Google published their findings after investigating several allegations of Click Fraud.
The report is good, and Google rebuts that the ClickFraud detection companies are doing sloppy detection. Naturally, hearing Google claim that ClickFraud is bogus sounds like they are being defensive. But, if you read the paper, Google clearly did some solid engineering to investigate these claims.
Google found that the ClickFraud-detection companies are just making basic errors in their detection of fraud. According to ArsTechnica, at least one of the ClickFraud claimants (ClickFacts) has agreed that Google did identify real problems in the ClickFact’s detection logic.
Google also researched the results from an AdWatcher report. In the report, AdWatcher told the advertiser that they had been a victim to ~12,000 fraudulent clicks. However, during that period, the customer was only billed by Google for ~6,000 clicks. This is just impossible; obviously the fraud count can’t be larger than the total clicks billed.
If you know even a little about how http, referrers, and web-browsers work, you should check out the Appendices in the Google report. Frankly, it’s shocking that the ClickFraud companies are making such basic errors in their reporting. Obviously, their business is hinged on proving that ClickFraud exists, but they need to do a lot more diligence in their engineering before making their claims.
It’s refreshing to see real engineering research being done on this stuff rather than the marketing claims based on fuzzy data that we usually see.