meta pixel
angular
Campaign-IQ
LoginGet a demo
All resources
Blog· Fraud & invalid traffic

Fraud basics: invalid traffic, bot clicks, and the spend they quietly eat

A working definition of invalid traffic, the categories that matter to performance marketers, and how to stop paying for them on Shopify and Amazon.

June 16, 2026

5 min read

Invalid traffic is not an abstract brand-safety problem. It is a line item on your ad invoice that was never going to convert. The goal of this piece is to give you a working vocabulary, the three categories of fraud that matter most to performance marketers, and a sense of what “good” looks like after you filter for them.

A working definition

Invalid traffic (IVT) is any click or impression generated by a non-human source, a misconfigured measurement source, or a deliberately fraudulent one. Industry bodies (MRC, IAB) split IVT into general (GIVT — known bots, datacenter traffic, crawlers) and sophisticated (SIVT — fraud rings, click farms, malware-driven activity, hijacked devices).

Both categories cost you money. The first is easy to filter on the platform side and largely already is. The second is where the bleed happens.

Three categories worth naming

These are the three patterns that drive the bulk of wasted spend for Shopify and Amazon operators.

  • Click farms on display and discovery placements — high CTR, near-zero add-to-cart rate, near-zero LTV. Often concentrated on a small set of low-quality placements.
  • Bot-driven retargeting loops — sessions that bounce, get re-served, click again, and bounce again. The ROAS report looks fine; nothing reaches checkout.
  • Misattributed organic — not fraud in the criminal sense, but pixel events fired by browser extensions, accelerated mobile pages, or proxy traffic that get credited to a paid source they did not originate from.

What good looks like after you filter

Most operators see 8–18% of declared paid traffic flagged invalid in their first two weeks of monitoring. The headline number is not the point — the point is the placement-level distribution, because that is what unlocks exclusion lists you can actually act on.

After fraud filters run for a few weeks, your POAS by placement starts to look very different. Cheap placements that were carrying suspicious volumes drop out of the top of the queue; trusted placements move up. The cleaner POAS is itself the proof the filter is working.

Takeaways
  • IVT is a spend leak, not a brand-safety abstraction.
  • The three patterns worth monitoring are click-farm placements, bot retargeting loops, and misattributed organic.
  • After 2–3 weeks of filtering, the right diagnostic is whether POAS by placement has visibly redistributed — not whether the invalid-traffic percentage went down.

Keep going

Catch fraud

How Campaign-IQ scores traffic quality in real time and excludes bad sources.

Open
POAS vs. ROAS

Why measuring on POAS makes fraud impact visible immediately.

Open
Cut wasted spend

The other half of the bleed: campaigns that just lose money on real humans.

Open

See it on your own spend.

Connect Shopify, Amazon, Google, and Meta and we will show you Yield and POAS for your last 90 days on a live dashboard.

Get a demo