Bots on your site, as seen in FouAnalytics
Let me start this article by reminding everyone that bots can do EVERYTHING you can in a browser. Literally everything. That's because bots ARE browsers, and they are automated -- i.e. remotely controlled -- by code. They can complete online forms and submit them, for cost-per-lead (CPL) fraud. They can buy stuff with stolen credit card numbers, they can play games faster than humans can react and help perps cheat on those games, etc. Bots create fake social media profiles and interact with users, not just the recent AI-girlfriends. In 2016, Ashley Madison admitted to using female chatbots to lure men into paid subscriptions [1]. Bots can solve captchas and buy up Taylor Swift tickets within minutes of launch, so scalpers can resell the tickets at 5 - 10X the cost.
By using FouAnalytics on your site, you can "see Fou yourself" what bots came to your site, what they did on your site, why they did it, and whether you need to take action.
Search crawlers - bots from search engines used to index content on your site
Search crawlers are marked as yellow in FouAnalytics. In the example data below you see Googlebot. There are 2 flavors - desktop and mobile. But you can see that Googlebot comes from Google data centers and the IP addresses are published by Google, as official googlebot IP address ranges. Do any of your legacy fraud verification vendors show you this level of detailed supporting data so you can "see Fou yourself?" Of course not.
Scraper bots - bots that steal content
Scraper bots come in all shapes and sizes. They are often observed on publishers' sites because the bots "scrape" or steal content from the publishers. In the example data below you see the word "HeadlessChrome" in the user agent. These are bots that "declare" themselves as bots, so they are marked "orange" in FouAnalytics for "declared bots." Sometimes these types of bots are just nuisances. But in other cases, valuable content is stolen from real publishers and used elsewhere to commit ad fraud. Seeing this level of detail means you can also take further steps to block these bots if you want to. You can block them at the network level based on the IP addresses that are observed, or based on the data centers from which they originate. Which legacy fraud verification vendor shows you this kind of detail so you can understand why these bots were marked orange? Right, none.
Retargeting bots - collect retargeting cookies to earn higher CPMs
Remember the chart below, from my article entitled: Pernicious Retargeting and Remarketing Fraud. You can see that for both of these advertisers, the retargeting and remarketing lines in the data show much higher dark red. These are bots that clicked to the site from those campaigns. But before the click, these bots have already visited the site to collect a retargeting cookie. The platforms assume this fake user has "shown interest" because they visited your sites. So they try to retarget that cookie with your more expensive retargeting ads. These bots visit fake cashout sites and apps and when the ads load on those fake sites, the criminals that operate those sites and apps get a higher CPM than for a non-retargeted ad. Which legacy fraud detection vendor helped you see these bots that are active in retargeting and remarketing campaigns? Right, none.
领英推荐
Retargeting and remarketing bots affect ecommerce advertisers the most. But they don't have to do anything on the site. They just have to load the page to collect the retargeting cookie. See the following articles for more examples.
Bad bots - used for ad fraud and to trick optimization algorithms
Bad bots are the ones that deliberately try to disguise themselves and avoid detection. In the left side donut chart below, you see that most of the clicks that arrived on the site from a PMax (performance max from Google) campaign were dark red (bots). And on the right side click charts you see the click charts which show that these bots ALSO created fake clicks on the landing page. Why did they do that? The presence of a click on the landing page is enough to trick the PMax algorithm into thinking there was engagement on the landing page. That means the algorithm is tricked by the bad guys to allocate more of your budget to the fake sites and apps that use this kind of bot. Did any of your legacy verification vendors help you see this and stop it? Of course not.
So what?
Hopefully from the examples above you realize that 1) bots can do ANYTHING and 2) if you have FouAnalytics on your site, you can "see Fou yourself" which bots they were, what they were doing on your site, and what you can do about it.
Happy Sunday Y'all.
For more articles, screen shots, and practical case examples: https://www.dhirubhai.net/in/augustinefou/recent-activity/newsletter/