-
Solutions
By Challenge
-
High CPC niches
Stop paying premium prices for fake clicks.
-
Declining Performance
Clean your data so the algorithm works again.
-
Junk Leads
Keep bots out of your CRM and pipeline.
-
Competitors Clicking
Block competitors from draining your budget.
By Role
-
Small Businesses
How ClickPatrol can help your business.
-
Agencies
How ClickPatrol can help your agency.
-
Brands
How ClickPatrol can help your brand.
-
-
About ClickPatrol™
-
About ClickPatrol™
Who are we and read about our mission.
-
Affiliate Program
Sign-up for our affiliate program, we love to partner up with you.
-
Request Demo
Fill in this form to receive a demo and more information.
-
-
Resources
-
FAQ
Everything you need to know & answers to all the common questions.
-
Case Studies
See why agencies and business owners use ClickPatrol to protect their ads.
-
Customer Reviews
Customer Reviews and Success Stories of the ClickPatrol community.
-
Tools
Tools published by ClickPatrol & Friends.
-
Blog
Read articles and guides by our expert content team.
-
- Pricing
- Sign in
- Start My Free 7-Day Trial
What is a Volumetric Attack?
A volumetric attack is a type of distributed denial-of-service (DDoS) that tries to consume all available bandwidth (or fill links and state tables) so legitimate traffic cannot reach the target. The method is brute force: send more bits per second than the target or its upstream can carry.
Table of Contents
How volumetric attacks generate volume
Attackers almost never use one PC. They use a bot network or stress-for-hire services so thousands of sources hit the victim at once. Common vectors include:
- UDP floods: High packet rates to many ports; the host and network spend resources handling junk.
- ICMP floods: Mass echo requests and replies that saturate links in both directions.
- Reflection and amplification: The attacker sends small requests to third-party servers with a spoofed source IP (the victim’s). Large responses flood the victim. DNS, NTP, and misconfigured services have been frequent amplifiers.
Mitigation typically involves upstream ISP or cloud scrubbing centers, BGP diversion, rate limits, and filtering obvious abuse patterns before they reach the application.
Volumetric vs. application-layer DDoS
Volumetric attacks target capacity at the network edge. Application-layer (Layer 7) attacks can use far less bandwidth but still take sites down by exhausting CPUs or databases. Large campaigns sometimes combine both: a loud volumetric wave distracts staff while a quieter Layer 7 stream hits login or API paths.
Relevance to marketing, publishers, and fraud
When sites or DNS go offline, paid campaigns and organic visits fail together. Publishers lose ad impressions; e-commerce loses sales during peaks. Volumetric attacks can also produce ugly cloud bandwidth bills if attack traffic is metered.
The link to click fraud is mostly indirect: both problems involve scaled, distributed traffic, but DDoS aims at outage, not ad billing. Still, teams that run high-profile sales or controversial brands should plan DDoS response alongside ad fraud controls. Understanding volumetric floods also clarifies why “more traffic” on a graph is not automatically good traffic. For deeper background on automated traffic at scale, see types of bots on the ClickPatrol blog.
- Chamber of Commerce: 71448519
- VAT: NL858719423B01
-
- Get Started
- Plans & Pricing
- Start Your Free Trial
- Book a Demo
- Sign in
-
- Partners
- Become Affiliate
- For Agencies
- For Brands
Trusted by 4,100+ websites worldwide
