The document provides an overview of click fraud, describing its definition, common motivations, and key tools used by fraudsters. It discusses how fraudsters utilize online forums, IRC servers, computer worms, and botnets to facilitate large-scale click fraud schemes and generate illegitimate revenue. The report also profiles common types of fraudsters and provides recommendations for advertisers and ad networks to help mitigate fraudulent clicks.
3. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
INTRODUCTION
The Anchor Intelligence Report: Anatomy of a Fraudster is a survey of click fraud and the
fraudsters behind malicious clicks. It includes a description of click fraud and the reasons for
its increasing prevalence. In addition to providing an overview of the tools fraudsters
leverage in order to successfully perpetrate click fraud, this report also introduces four of
the most common fraudster profiles encountered by Anchor Intelligence. Finally, Anchor
offers a series of recommendations for both advertisers and ad networks/search engines to
help these parties minimize payouts for fraudulent clicks. By educating the online advertising
and security industries on the motivations, tools, and profiles involved in click fraud, Anchor
Intelligence hopes to facilitate collaboration between the various industry players and
ultimately improve click fraud detection
CLICK FRAUD
Click fraud constitutes a growing threat to the online advertising industry, particularly pay-per-
click (PPC) advertising systems. Much like spam – which grew exponentially in volume in the
earlier half of this decade, and significantly outpaced the growth of email volume – click fraud
will grow in volume as more dollars move online. As it stands, click fraud is the most prevalent
form of online advertising fraud in the marketplace today.1 This section provides a comprehen-
sive definition of click fraud as well as the motivations of its perpetrators.
Definition
Anchor Intelligence defines click fraud as clicks or impressions originating from the malicious
intent of the clicker that have zero economic value to the advertiser. However, as it is impos-
sible to determine a clicker's intent with certainty, one must look at click/impression quality to
suggest a more practical definition of click fraud.
Click quality is a continuous spectrum of good and bad. Some clicks and impressions are
“good” because they have a high likelihood of conversion and are thus valuable to the adver-
tiser. For instance, if an individual purchases many books online, any click he/she makes on
book-related ads has real value to the advertiser because the individual has demonstrated
his/her propensity to purchase books online. Similarly, some clicks and impressions are “poor”
because they have a low likelihood of conversion and provide minimal value to the advertiser.
If a user has a strong aversion to making purchases online, his/her clicks are unlikely to result in
a purchase, and are therefore less valuable to the advertiser. Finally, some clicks and impres-
sions are fraudulent because the user has no intention of converting, thus giving the advertiser
no chance of reaping a return on their investment in that click or impression.
1
Bobji Mungamuru, Stephen Weis and Hector Garcia-Molina, “Should Ad Networks Bother Fighting Click Fraud? (Yes, They Should.)
Stanford InfoLab 1 July 2008: 2.
3
4. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
Motivations
Motivations for click fraud primarily fall into two camps: a desire to handicap one’s competitors
or intent to generate illegitimate revenue. In the first camp, malicious advertisers commit click
fraud in an effort to prevent their competitor’s ads from appearing to potential customers or
to drive up the competitor’s advertising costs. PPC services, such as Google AdWords, require
advertisers to set a daily budget on their ad spend. In order to accomplish his/her goal, the
malicious advertiser can theoretically click (or pay others to click) on the competitor’s ads
repeatedly, until the competitor exhausts its daily budget. Once the daily budget limit has been
reached, the competitor’s ads will no longer appear on search engines or publisher sites,
putting the malicious advertiser in a better position for potential sales. Meanwhile, the
competitor will see a reduction in its ROI on ad spend and may potentially make flawed
optimization decisions by pulling funds out of these campaigns.
More commonly, malicious individuals commit click fraud in order to boost revenue. Publisher
sites generally host ads in order to earn money; publishers earn a percentage of each ad click
or impression that occurs on their websites. The more clicks or impressions that occur on a
publisher’s site, the more money he/she will earn through that site. As such, many malicious
publishers generate fraudulent clicks on ads hosted by his/her site. They often take this fraud a
step further by creating multiple sites, through which they perpetrate click fraud, in order to
earn even more money, at the expense of advertisers and ad networks.
