The Search Monitor Detects and Takes Down Fraudulent PPC Ad Ring

Share Article

The Search Monitor, the leader in providing precise, competitive ad intelligence to search and affiliate marketers, recently detected a PPC fraud ring impersonating over 300 advertisers. How did this happen?

URL Hijacking observed by The Search Monitor in the clothing and retail furniture industries

Our team noticed unexplained activity across several of our clients. We worked closely with The Search Monitor’s team to uncover even more data on the nature of the fraudulent activity. - Regina Cotto, Rakuten LinkShare

Paid search ads are just as susceptible to fraud as other forms of digital advertising. The fraudulent tactic with the most dramatically impact these days is called PPC ad impersonation and can be hard to detect. PPC ad impersonation occurs when an impostor advertiser takes a known URL, like, and uses it as the Display URL of their own advertisement.

PPC fraud rings differ from click fraud, where an automated system is generating fake clicks on an advertiser’s ad. Click fraud is now mostly dealt with by tighter controls from the search engines, and ad impersonation has overtaken click fraud and is now the prevalent form of fraud on PPC advertising.

Take, for example, May 2014, when The Search Monitor detected fraudulent PPC ads running on Bing, Yahoo, and Google. The fraudsters impersonated more than 300 advertisers on a global scale. The fraud spanned several industries, including leading businesses in automotive (JC Whitney), home furnishings (Joss & Main), software (MobiStealth), printing (Tiny Prints), home & garden (Ace Hardware), travel (BookingBuddy), firearms (Brownell’s), and services (Deluxe).

The imposters were running fraudulent ads on brand and brand-plus keywords an average of 42.5% of the time. In some cases, the fraudulent ads were appearing as much as 100% of the time (i.e. every single ad seen had been overtaken by an imposter). The hijacks were perpetrated through several thousand domains used as Destination URLs of PPC ads.

It took a team of experts to detect the full extent of this activity. The hijackers were tracked down by a three-party effort involving Rakuten LinkShare, Bing, and The Search Monitor. Rakuten LinkShare and The Search Monitor jointly discovered that the domain ‘’ was impersonating several Rakuten LinkShare customers.

For more details on ad impersonation and the May 2014 fraud ring take down, see the complete article by The Search Monitor CEO, Lori Weiman.

About The Search Monitor
The Search Monitor monitors paid search, organic search, social media, mobile search, and shopping engines worldwide for brand and affiliate compliance, and competitive intelligence. Interactive agencies, search marketers, and affiliate marketers use The Search Monitor to gather and analyze competitive information more effectively. Visit to learn more.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Amanda Holliday
The Search Monitor
Like >
Visit website