation sees or uses the information, or is sent an invoice for it.

Unfortunately, because many data providers do not have sufficient fraud control measures in place, organisations rely on the information, dedicate resources to converting the leads only to find that it's false. Not only have they bought bad data, but they have unknowingly thrown good money after bad to follow up on it.

Most data providers will be understanding and rectify the cost of providing fraudulent data or charging for false clicks, but unless they can cut out the majority of fraudulent activity at the time of the fraud there will still be an impact on the organisation paying for the data. This puts a premium on organisations with the most effective quality control systems and the most transparent lead generation processes.

What can ISPs, search engines and governments do about the problem?

The only thing that can be done is a more rigorous monitoring of campaigns, banners and data collection mechanisms. If a search engine is responsible for providing click-throughs, then they need to have some form of IP verification that is not easily spoofed.

If the data provider is not a search engine, rather an affiliate network or online lead generation provider, then they need to have data verification and quality control solutions to ensure that data submitted is genuine.

Could click fraud ultimately deter marketers from advertising online?

Of course bad experiences can put marketers off from certain methods of PPC. However, in the same ways that retailers will always have theft and credit cards will always be defrauded, marketers need to recognise that click fraud will happen. What they shouldn't stand for is a provider who doesn't catch a high percentage of fraudulent attempts, or a provider who will not deal with fraudulent leads that slip through the net in an appropriate way. Marketers should not be made to pay for the cost of fraud – and that is what will keep them confident in online advertising.