https://adwords.googleblog.com/2016/04/more-defenses-roll-out-to-thwart-clickjacking.html At Google we defend our ad systems from fraud using technology in a variety of ways. Often our investment in these defenses goes beyond protecting against only known threats. Our engineering and operations teams are continually working to identify new and emerging threats. Once a new ad fraud threat is found, we move quickly to defend our systems against it using a combination of technology, operations, and policy. Recently we identified “Clickjacking” (aka UI Redress) as an emerging threat to cost-per-click display ads, and we’ve rolled out new defenses to protect advertisers against this threat. Clickjacking is a type of web attack where the appearance of a website is changed so that a victim does not realize they are taking an important action, in this case clicking on one or more ads. For example, a user may intend to click on a video play button or menu item, but instead clicks an invisible ad unit. Moving quickly to thwart Clickjacking attempts Earlier this year when our operations team identified Clickjacking activity on our display network, they moved swiftly to terminate accounts, removing entities involved in or attempting to use this technique to trick users. Our engineering team worked in parallel to quickly release a filter to automatically exclude this type of invalid traffic across display ads. This approach delivered a one-two punch to publishers who violated our policies: our operations team, which forms an early line of defense against invalid traffic, cleaned out publishers from our ad systems, while engineers built a new filter as a durable defense to protect against Clickjacking traffic.