THE CLICK FRAUDSTER’S TOOLKIT
In order to perpetrate click fraud, especially on a large-scale and/or in a sophisticated fashion,
fraudsters utilize an arsenal of tools. This section examines several of these tools in detail.
Forums
Internet forums, otherwise known as message boards, are online discussion sites. Fraudsters
frequently leverage forums in order to facilitate communication. In particular, they are a popular
channel for trading stolen information, for the following reasons: forums are often organized
chronologically; they generally have decent search features; and postings, such as advertisements
for malware, are relatively permanent, remaining visible to any and all visitors until they are
removed. Internet forums have differing membership levels and range from being open to
anyone to open only to fraudsters with established reputations.2 Once fraudsters successfully join
a forum, they can buy and sell fraudulent goods and services to interested parties.
One example of a prolific underground web forum was ShadowCrew. ShadowCrew was an
international crime syndicate, whose members were carders and hackers from the U.S. and
Eastern Europe looking to trade, buy, and sell a range of ill-gotten wares online.3 Because it was a
large, openly available forum, it quickly attracted the notice of federal agents and was successfully
2
“Symantec Report on the Underground Economy, July 07-08,” Symantec Enterprise Security November 2008: 4.
3
Brian Grow with Jason Bush, “Hacker Hunters,” BusinessWeek 30 May 2005.
<http://www.businessweek.com/magazine/content/05_22/b3935001_mz001.htm>.
4
5. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
shut down in October 2004 through a sting operation known as “Operation Firewall.” 4
IRC Servers
Internet Relay Chat (IRC) is an internet communications protocol that offers real-time
internet chat among groups. Communication occurs via channels, which are hosted on IRC
servers. Most IRC servers are established for legitimate purposes, but fraudsters use many
public servers covertly. IRC servers are another popular platform for fraudsters because they
require minimal bandwidth and can be accessed using one of many freely available IRC
clients. 5 Contraband is readily, if secretly, available to fraudsters on IRC servers. For instance,
identity thieves can easily log in to IRC servers and acquire CVV numbers, determine the
limits of stolen credit cards, and locate customers for bulk credit card numbers. Similarly,
click fraudsters can buy and sell compromised machines to organize botnets in order to
perpetrate sophisticated click fraud.
IRC servers are located around the globe, Rank Country Percentage of Servers
1 United States 41%
although the locations change regularly, due
2 Romania 13%
to fraudsters’ frequent use of compromised 3 Germany 11%
computers and server proprietors’ regular 4 United Kingdom 6%
5 Canada 5%
efforts to restrict fraudsters’ access. 6 6 Australia 4%
According to a recent Symantec report, 7 Brazil 3%
the countries hosting the largest number of 8 South Korea 2%
9 Netherlands 2%
underground IRC servers are the United 10 Sweden 2%
States, Romania, and Germany. Table 1: Top countries by number of underground IRC servers
Source: Symantec Corporation
Computer Worms
Worms are another tool used by click fraudsters. Computer worms are programs that
self-replicate by means of a network. They typically spread by exploiting vulnerabilities and
bugs in operating systems and outdated applications. Worms are often used to create zombie
computers; as a worm spreads, it creates a network of zombie computers known as botnets.7
A recent example of a worm exploiting a bug in Microsoft® Windows is the
Win32/Conficker.a worm. This worm served as a critical component in the construction of a
new botnet. 8 According to a post on the Microsoft® Malware Protection Center, “It opens a
random port between port 1024 and 10000 and acts like a Web server. It propagates to
random computers on the network by exploiting MS08-067. Once the remote computer is
exploited, that computer will download a copy of the worm via HTTP using the random
port opened by the worm. The worm often uses a .JPG extension when copied over and
then it is saved to the local system folder as a random named dll.” 9 As of December 1,
nearly 500,000 PCs had been infected, and it was only beginning to grow.10
4
“Crime Boards Come Crashing Down,” Wired 1 February 2007. <http://www.wired.com/science/discoveries/news/2007/02/72585>.
5
“Symantec Report on the Underground Economy, July 07-08,” Symantec Enterprise Security November 2008: 4.
6
“Symantec Report on the Underground Economy, July 07-08,” Symantec Enterprise Security November 2008: 52.
