Examining the State of Fake Traffic in 2023
Data & Analytics | March 16, 2023
Over the past 40 years, the internet has expanded into a massive highway of information–with billions of daily active users and trillions of daily engagements–driving innovation, growth, and connectivity on a global scale.
But as the internet has grown in scale and sophistication, the quality and authenticity of its traffic has decreased as the web is increasingly flooded with automation tools, bots (good or bad), and users who, for one reason or another, aren’t genuine.
This is known as fake traffic, i.e., web traffic that consists of bots, fake users, and otherwise invalid users that cannot turn into legitimate customers. This could mean harmless bots like search engine’s web scrapers or malicious traffic like ad fraud botnets.
To help better understand this phenomenon and the impact it has on businesses, CHEQ has conducted the first annual State of Fake Traffic report.
By analyzing billions of data points from tens of thousands of anonymized campaigns, funnels, and websites protected by CHEQ, we were able to gain accurate insight into the scope of the fake traffic problem, and how it affects different platforms, industries, and regions. Read on for a brief executive summary of the report, or download the full 35-page report here to see how specific industries, regions, and platforms are affected.
Why Fake Traffic Matters
For marketers, fake traffic has always been a concern. It wastes valuable advertising dollars, pollutes funnels with invalid leads, and ultimately skews analytics used to make critical decisions.
But the effects of fake traffic extend far beyond the marketing department–The Fake Web has become a strategic business issue.
Entire organizations, from Twitter to PayPal, to Ticketmaster, have had to jump into crisis mode after go-to-market initiatives unintentionally led to exploitation from bad actors on the web.
Dealing with these issues has historically been the domain of IT and Security, but as today’s C-suite has realized, fake traffic has fundamentally become a go-to-market issue and can threaten the overall security of a business.
That’s why, with this report, we want to show you just how widespread and pervasive the threat of fake traffic is. Using data from thousands of websites and billions of valid and invalid visits from 2022, we examined the prevalence of the different threat types that make up invalid traffic, how invalid traffic adversely affects various industries, countries, and regions, and how fake traffic breaks down across marketing channels. We’ll also use this data to build predictions about the state of invalid traffic in 2023 and beyond and how marketers and security teams can best adapt to overcome this growing challenge.
The State of Fake Traffic
In 2022, we evaluated the fake traffic rates of over 15,000 CHEQ customers and discovered that the volume of attempted attacks or access by fake, suspicious, or malicious actors increased at an unprecedented rate–up 167% from 2021.
Our research shows that, as a percentage of inbound traffic to commercial websites:
So despite the best efforts of search engines, ad networks, and social media platforms to mitigate fraud and falsification, fake traffic continues to plague the web. In 2022:
Now one in ten visitors may not sound like much, but consider this: In 2022, global spending on digital advertising surpassed $600 billion, according to statista.com. By applying our average invalid rate for paid traffic to that number, we can conservatively estimate that approximately $35.7 billion of ad spend budget was wasted on fake and fraudulent traffic last year. And worse, that fake traffic also destroys potential revenue opportunities. Return on Ad Spend (ROAS) is a metric that measures the effectiveness of an advertising campaign by calculating the ROI generated. The formula is simple: for every dollar spent on advertising, businesses can expect 1.5x, 2x, 4x, etc., in return. According to Adadaco, the average ROAS for eCommerce businesses is 4:1, so businesses potentially missed out on approximately $142B in revenues due to fake traffic.
Where Fake Traffic Comes From
To gain a nuanced understanding of the threats posed by fake traffic, CHEQ categorizes the vast ecosystem of invalid traffic into three broad threat groups and dozens of unique threat types. While nearly all threat types grew in prevalence from 2021 to 2022, our research identified three threat types that grew faster than all others, year-over-year.
Click hijacking, which happens when a valid user clicks on a seemingly legitimate asset, like a link or advertisement, that is actually a disguised malicious element, increased 125% year-over-year. Last year, researchers discovered a set of Google Chrome extensions with over a million known installs was hijacking searches and inserting fraudulent affiliate links into web pages, disrupting user experience and costing retailers thousands in affiliate fraud.
Malicious bot attacks, which are attacks by known malicious bots programmed to carried out attacks like card skimming, price scalping, and account takeover, increased 112% year-over-year.
Finally, web scraping attacks increased 101%, year-over-year, making up 9.1% of all fake traffic in 2022.
Get All the Details in the State of Fake Traffic Report
Want to know more about the state of fake traffic in 2023? Download the full report here to get a full overview of fake traffic threat groups and types, how fake traffic breaks down across traffic sources, and more
In this 35-page report, we offer new insights into invalid traffic trends and statistics as we:
- Share invalid traffic rates and trends
- Examine prominent and growing threat types
- Compare invalid rates across 11 major industries
- Compare invalid traffic by region of origination
- Compare invalid rates for paid and organic traffic generated by leading ad platforms, search engines, and social media platforms.
Download our free report today and learn about the latest trends and insights in the world of invalid traffic.