Click fraud can be as simple as one person starting a small web site, becoming a publisher of ads, and clicking on those ads to generate revenue. Oftentimes, the number of clicks, and their value, is so small, that the fraud goes undetected. Oftentimes publishers will claim small amounts of such clicking is an accident, which is often the case.
Much larger scale fraud also occurs. Those engaged in large scale fraud will often run scripts, which simulate a human clicking on ads in web pages. However, huge numbers of clicks appearing to come from just one, or a small number, of computers, or single geographic area, look highly suspicious to the advertising network and advertisers. Clicks coming from a computer known to be that of a publisher, also look suspicious to those watching for click fraud. A person attempting large scale fraud, alone in their home, stands a good chance of being caught.
Organized crime can handle this by having many computers, with their own internet connection, in different geographic locations. Often scripts fail to mimic true human behavior, so organized crime networks use Trojan code to turn the average person’s machines into zombie computers and using sporadic redirects or DNS-cache-poisoning to turn the oblivious user’s actions into actions generating revenue for the scammer.
Impression fraud is an insidious variant of click fraud where the advertiser is penalized for having an unacceptably low click-through rate for a given keyword. This involves making numerous searches for a keyword but without clicking of the ad. Such keywords are disabled automatically, enabling a competitor’s lower-bid ad for the same keyword to continue while several high bidders (on the first page of the search results) have been eliminated.
It is very difficult for advertisers, advertising networks, and authorities to pursue cases against networks of people spread around multiple countries.