7
“Computer Worm,” Wikipedia 9 December 2008. <http://en.wikipedia.org/wiki/Computer_worm>.
8
Gregg Keizer, “New Windows worm builds massive botnet,” Computerworld 1 December 2008.
<http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9121958>.
9
Ziv Mador, “More MS08-067 Exploits,” Microsoft® Malware Protection Center 25 November 2008.
<http://blogs.technet.com/mmpc/archive/2008/11/25/more-ms08-067-exploits.aspx>.
10
Gregg Keizer, “New Windows worm builds massive botnet,” Computerworld 1 December 2008.
5
6. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
Another recent example is the Koobface worm, which has circulated through Facebook
since mid-November. The worm has spread by means of spam messages with links to
compromised sites.11 These sites displayed a bogus error message prompting the user to
download an Adobe Flash update named flash_player.exe.12 Users who did so downloaded
an executable file that installed the Koobface worm, which then installed a background
proxy server. This proxy server redirects all search terms to find-www.net, which enables
click fraudsters to make money through the resulting ad clicks.13
Botnets
Botnets are probably the most widely known tool in the click fraudster’s toolkit. A botnet is
a network of compromised computers (aka Zombies). Bot programs are covertly installed
on computers by means of worms, backdoors, or Trojan horses.14 According to the Shad-
owserver Foundation, more desktop machines are becoming infected with malicious
software than ever before. For instance, the number of botnet-ensnared PCs has
quadrupled in the past year.15
The bot herder, e.g. the fraudster in charge of the botnet, issues commands to the zombie
computers via a common command-and-control infrastructure. The commands typically run
through IRC servers, providing a degree of separation and an additional layer of protection
for the herder. Botnets are used to wage distributed denial of service attacks, propagate
spam, log keystrokes, and perpetrate click fraud.16
In the case of click fraud, herders command bots to visit websites – which are either owned
by the herder or someone who pays the herder for the service – and click on the ads
hosted by those sites. The site owner, be it the herder or customer, can thus generate a
significant amount of revenue, which is paid out by the ad network or search engine
distributing the ads. With particularly large, global botnets, clicks come from distinct IP
addresses, giving the illusion of legitimate traffic.
One of the most infamous click fraud botnets is Clickbot.A, which was discovered by Swa
Frantzen at SANS, in May 2006.17 Over the course of one month, the botnet grew to
encompass more than 100,000 computers.18 It conducted discreet, low-noise click fraud
attacks against syndicated search engines, by commanding each bot to issue one click
roughly once every 15 minutes.19 Investigations into its “anatomy” have helped to educate
the online advertising and security communities about botnets.
11
Gregg Keizer, “Worm spreads on Facebook, hijacks users’ clicks,” Computerworld 5 December 2008.
<http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9122724>.
12
Jennifer LeClaire, “Koobface Worm is Targeting Facebook Users,” Enterprise Security Today 5 December 2008.
<http://www.enterprise-security-today.com/story.xhtml?story_id=63428>.
13
Gregg Keizer, “Worm spreads on Facebook, hijacks users’ clicks,” Computerworld 5 December 2008.
<http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9122724>.
14
“Botnet,” Wikipedia 9 December 2008. <http://en.wikipedia.org/wiki/Botnet>.
15
Brian Krebs, “Number of Bot-Infected PCs Skyrockets,” washingtonpost.com 4 September 2008.
<http://voices.washingtonpost.com/securityfix/2008/09/number_of_bot-infected_pcs_sky.html>.
16
“Botnets,” Shadowserver 12 November 2007. <http://www.shadowserver.org/wiki/pmwiki.php?n=Information.Botnets>.
17
Neil Daswani and Michael Stoppelman, “The Anatomy of Clickbot.A,” Google, Inc. 10 April 2007.
18
“Clickbot.A,” Wikipedia 9 December 2008. <http://en.wikipedia.org/wiki/Clickbot.A>.
19
Neil Daswani and Michael Stoppelman, “The Anatomy of Clickbot.A,” Google, Inc. 10 April 2007.
20
“June 2008 | Trend Micro Threat Roundup and Forecast—1H 2008” Trend Micro, Inc. 7 July 2008.
<http://trendmicro.mediaroom.com/index.php?s=43&item=650>.
