Click fraud is the act of illegally clicking on pay-per-click (PPC) online advertising  to generate fraudulent charges. In PPC Online Advertising, advertisers pay the owners of the website based on how many visitors to the site click on the ads. Fraud occurs when an individual, computer program or generated script exploits online advertisers by repeatedly clicking on a PPC (pay-per-click) advertisement to increase site revenue or to exhaust advertisers' budgets. Some ways to detect click fraud are if by noticing unusual peaks in the impression or in the number of clicks, no increase in the number of conversions during peaks in clicks and a drop in the number of page views. There are various forms of click fraud and perpetrators can be both the contracting and non-contracting parties.
Since the ads aren't clicked on by people who have a legitimate interest in the target of the ad's link, click fraud boosts advertising costs, lowers conversion rates and misrepresents user data for businesses. Per-per-click online advertising has come under increased scrutiny and litigation due to the practice of click fraud. Click fraud is an unethical and illegal practice that disrupts the purpose of online advertising and makes it tougher for advertisers to collect useful data. Click fraud is still heavily practiced as is the use of PPC Advertising, although many advertisers are trying to move away from PPC Advertising to other forms such as Cost-per-action or Cost-per-acquired.
PPC or pay-per-click is a model of internet marketing in which advertisers pay a certain amount every time one of their ads is clicked online. It was meant to replace the practice of display advertising  in which advertisers pay money to sites just for showing their ads. Essentially, marketers aren't paying for ad placement but are paying only when their ad is clicked by an online user. Search engine advertising is the most popular method of PPC. Search engines  like Google or Bing give advertisers the opportunity to bid for ad placement in the search engine's sponsored links when a person searches for something that is connected to the advertiser's business. This gives advertisers the chance to place their product or service in the sponsored links in the form of an ad that aims at specific keywords. Additionally, advertisers cannot simply pay more to make sure that their ads appear more often than others'. In fact, there is an automated process behind this that is known as Ad Auction  which determines the frequency and positioning of ads.
Types of Click fraud
There are two basic types of click fraud in PPC online advertising, automated and manual . Automated click fraud is a software or a script that is designed to click on pay-per-click ads for various purposes while the latter of these two is when a competitor or an employee physically clicks on the PPC ads to drain the advertiser's budget. Automated click fraud is more malicious as compared to manual click fraud because of its efficiency and speed. Automated click fraud operates with the use of bots that access the webpage and click the desired link. Bots can even be designed or programmed to take actions that mimic those of the real user such as mouse movements, random pauses before taking an action and varying the timing between clicks. In this way, automated click frauds have the power to cause more harm than manual click frauds.
Perpetrators of click fraud can be broken down into primary and secondary sources.
A primary source is a contracting party, either the advertiser or the publisher or the customer. In order to generate more revenue, the publisher might engage in click fraud to get the ad to be clicked as often as possible. An advertiser might click on its own ad multiple times to make it look like a click fraud by the marketer to terminate its contract with the marketer. An uncommon example of primary click fraud is when a customer regularly clicks on paid search advertisements to visit a website and gets paid by the publisher.
Secondary sources are non-contract parties who are not involved in the ad contract. Some examples are competitors of advertisers, competitors of publishers and friends of publishers.
There have been multiple lawsuits involving click frauds, which can be divided into the type of parties involved in the lawsuits in relation to the click fraud.
- Advertisers vs Networks: On March 8, 2006, Lane's Gifts and Collectibles filed a lawsuit on behalf of all Google Advertisers who had used the service since 2002. Google agreed to a $90 million settlement but none of the companies actually received the money. Instead, all the advertisers received reimbursements on their ads that had experienced click fraud. Lane's Gifts and Collectibles claimed that they had to pay for numerous invalid clicks and Google wasn't acting on it to prevent it. As part of the Lane's Gifts settlement, the Circuit Court of Miller County, Arkansas ordered an independent review of Google's click fraud detection system to determine if they were "acceptable". The review was conducted by Professor Alexander Tuzhilin of NYU. .
