12.015 IMPRESSIONS, 0 CLICKS

12.015 IMPRESSIONS,

0 CLICKS

Welcome to impression fraud in Google Ads

A search campaign with Ad Relevance “Above Average,” a 48% Absolute Top rate, and a 95% Search Impression Share. And zero clicks. This is not a problem with your ads. It is an attack. More specifically, an impression storm.

Real Google Ads screenshot · Ad group anonymized · Search campaign

↑ 0 clicks out of 12,015 impressions. Ad Relevance: Above Average. 95% Search Impression Share. Google shows no warning at all.

CTR = 0,00% while holding the absolute top position nearly half the time. Quality Score and Ad Quality silently collapsing.

You have a well-built search campaign. High-intent exact match keywords. Ad Relevance “Above Average.” You are in absolute top position almost half the time. Your Search Impression Share reaches 95%.

And within a few hours — sometimes just minutes — that keyword racks up 12,015 impressions. Zero clicks.

Google does not warn you. There are no alerts. No flags in the dashboard. The account appears to be functioning normally.

Something is destroying your Quality Score and your Ad Quality, inflating the CPC you pay in every auction and dragging down your ranking. And most likely, it is a competitor.

What impression fraud is (and why it may be worse than click fraud)

Most advertisers have heard of click fraud: someone — a bot, a competitor, a click farm — clicks on your ads to drain your budget. It is a real problem, but Google usually detects it (with mixed success), reports it (somewhat opaquely) in its invalid click metrics, and reimburses it (at least partially).

Impression fraud is different. More sophisticated. And none of Google’s metrics report it.

HOW THE ATTACK WORKS:

01 A botnet launches massive search volumes on your highest-value keywords.

02 Your ads are shown. Impression recorded. The bots do not click. They leave.

03 Google charges you nothing. Technically, there is no direct damage.

04 This attack is repeated systematically for weeks, months, or even years, on the same keywords, at the same times.

05 Your historical CTR collapses. Google interprets that your ad is not very relevant for those searches.

06 Expected CTR drops to “Below Average.” Quality Score falls — and with it, the Ad Quality Google uses in the real-time auction to calculate your Ad Rank and your actual CPC.

07 There is no refund possible. The damage is indirect, cumulative, and does not appear on any invoice line.

HOW THE ATTACK WORKS:

01 A botnet launches massive search volumes on your highest-value keywords.

02 Your ads are shown. Impression recorded. The bots do not click. They leave.

03 Google charges you nothing. Technically, there is no direct damage.

04 This attack is repeated systematically for weeks, months, or even years, on the same keywords, at the same times.

05 Your historical CTR collapses. Google interprets that your ad is not very relevant for those searches.

06 Expected CTR drops to “Below Average.” Quality Score falls — and with it, the Ad Quality Google uses in the real-time auction to calculate your Ad Rank and your actual CPC.

07 There is no refund possible. The damage is indirect, cumulative, and does not appear on any invoice line.

The numbers: how much this can cost

In one real case we analyzed — an advertiser with average CPCs in the hundreds of dollars on highly competitive keywords — we documented the impact over two years. The pattern was always the same: abrupt impression spikes concentrated within a single hour, with CTR below 0.1% despite holding Ad Rank 1–2. In some cases, 99–100% of the day’s impressions occurred in a single hourly window of less than 10 minutes. And this did not happen once: it repeated systematically, across dozens of campaigns, for months (sometimes years).

+30%

>$ 1M USD

Estimated CPC increase caused by the drop in Ad Quality

Estimated documented CPC overspend in a single client account

+30%

Estimated CPC increase caused by the drop in Ad Quality

>$ 1M USD

Estimated documented CPC overspend in a single client account

And this is only the quantifiable part. It does not include the impact on PMAX and Smart campaigns, conversions lost due to worse positions, or the damage done to Smart Bidding by contaminated signals.

In our own controlled experiment, we observed that keywords with a low QS paid up to 33% more per click than similar keywords with an average QS (see our analysis on Quality Score).

Real Google Ads screenshot · Affected keywords · Anonymized data

↑ The damage is visible and concrete: keywords with active bids marked as “Rarely shown (low Quality Score).” Impression fraud does not just inflate CPC — it pushes your ads out of the auction.

All keywords show QS = 2/10 and Expected CTR “Below Average.” CTRs below 1% across hundreds of impressions. The loop is closed: fraudulent impressions → crushed CTR → deteriorated Ad Quality → penalized Ad Rank and CPC.