6
7. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
Adware
Finally, adware is a software package, which displays ads in an unexpected and often
unwanted fashion. 20 Adware can be a form of spyware when used to spy on users. It collects
information about a user’s web history in order to serve relevant ads. 21 Adware can be
covertly installed on computers through one of two methods: users can be tricked into
clicking a spyware link; or users may use a file-sharing program to install freeware that
secretly includes adware.22 According to research conducted by Professor Ben Edelman of
Harvard University, some forms of adware perform click fraud by automatically activating
pay-per-click advertisement links.23 Thus, adware can be used to perpetrate click fraud.
CLICK FRAUDSTER PROFILES
Over the past year, experts at Anchor Intelligence have studied clients’ traffic patterns and
gathered intelligence on four of the most prevalent fraudulent behavioral profiles, ranging in
levels of sophistication. This section describes the profiles in detail.
Click Fraud Farmers
The first profile applies to members of click farms, which use some
of the least sophisticated methods to perpetrate click fraud. Click
farms are often outsourced by an organization that is paid to
generate clicks on behalf of a third party. In some cases, click farms
are networks of people, who scratch each others’ backs by clicking
on ads appearing on the other members’ websites. These people try
to simulate regular traffic by viewing another members’ link, visiting the associated website for
a period of time, and moving on to the next members’ link. Newspapers around the world
advertise opportunities to participate in these groups as easy careers for people working from
home. Click farms often reflect the global nature of our economy, in which workers from
developing nations seek an opportunity to easily earn
a few dollars a day, at the expense of advertisers
looking to attract legitimate business to their websites.
Click farm activity often appears as high volume traffic
bursts originating from a limited number of users with
no corresponding improvement in conversions or
other useful user sessions. Ad networks may be able
to identify these schemes by matching IP addresses of Figure 1: Click farm ad from the Deccan Chronicle Classifieds
publishers within the network with ad click logs. Source: Digital Inspiration
21
“Spyware,” Wikipedia 9 December 2008. <http://en.wikipedia.org/wiki/Spyware>.
22
Jerry Honeycutt, “How to Protect your Computer from Spyware and Adware,” Windows XP 20 April 2004.
<http://www.microsoft.com/windowsxp/using/security/expert/honeycutt_spyware.mspx>.
23
Ben Edelman, “The Spyware – Click Fraud Connection – and Yahoo’s Role Revisited,” benedelman.org 4 April 2006.
<http://www.benedelman.org/news/040406-1.html>.
7
8. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
Pyramid Schemers
A second fraudster profile applies to participants of pyramid
schemes. A pyramid scheme is a non-sustainable business model
that involves payment for recruiting new participants into the
scheme and fails to deliver a legitimate product or service. Click
fraud pyramid schemers are paid to click on ads and visit websites,
much like members of a click farm. However, in addition to
receiving compensation for their traffic, pyramid schemers are also compensated for recruiting
users. As a result, these users are less likely to come directly from publishers IPs.
Pyramid scheme participants often use services such as Bux.to and ClixSense to perpetrate
their fraudulent activities. For instance, Anchor Intelligence found the following pitch on one
publisher’s homepage: “At Bux.to, you get paid to click on ads and visit websites. The
process is easy! You simply click a link and view a website for 30 seconds to earn money. You
can earn even more by referring friends. You'll get paid $0.01 for each website you person-
ally view and $0.01 for each website your referrals view. The minimum payout is $10.00.”
Money Launderers
Launderers are a more sophisticated version of the pyramid
schemer, and involve the use of “money mules,” individuals who are
used to funnel money from ad networks to fraudsters. The
fraudsters behind these schemes recruit people to use the recruits’
$
$
$
information to register various websites with ad networks. The use
of multiple "mules" and addresses is key in allowing the fraudster to
scale his operation. The registered address is also critical, as many networks are more suspicious
of international publisher accounts than of accounts based in the U.S. Once the websites are
registered to display ads, click fraudsters create bogus or copied content on these sites and
generate false clicks on their ads, often by means of botnets. The ad network unknowingly makes
payments to the various registrants, who manage the deposit. The registrants then transfer the
money to the fraudsters for a fee, ranging from 20% to 50% of the payment.