- Advertisers vs Advertisers: In February 2017, a Texas jury ordered Trimax Media, a digital advertising agency specializing in search engine marketing, to pay one of its competitors, Wickfire, $2.3 million for a click fraud scam. Wickfire filed a lawsuit  in 2014 claiming that Trimax begab bidding on search terms associated with Wickfire clients and clicking on those ads to drive up the advertising costs. 
- Clients vs Agencies: Uber sued its ad agency Fetch Media Ltd in 2017 for alleged click fraud and deception, claiming that Fetch unfairly billed Uber for fake online ads and downloads it wasn't involved with. Uber is claiming for at least $40 million for improper billing of fraudulent ads and falsely taking credit for app downloads. Uber voluntarily withdrew its complaint in late 2018, and Fetch countersued in 2019 for unpaid invoices.
An advertiser can take the following precautions:
1) Exclude Unwanted IP Addresses: Fraudulent clicks usually come from a single IP address and once the IP address is located, it can be excluded in order to prevent the IP address from accessing your ad. However, Google keeps its data secure and doesn't provide such information so, the IP addresses can't be tracked from the ads account. To spot a pattern and identify an offending IP address, you’ll have to dig into your server’s logs. 
2) Ad Targeting: Sometimes it might not just be a single IP address that will aim your ads, and in fact, could be a host of different servers accessing it from one geographical location. In this scenario, you can exclude that specific geographical area if you notice a pattern of suspicious clicks from that region. 
3) Specialized software: Enlisting a specialized software can help you track suspicious activity. These software can help you build a fraud report on suspicious activity and that can be used as evidence as well. There are platforms that can help you fight click fraud and tailor campaigns to achieve your campaign objectives. This is done by providing multi-channel campaign strategies including LinkedIn advertising and video advertising. 
4) Timestamp: Noticing any similarities in action or time can be an indication of click fraud as bots-based click frauds run repeatedly to attempt clicking on the ads, leaving a timestamp for the click frequency. 
Google has been fighting click fraud since PPC advertising originated and has created a robust anti-click fraud program. Google is usually the search engine party that acts as the publisher and is using automated filters in its detection system. Advanced algorithms detect and filter out invalid clicks in real-time before charging its advertisers. Google’s Ad Traffic Quality Team  also conducts manual, offline analysis and removes any clicks that they deem invalid. Apart from these measures, Google also inspects suspicious activity reported by advertisers and initiates investigations on invalid clicks.
Another solution is to incorporate another form of online advertising such as cost-per-action (CPA). With this type of advertising, advertisers pay the publisher an agreed-upon fee for each specified type of action such as sales or "added to basket". This prompts for detailed action by the user and ensuring that bots can't intervene with the ad. With the payment for the ads being based on completed actions, it also gives the advertiser better control of tracking and maximizing the return on investment across different marketing channels. There are various methods used to calculate CPA but the most basic approach is: CPA = Total marketing spend (month/year) divided of the Total number of customers acquired.
With the rise of online advertising, different methods to beat the model to gather more revenue or make advertisers cut their subsequent ad budget. With each fraud, the ad model is tweaked, but the ethical issues of each fraud are large. Many advertisers are under the impression that the people who click on their ads do so out of their own volition and interest in the product and hence, advertisers use this data set to formulate opinions on their target set. When automated systems or individuals solicit their clicks, they are breaking the trust of the advertiser. If bots are interfering with an ad or website, then the activities of the bot get included in the data. As a result, the people running the website can't measure the actual effectiveness of a display ad or judge the real behavior of legitimate users in order to formulate a comprehensive data set.
Some other ethical issues are that publishers like Google don't follow their own contract by fully reimbursing businesses that file legitimate click fraud complaints and don't take the required efforts to identify invalid clicks. An argument even exists about the ethical standpoint  of paid searches and many criticizers claim that paid advertising done through search engines is unfair as tech companies like Google and Amazon can easily promote their own product and dominate their respective businesses.