Suspicious behavior is any unusual activity from a click that may indicate it is non-human or fake. Our algorithm looks beyond traditional methods of identifying suspicious behavior, such as simply monitoring IP addresses. Instead, we take a more holistic approach, analyzing over 800 different factors to determine whether a click exhibits normal or abnormal behavior.

What We Monitor

Our system reviews a variety of data points, such as device fingerprints, host names, and the type of device being used. This allows us to detect discrepancies that may suggest suspicious activity. For example:

Device Misrepresentation: If a click is coming from a mobile device but the device claims to be a desktop, this inconsistency raises a red flag.
Use of VPNs and Proxies: When a click originates from behind a VPN or proxy, particularly on a mobile device, it may signal non-human activity, as it’s not common for mobile users to configure such setups unless there are legitimate reasons (like using Apple’s private relay, which is rare).
Geographical Mismatch: If a campaign is set to target a specific region, but the click originates from an entirely different location—say, a campaign targeting users in the U.S., but clicks are detected from an old device in India—this could be another indicator of suspicious behavior.

If this knowledge base article doesn't resolve your issue, feel free to explore our other articles. If you still need assistance, don't hesitate to contact us for further support.

What is suspicious behavior?

What We Monitor