All About VPN and Click-Through Ads

Laid Merzouk

15 Dec, 2022

VPN or virtual private network can be a useful tool for the average Internet user These software plugins can help hide your location and make it easier to remain anonymous online for a variety of reasons And of course masking your location also makes a VPN the perfect tool for committing click fraud. How do VPN work and how are they by scammers to commit click fraud and ad fraud?

What is a VPN?

A virtual private network (VPN) is software that can be downloaded as a standalone program or installed as a browser plug-in. Popular and well-known VPN include NordVPN, ExpressVPN, and Hola. The VPN market has grown exponentially over the past 10 years as consumers and businesses seek to protect their data and privacy, generating over $15 billion in revenue.

VPN usage in Europe and North America is 17 percent, while 25 percent of internet users now use VPN with the highest usage in Asia Pacific and Latin America.

As the name suggests they create a virtual location for you using a new unique IP address each time you activate the VPN.

Then, with the help of a VPN and a new IP address, you can choose how your location appears on the internet. So for example, if you're in India, you can use a VPN to show your location as the US.

It works by routing your traffic through servers or the VPN network so it doesn't show up as coming from your location.

A typical reason to use a VPN is to bypass location restrictions on websites or national firewalls.

An example of a popular and legitimate VPN use is accessing blocked social networking sites such as Facebook in China.

Or for users of streaming services that are only available in their home country (for example, BBC iPlayer video streaming is only available in the UK). Or watch friends wherever you are. Many of them are subscription based, but many free VPN use peer-to-peer features.

The Tor Network (Onion Router)

In the same vein Tor is software designed to keep users anonymous and secure in certain network communications. It also allows them to access certain websites and services on the Deep Web.

The US Naval Research Laboratory developed the basic concept of sending messages anonymously and securely. Later a group of researchers (with the permission of the Navy) created the Tor Project which provided free and open-source software to individuals and other government agencies to increase the anonymity and security of their communications.

The term Tor comes from the acronym onion router (Tor). which metaphorically compares the layers of the onion to the way the network provides layers of encryption for communication. Like a VPN this can be used for legitimate reasons. However it is also a common method of proxy traffic scams.

VPN used for fraud

You probably already know how a VPN or the Tor browser can be a useful tool for internet scams especially PPC scams.

A VPN works by routing the device's connection to the Internet through the private server of the selected VPN, not through the Internet Service Provider (ISP).

When data is transferred to the Internet, it comes from the VPN not from the device. Fraudsters use this tool to mask their transactions and hide their IP addresses so they don't get blacklisted.

This makes advertisers think that the interaction is coming from the desired places. With emulators, VPN proxies, and other technological tools, borders become irrelevant, allowing fraud to easily infiltrate any country.

With pay-per-click advertising marketers often target a specific region to maximize the return on investment in their advertising campaign. Using a VPN, a web user can create a new "virtual" IP address and use it to mask their true location.

This type of location obfuscation is often used in organized settings such as click farms or botnets. With a bank of servers pre-loaded with VPN scammers can route bot traffic or click farmers through these IP addresses to send bulk clicks from anywhere in the world they want.

Based on billions of impressions analyzed for corporate clients, the researchers found that more than one in five invalid clicks (21%) involve location obfuscation using emulator VPN proxies and other tools.

In the case of accidental click fraud (click fraud or click fraud), a VPN can be a simple yet effective tool. A local business competitor only needs to download a VPN on one or two devices and it can seriously damage your pay-per-click campaign.

In countless click fraud prevention strategies for our clients we have found the devastating effect of location obfuscation:

A leading skincare brand that spends hundreds of thousands of dollars on PPC has been hit by malicious VPN and data center traffic. 95% came from data centers and 5% came through proxies/VPN depending on users who were "out of geography" and not included in the client's campaign targeting. This resulted in savings of $80,000 which was reinvested in the safe stock.
One of the world's largest DIY marketplaces, spending $2.5 million a month on paid Google search in particular, recorded over 14,000 invalid clicks per month when users deployed VPN to mask their location mostly from China and Malaysia (disguising its location as buyers from the UK). The customer considers this invalid as they do not ship to these regions.

In short a VPN is an effective click fraud tool that is very difficult to detect or stop.

How to detect VPN traffic

Okay so yes VPN traffic is hard to detect but in fact VPN click fraud can be stopped quite effectively if you know how. Even by disguising its true location a VPN will leave a mark.

These are some of the most common and effective ways to detect VPN traffic on your PPC ads.

IP Fraud Assessment

With all these generated IP addresses, the ability to rank and evaluate the likelihood of fraud is very useful. There are IP address checkers that can tell you how likely a suspicious address scam is.

Device IDs

Click fraud prevention software assigns unique identifiers to devices, not IP addresses. This means that even if a device uses the VPN to change its IP address multiple times, it will always be identified by the software.

This is a common problem with PPC platforms' approach to click prevention when they focus on an IP address rather than a device.

Is all VPN traffic fraudulent?

It would seem that anyone who commits click fraud or ad fraud would use a VPN to do so. And that makes sense because it helps them cover their tracks.

But if you're wondering if every click on your paid ads through a VPN is a scam well... most likely not.

Some people just use a VPN to keep their privacy online. Others may use a VPN to bypass these location restrictions, as we mentioned earlier. Perhaps they want to find a service or product from home while they are on vacation.

So while most ad fraud traffic will use a VPN, not all VPN traffic is fraudulent.