These profiles are generally difficult to detect, due to the sophisticated nature of their
techniques. Anchor Intelligence has worked directly with various ad networks to identify
launderers and link them together, even across multiple clients. The linking is often based on
traffic, reputation, and other proprietary data.
Kit Sophisticates
A final variety of fraudster, the kit sophisticate, purchases kits
online to commit fraud. Kits come in a variety of packages with
proportionate price tags. Fraudsters use kits to create hundreds
of websites, mass register accounts, generate ad clicks, and build
botnets. For instance, ClickingAgent, a notorious ad clicker kit by
LoteSoft, saves website owners the trouble of creating valuable
content that attracts real readers by simply simulating “normal” ad traffic for $100. Similarly,
cheatingnetwork.net, another forum, offers pay-to-click kits for website owners to generate
realistic-looking traffic.
8
9. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
Click fraud originating from kit sophisticates can be extremely difficult to identify. Anchor
has developed hundreds of signatures of fraudulent activity generated from these kits and
has worked with multiple ad networks to evict kit sophisticates from their networks.
RECOMMENDATIONS
While sophisticated instances of click fraud are difficult to detect, advertisers and ad
networks can take precautionary measures to reduce their payouts for fraudulent clicks
Advertisers
There are several rules of thumb advertisers can use to help recognize and identify instances
of click fraud. Anchor recommends the following ten tips:
1. Watch for significant variations in campaign performance: Look at your reports to identify
sudden peaks and other anomalies in your daily traffic and costs. If you cannot determine
the cause and the peaks are not associated with corresponding lifts in performance,
consider stopping your campaign and/or asking your network to investigate further.
2. Prevent competitive click fraud: Do a few searches on your keywords to compile a list of
relevant competitors. Then open your Command Prompt on your PC (or Terminal on
your Mac) and ping each competitor’s domain (e.g. type “ping www.COMPETITOR
DOMAINNAME.com”) to ascertain their company IP address. You can find their entire
range of IPs by using services such as www.arin.net. Be sure to check that the IPs are
registered to the company directly, as opposed to the company’s hosting provider. If they
are, add those IPs to your account IP exclusion lists (when available).
3. Don’t drain your own budget: If you’re concerned about clicks coming from your own
employees, add your company’s IPs to your account IP exclusion lists (when available).
4. Block poor performing referrers: Assuming your analytics package provides referral and
conversion information, start with your highest volume referrers and determine which sites
fail to drive any conversions or other useful user sessions. If you notice that your ads/keywords
are performing poorly on particular sites, reduce your bids for those publishers/channels. For
high volume sites that generate zero conversions, selectively use the domain/channel-blocking
feature to prevent your ads from appearing on those sites in the future.
5. Monitor high dollar CPC terms closely: Keywords with high CPCs have historically been
more vulnerable to click fraud attacks than those with low CPCs. So pay particular
attention to these keywords and the referrers that generate disproportionately more
traffic to your site through these keywords. Determine whether or not you’re seeing a
positive ROI on your bids. If not, consider lowering your bids on poor-performing
keywords/ads and allocating more spend to higher performing keywords/ads.
9
10. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
6. Geo-target your ads appropriately: If you do not sell products outside of North America, be
sure to limit your geo-targeting to North America. If you do sell products abroad,
monitor the performance of your international ads. If you find that your ads perform
poorly in certain geographies, update your geo-targeting preferences accordingly. Keep a
critical eye out for countries such as UAE, China, Vietnam, Thailand, and the Philippines.
Anchor has seen relatively high volumes of fraud originating from these countries.
7. Use ad scheduling: Monitor the quality of your traffic according to time of day and day of the
week. For instance, we find that humans typically use the internet during the day, while bots can
run 24 hours a day. If you find that your conversion rates are higher in the mornings than late at
night, you may want to daypart your bids to reduce exposure to lower-converting traffic.
8. Leverage a 3rd party traffic quality solution: Your ad network/search engine is not infallible.
In order to ensure that you are not being charged for fraudulent clicks, consider using a
3rd party traffic quality solution, such as Anchor Intelligence. By providing deep insight
into the quality of each click/impression as well as the factors that contribute to each
click/impression score, Anchor Intelligence helps to educate you on click fraud and traffic
quality. Armed with this information, you'll be able to improve your ad spend allocation
decisions and ensure you are not paying for unwanted traffic.
