Have you ever noticed that you’re running a Google Ads search campaign, the clicks are high, and CTR is good but you’re not getting any good leads? 

You’ve been careful setting up your campaigns and everything checks out with the locations you’ve selected, but there are still no conversions. 

You might be wondering, “What am I doing wrong?” 

So you double check your targeting in Google Ads, and it indeed shows that you’re only targeting people inside the location you have selected. So what could it be? 

If this is happening to you, it’s possible you are a victim of click fraud.


What is Click Fraud?

Click fraud is when spammy traffic (from bots, spammers, click farms, VPNs, angry competitors, etc.) results from clicks on your ads, costing you real advertising dollars on wasteful traffic. 

Advertisers are losing budget to this problematic phenomenon, which seems to be getting worse as time goes on.

As someone who professionally manages Google Ads and Programmatic campaigns, I have noticed this taking place on some of my client accounts. After a lot of investigating, I’ve discovered there’s a specific way to spot click fraud, but you can’t rely on Google Ads to identify it for you. You have to use Google Analytics (both UA and GA4 work) to be certain.

How To Detect Click Fraud 

Spotting click fraud takes some data sleuthing. Google doesn’t make it easy to spot fake clicks, nor do they show you the actual cost. Follow the steps below to spot click fraud, so that you can take action to fix it.  

In Universal Analytics (UA), go to Audience -> Geo -> Location.  Then make sure you change “All Traffic” to “Paid Traffic. Click on “Secondary Dimension” and select “Source/Medium.” 

Now you should see where all your paid traffic is coming from. If you type “google” in the search box, you’ll filter it further to Google Ads only, as you will see CPC as the medium. Take note that you might also see click fraud on your Facebook ads, LinkedIn ads, or other forms of paid traffic. 

Below is an example of how to view the traffic. 

In this case, we were strictly targeting people located in the US, but as you can see, there was traffic from users in other countries, making click fraud suspect.

Here is the process to spot Click Fraud if you are using GA4.

Select Reports -> Acquisition -> Acquisition Overview. Then scroll down and select “View Google Ads campaigns” and click the + button in the first column. Select “Geography -> Country” to see what countries your traffic is coming from.

In the above screenshot, you can see that users are shown under the User column, which means someone got to the website from clicking on an ad. 

As in the previous example, the Google Ads campaigns were set up to only target inside the US, yet traffic from outside the country was spotted, indicating that click fraud was taking place. 

If your Google Ads are strictly targeting people physically located in the US, but your Google Analytics is showing Google Ads traffic from outside the US, then there is definitely a problem with click fraud coming from outside the targeting area. 


How To Fix Click Fraud

Now that you know how to spot it, there are some precautions you can take, along with some solutions.

There’s a few services out there but we have been using a third party service called ClickCease, and so far it’s been effective at blocking fraudulent traffic. It works by identifying the spammy traffic on your ads via their IP address. Once that is done, it adds them to a block list, so they can no longer click on your ads.

There’s a cap of five hundred slots for IP addresses to be added to in Google Ads, so there is a finite amount of IP addresses you can block at a time. Also, fraudulent traffic changes— especially with VPNs. Block lists will change over time and need to be updated, and this is something that ClickCease does. 

I worked on a different account where the client had a dedicated in-house IT staff. They were able to manually identify click fraud on their accounts by going into their web servers using advanced techniques, to view and create a list of the IP addresses of their paid website traffic. Over time, they were able to infer which IP addresses were not behaving normally and showed evidence of click fraud. Then, they were then able to manually add those IP addresses to their own campaigns exclusion list. 

The screenshot below shows where you would add those IP addresses. This is definitely a considerable amount of work and requires a lot of IT experience to accomplish.


Even though there’s no perfect solution, and it doesn’t look like this problem is going away anytime soon, be sure to keep a close eye on your ad campaigns and equip yourself with the knowledge and tools to deter this issue. 

Best of luck to you!