This threat is identified in TrafficGuard reporting as Rate returning duplicate userid.
Repeat clicks occur when a Google Pay-Per-Click (PPC) user:
clicks on the same instance of an ad multiple times, and
the multiple repeat clicks take place outside the set time period where this same behaviour is categorised as duplicate clicks by Google.
The same ad instance is identified using the Google Click ID (GCLID).
Repeat clicks differ to Duplicate clicks in that repeat clicks on the same GCLID take place outside the specific time limit Google determine as duplicate click behaviour. Google will therefore charge for repeat clicks, but generally do not charge for duplicate clicks.
An example of how this threat reason functions:
Click 1: user clicks GCLID 1
Click 2: user clicks GCLID 1 again, outside Google's duplicate click time period
This threat reason is assigned and the IP is added to the exclusion list
This repeat click behaviour is not always fraudulent or malicious but is rarely beneficial for advertisers as it's indicative of non-incremental behaviour that delivers no additional value.
Users who engage in this behaviour can be categorised into two groups: those with harmful intentions and those who intend to return to a website even when an ad is not displayed. Here are some real-world examples to illustrate this:
A person is searching for a new internet service provider (ISP) for their home. They repeatedly click on the same ad to compare different internet plans. In most cases, this user would have eventually returned to the website organically, meaning the multiple charges for the same ad instance would have wasted the advertiser’s budget.
Another user is checking a flight aggregation website for deals. They right-click on an ad 5-10 times to check various destinations. This behaviour repeats over the course of a week before they decide to book. This user would likely have returned to the website organically, regardless of the ads being shown, which could cost the advertiser a significant portion of their ad budget.
A plumbing business wants to deplete their competitors’ ad budgets, as the keywords related to their field have a high cost-per-click (CPC). They repeatedly click on their competitor’s ad, go back, and click again, doing this repeatedly. A malicious actor could exhaust their competitor’s daily ad budget in just a few minutes.
In summary, repeat clicks on the same ad instance outside of Google's time limit of normal behaviour can lead to unnecessary charges for advertisers. They are typically caused by users with either malicious intent or a strong intent to return to the website, making it an inefficient use of ad budget.