We are not talking about theory. We are talking about the money Google charges you in every auction — and the customers you fail to acquire because your ads are barely shown.

Why Google does not detect it — or does not do enough

Google has more information about user behavior than any company on the planet. Its anti-fraud systems act on invalid clicks with some regularity. With impression fraud, the situation is more nuanced: Google does act in some cases, but only partially and insufficiently.

Accumulated and instant impressions · Attacks around 7:50 AM · January 2026

↑ In the first 20 minutes after the attack, Google removes part of the fraudulent impressions — the negative bars confirm it. But a significant portion remains, contaminating campaign and account-level metrics.

Three different days, same pattern: vertical spike at around 7:50, immediate partial drop, elevated residual level that remains in the history. Google acts, but not enough.

When Google intervenes, it does so halfway. And in some cases, it does not act at all.

Daily impressions by device · Full year 2025 · Anonymized data

↑ On one specific day in 2025: more than 6,000 impressions from desktop, completely out of scale. We do not know how much Google removed — we only see what remained. But what remained is mostly fraudulent: the spike occurred only on desktop, not on mobile or tablet, and virtually 100% came from demographics unknown to Google, patterns incompatible with normal human behavior.

What Google did not remove contaminated historical CTR and degraded the Ad Quality of the affected keywords.

The attack signature we have documented is unmistakable: spikes of 200x, 1,000x, or even 5,000x above average hourly volume, concentrated in 10-minute windows, with CTRs dropping below 0.1%, repeating on the same keywords, on the same day of the week, at the same time, week after week. That is not a statistical fluctuation. That is a script activating bots in an automated way.

The underlying problem is structural: impression fraud — impressions without clicks, technically free for the advertiser — triggers no automatic alerts in the dashboard, does not appear in “invalid activity” reports, and Google does not share the associated IP or User Agent data. The damage comes through another route: the degradation of historical CTR that determines your Ad Quality, Ad Rank, and how much you pay in every future auction. Real, cumulative damage that is nearly impossible to claim, because it appears on no invoice line.

The signals you should be watching

If you operate in a market where CPCs can reach three digits and fraudulent clicks are common, this may be happening to you right now without you knowing it.

Abnormally low CTR on high-intent keywords

High-intent exact match, Ad Relevance “Above Average,” and CTR below 0.5%. Something does not add up.

Hourly impression spikes with CTR ≈ 0%

In the report by hour of day: if 80–100% of a day’s impressions are concentrated in a single hour with zero clicks, that is the pattern.

Disproportionate “unknown gender” traffic in Search

If it exceeds 40–50% of total Search campaign traffic, that is a warning sign.

Correlation between impression volume and unknown traffic

The days with the most impressions are also the days with the most “unknown” demographics. That is the classic pattern of first-generation bot-driven impression fraud.

Status: “Rarely shown (low Quality Score)”

Keywords with strong bids and good relevance marked as limited by QS. The history may be contaminated — and that low QS is the visible symptom of deteriorated Ad Quality already penalizing your Ad Rank and increasing your CPC.

What you can do

The bad news is that there is no perfect solution. Google does not offer native tools to block this kind of fraud, does not share the IP or User Agent data associated with impressions, and technically does not acknowledge having charged you for it.

The good news is that the pattern is recognizable if you know where to look, and the impact is quantifiable. What can be measured can be managed.

The first step is to know whether you are being affected. That requires a high level of granularity: intraday performance by keyword and search term, demographic distribution correlated with volume, and the historical evolution of Quality Score keyword by keyword.

If you are being affected, the next step is to document it, escalate it to Google, and — in the meantime — work actively to recover Quality Score and, with it, Ad Quality through the levers you do control: improving expected CTR, ad relevance, and landing page experience. These are the three main factors Google recognizes as components of Ad Quality, and the ones that determine your Ad Rank and your real CPC in every auction.

Finally, protect yourself. Monitor and temporarily block the most toxic search terms as soon as impressions spike. But this is not something that can be done manually. Rely on scripts to monitor 24/7 and react in real time. Here, speed of reaction is critical.

Fáktica Analytics

Are you in a highly competitive market with high CPCs?

Are you in a highly competitive market with high CPCs?

We work with advertisers where the difference between a QS of 5 and a QS of 7 translates into tens of thousands of euros per month. We have developed our own methodology to detect and document impression fraud patterns, quantify their economic impact, support advertisers in the escalation process with Google, and build a proprietary architecture to prevent it from continuing.