fraud0 monitors your campaigns 24/7 and blocks fraudulent non-human and low-quality users from clicking on your ads.

There are two ways this works:

  1. Using your tag manager, Negative Audience groups are automatically created. These allow you to automatically exclude fake and low-quality traffic on all channels such as Google Ads, Facebook, DV360, Microsoft Ads and many more.

  2. Thanks to our analytics suite, you can see exactly where fraudulent and low-quality traffic is coming from and react accordingly. For example, you can shift your advertising budget to campaigns that show more human traffic.

How does fraud0 detect fake traffic?

We analyze data discrepancies and behavioral anomalies. In addition, we apply a combination of real-time scoring, behavioral analysis, honey pots, browser testing, and other undisclosed techniques.

This allows us to identify fraudulent activity and protect your advertising budget across all major channels such as Google Ads, Facebook, DV360, LinkedIn, Twitter and many more.

How does fraud0 detect low-quality traffic?

fraud0 analyzes the shopping behavior and transactions on your website. This subsequently enables you to block low-quality traffic.

Low-quality traffic are visitors who click on your ads, but have no or very little intention to actually buy your products. This includes accidental clicks, clicks outside the set geography, clicks from market research, or simply your competitors clicking on your ads to drain your advertising budget.

What exactly does fraud0 block?

We block fake and low-quality traffic. Fake traffic can be:

Data Center

Data centers are a popular location for malicious bot networks. As data centers are secured locations that humans generally do not have access to, traffic originating from a data center is most likely a bot. For example, a session originating from an Amazon AWS data center IP address block is unlikely to be a valid human user.


By routing their traffic via residential proxies, bot developers obfuscate their location and identity. Allegedly, this is relevant traffic from important markets such as the USA, Germany, or the UK. However, it actually originates from countries such as India, Pakistan, or Bangladesh. We keep a blocklist of known proxy connection details and IP addresses and flag traffic from these sources.


Tor, short for The Onion Router, is a protocol designed to anonymize internet traffic. Fraudsters can use Tor to disguise their location and usage information.


Malicious bots that scan websites for specific information such as email addresses, phone numbers, inventory details, or pricing data. This is often the case on e-commerce websites, where scraper bots are mostly used by competitors to undercut prices and increase their sales.

Behavioral Anomalies

Since bots are programs that perform repeatable actions, the exact repetition of activities can be an indication of non-human traffic. For example, to detect non-human traffic, we measure the intervals between clicks on a website. A human user has variable click intervals and patterns and does not behave with inhuman precision. Another example is measuring the number of clicks within a given session. A deviation from normal human activity may indicate that the user is a bot. When actions are performed by a script, the number of clicks can be very high or very low. Both can indicate suspicious activity.

Automation Tools

Fraudsters use tools like Puppeteer or Selenium, which were originally programmed to help developers test their work. However, these tools can also be used to easily create bots that visit websites and click on ads.

False Representation

False representation, also known as “user agent spoofing,” occurs when the browser’s user agent string is altered to disguise the user’s identity. When user agent tampering is present, there is a very high probability that the traffic is caused by a fraudulent user. The same is true for the rotation of the user agent identifier. Bots use rotating details (e.g., different browser type or operating system) for new sessions to impersonate a legitimate user. However, it is highly unlikely that the IP address of a real user would have constantly changing user agent details, since real people usually use the same devices and browsers.

Cookie Rotation

To avoid detection, bots also rotate cookies and referrer information. It would be suspicious if the same IP address (or other identifiers) is recorded with different cookies, since the normal ratio between a real user and his cookies is one-to-one.

Plugin Analysis

We analyze irregularities between installed plugins and browser functions to identify bot traffic.

Blacklisted Referrer

We maintain a block list of referrers that are known sources of poor traffic. These include bot farms, click farms, or fake websites based solely on bot traffic.

Malicious Publisher

Malicious publishers set up fake websites, fill them with plagiarized content, sign them up to ad networks, and then direct bot traffic to them. We maintain a block list of “malicious” publishers and flag traffic from these sources.

Click Farms

Click farms employ numerous low-paid workers to:

  • click on advertisements

  • like content

  • share content

  • comment on content

  • subscribe to / follow accounts

Typically, these organizations are located in developing countries such as China, India, Indonesia and Bangladesh.

Known Bots 

We maintain a blocklist of known bot and crawler names.

What exactly does 'detect on one platform, exclude on all platforms' mean?

When we detect unwanted clicks on one platform, we automatically block them on all other platforms as well. For example, if we detect invalid users on Google Ads, we also block them in your Facebook, Twitter, and LinkedIn campaigns.

This gives you the peace of mind that your advertising budget is protected in the best possible way on all channels.

What about VPN / Proxy connections?

The use of VPNs is a factor we consider when analyzing for fraudulent activity. However, we do not block traffic solely for the reason that it came via a VPN connection.

Proxy connections are much more likely to be malicious than VPN connections. We keep a block list of known proxy connection details and IP addresses, and flag traffic from these sources.

Our analysis shows that over 99.3% of ad clicks from proxy networks are automated bots. That’s why we block traffic via proxy connections by default.

Does fraud0 impact the performance of my website?

No. fraud0 was built with performance in mind and will not have any impact on your website.

Will my website visitors notice fraud0?

No, your website visitors won’t notice the use of fraud0. Only fraudulent traffic will notice it by being excluded from your ad campaigns.

Is fraud0 GDPR-compliant?

Of course! You have the express right to protect yourself from fraudulent activities. Our detection algorithm were built with a strict privacy first approach. There is no PII (personally identifiable information) needed to label fake traffic, but only standard JavaScript parameters.

Already have a fraud0 account?

Have a look at our Getting Started Guide → to implement fraud0 on your website and connect it to your ad systems.

Need support?

Do you still have questions or require further details? Contact our support team for assistance!

Send us an email →