9. Investigate your network: Before signing up with an ad network or search engine, do some
research into its policies. For instance, you should determine whether the network uses
frequency caps to prevent duplicate clicks originating from the same IP from being
charged to your account. Also check to ensure that they are using the IAB/ABCe Interna-
tional Spiders & Bots List and not charging you for clicks from these robots. Finally, peruse
their Terms of Use to determine the extent to which they care about the quality of traffic
you receive. For example, look for restrictions against authorizing, encouraging, or
generating fraudulent clicks or impressions; editing, modifying, removing, or obscuring ads;
and displaying ads on error pages or “thank you” pages.
10. Encourage your ad network(s) to also use 3rd party scoring solutions: Your ad network may not
realize that you are concerned about click fraud. The more you and other advertisers ask
networks to take additional steps to prevent and filter click fraud, the more likely these
companies will be to proactively protect you. In particular, you should encourage your
network(s) to engage the services of 3 rd party traffic quality solutions providers. These 3 rd
parties monitor the traffic quality within and across networks, to help ensure that you see
the highest possible ROI on your advertising spend while giving you confidence in the
quality of your clicks.
Ad Networks and Search Engines
For ad networks and search engines, Anchor Intelligence recommends outsourcing click fraud
monitoring to a 3rd party solutions provider. Ad networks and search engines face challenging
conditions when dealing with click fraud. The rate of adaptation for fraudsters often exceeds the
ability for a given network to keep its detection methods up to date. Changes in filtering rules
often result in only a short-term reduction of fraudulent activity. And large-scale click fraud rings
10
11. ANCHOR INTELLIGENCE REPORT: ANATOMY OF A FRAUDSTER
reappear within days of being discovered and shut down. As a result, the cost of dealing
with customer complaints and billing inquiries becomes significant with no systematic way of
responding to the changing behavior of fraudsters.
Anchor Intelligence offers cutting edge, proprietary solutions that have been developed to
adapt over time. Our models train against new instances of fraud detected within our
network. With the most comprehensive and exhaustive collection of network security
intelligence, Anchor’s click quality solutions enable our customers to focus on their core
competencies while learning from the collective intelligence of the entire web. Methods used
by Anchor include the following:
Behavioral analysis: checking whether the volume of activity for a given user over any number
of time periods is unacceptably high
Reputational analysis: identifying clicks from users who have engaged in fraud or other
malicious activity on the web
Distributional analysis: monitoring the standard rhythm and flow of traffic to identify
unexplained spikes
Associational analysis: locating publishers who appear to be generating traffic artificially through
the same shared sources
Anomaly detection: detecting traffic anomalies, such as spikes in CTRs with no ompanying
improvement in conversion and unnatural popularity of particular ad placements
Network policy violations: pinpointing ad placements that violate network rules, such as
stacked ad tags and ad tags overlaid on video thumbnails
Fraud signature matching: looking for evidence that matches the signatures of known fraudsters
Anchor Intelligence helps ad networks find and filter fraudulent clicks that the networks
themselves do not have the means to catch. For instance, Anchor can identify malicious actors
across its entire network. As an independent 3rd party, Anchor has knowledge of fraudsters
that operate within and across multiple ad networks, and can leverage this insight for the
benefit of all. Additionally, Anchor Intelligence can leverage its network forensics to classify
compromised machines. The company leverages honeypots, spam traps, and IRC channel
monitors to improve its ability to correctly identify computers infected with malware such as
bots and worms. Finally, Anchor intelligence’s 3rd party status enables it to look at user level
sessions across multiple networks to identify collusive behavior and velocity spikes in clicks.
With its access to data across multiple networks and its database of known fraudsters,
Anchor Intelligence enables ad networks and search engines to identify fraudulent clicks they
would otherwise have missed.
Anchor Intelligence provides tools for ad networks to not only better manage the quality of
traffic on their network, but also capture and deliver more value to their advertisers.
Anchor’s traffic quality solutions provide networks with the intelligence they need to
monetize the highest quality users on their network, reward their best publishers, remove
poor quality publishers, and filter fraudulent clicks. Contact Anchor Intelligence today to
learn more about our solutions.
11