Scenario: You call someone who supposedly submitted a webform, yet the person answering has no idea who you are an are adamant that they never submitted a webform.
Sometimes that is someone who legitimately does not remember submitting a form, but a growing number of these are people whose data is being used for Conversion Fraud
Quick FAQ:
Does Liine have anything to do with why spam is put through? NO. This occurs at the Google Ads level. Like any form, Liine's forms simply collect the information that is input into them. This would happen with any form platform if you are considering a form submission as a primary conversion in Google Ads.
What does Liine do to help combat these compared to other form providers? In addition to typical captchas and honeypot fields, our forms and form fields render inside secure iframes (instead of being directly embedded in raw HTML), This makes it much harder for bots to identify, target, or interact with the form structure, especially if they’re parsing your page's HTML to find form fields. It also helps isolate form scripts and validation logic, providing additional protection against automated abuse.
How do I know if we are getting submissions from Google's Search Partner Network (ie the most common source of spam submissions)? In your Liine dashboard, filter your interaction log to see if any Landing Pages contain "gad_source=5"
Why You're Seeing an Uptick in Spam from Google Performance Max (PMax) Campaigns
If you’re running Google Performance Max (PMax) campaigns and noticing a surge in spam leads, you’re not alone. This is a growing issue, and it's not just typical click fraud anymore. Here’s what’s really going on.
Click Fraud vs. Conversion Fraud: What's the Difference?
Both click fraud and conversion fraud have the same ultimate goal:
to siphon your ad spend by faking performance signals.
Click fraud stops at generating fake traffic — bots or bad actors click on your ads to make it appear like there’s interest, driving up costs.
Conversion fraud takes it further by fabricating successful outcomes (like form submissions) to manipulate bidding algorithms into allocating even more budget.
In essence, conversion fraud is the evolution of click fraud — not just pretending people are interested, but pretending they’ve actually converted. This makes it much harder to detect and more damaging to your campaigns.
How They Profit:
Fraudsters run low-quality or fabricated websites enrolled in Google’s ad partner network.
When your ads show on their sites, they earn a share of the ad revenue from your clicks.
By submitting fake leads as "conversions," they trick Google’s algorithm into prioritizing their sites, leading to more impressions and higher payouts.
In short, the better their fake performance looks, the more budget gets routed to them—and the more money they make from your spend.
In Summary
Click Fraud Bots (what you normally think of as "spam")
Goal: Waste ad spend by generating fake clicks without any intent to engage.
Automatically click on ads to drain your budget.
Typically run by competitors, shady affiliates, or general-purpose botnets.
Often show high click volumes with no meaningful interaction or conversions.
Usually detected and blocked by click fraud protection tools or Google's own filters.
Conversion Fraud Bots (more advanced - common for pmax campaigns)
Goal: Submit fake but seemingly legitimate conversions (like form fills) to manipulate ad algorithms. This drives more revenue for the spam sites that are a part of Google's network.
This fraud generates actual conversions using real names, emails, and phone numbers.
These can be advanced bots but they can also be real people doing what is called "conversion farming" where a person/group of people is actively submitting fake data in order to generate revenue for their sites.
Data is often scraped or taken from old data breaches.
They trick Google’s algorithms into thinking your campaign is performing well.
This manipulation can help bad actors steer budget toward their own low-quality sites or affiliate scams.
Why It’s Happening Now
Google’s automated bidding systems, especially with PMax, are heavily optimized toward conversions. If someone can spoof those conversions, the algorithm will reward them with more traffic and budget.
And unlike traditional click fraud, conversion fraud is harder to detect because:
The contact info looks valid.
The form technically completes successfully.
Google sees it as a “job well done.”
But Wait, the Info Looks Real?
Yes—and that’s part of the problem. These bots often use:
Real contact info from scraped sources.
Realistic names, phone numbers, and emails.
Behavior designed to mimic human interaction.
When your team reaches out, the person on the other end has no idea what you’re talking about. The result? Wasted time, damaged brand trust, and bad data in your CRM.
Why CAPTCHA and Honeypots Aren’t Enough
Modern bots are:
Solving CAPTCHA using human farms or AI tools.
Detecting and avoiding honeypot fields.
Rotating IPs and devices to avoid detection.
Simple front-end defenses aren’t cutting it anymore.
The Role of Search Partners in Conversion Fraud
Many spammy leads originate from Google search partners — third-party websites allowed to display ads as part of Google’s extended network.
Why would they allow fake leads?
These partners are financially incentivized to drive conversions because they earn a share of the ad revenue from your clicks.
If they can make it appear that your campaign is generating high conversion rates, Google’s bidding algorithm will allocate more budget to their placements.
They use bots to submit fake form fills with real-looking data, inflating their site’s performance and ad value.
This creates a feedback loop where fraudsters get rewarded for faking success, while you get stuck with fake leads and wasted ad spend.
What You Can Do
1. Optimize for Real Outcomes
If you’re using our platform, you’re already way ahead. Instead of optimizing toward lower-bar conversions like form submissions, we allow you to optimize ad campaigns based on booked appointments and call leads. These are events that demonstrate clear qualification and intent, making it much harder for fraudsters to manipulate your data.
Our system essentially performs automated lead scoring and conversion filtering by design. Because we verify new patient calls through call analysis and confirm actual bookings, you can be confident that only truly valuable actions feed your ad strategy. That means less noise, more signal—and far better ROI.
2. Strengthen Website Filtering
Block suspicious activity from entering your website, based on IP address, device fingerprinting, etc.
Add behavior-based fields (e.g., mouse movement, time on page).
Delay submission button for a few seconds.
3. Blacklist sites in Google Ads that are driving a lot of the phony conversions.
Final Thoughts
PMax campaigns are powerful, but with that automation comes risk. Conversion fraud is more subtle, more damaging, and harder to catch than click fraud. But with a combination of smart validation, behavioral tracking, and improved conversion logic, you can significantly reduce its impact.
Need help implementing this? We’re here to help.