PPC Shield, a click fraud prevention company, recently published the results of a study showing that the largest companies in the U.S. have lost a total of $717 million dollars to abuse of pay-per-click (PPC) advertising fraud.

PPC click fraud refers to the repeated clicking of a banner advertisement on a website with the aim of exhausting an advertising budget or artificially padding ad revenue. Click fraud is malicious and has a negative impact on both ad networks and advertisers.

PPC Shield examined Google’s advertising network and the consumer-oriented websites of Fortune 500 companies to calculate the estimated total cost of their PPC activities over the past year.

Google, the largest donor, invested more than $680 million, leading to a potential loss of way above $95 million. Dell Technologies posted a projected loss of $73 million, while Amazon lists $48 million.

Gartner Senior Research Director Jonathan Care said that companies are not the main targets of PPC scammers because the attack is directed at the pay-per-click system itself. “The target is actually the ad network that provides the ad; in many cases a click fraudster sets up his own “victim” site and self-click,” Care notes.

That may come as a relief to anyone who only hosts ads but ad networks and companies that pay per click for their ads should still remain vigilant to protect their reputation, Care said.

Care mentions that the only good way to combat click fraud is to introduce an identity system that focuses on devices and behaviour to detect anomalies. “This would allow undesirable participants to be identified and therefore excluded from any revenue payments,” Care said.

PPC Shield said there are three things to look out for when reviewing your PPC advertising campaigns: an unusually high click-through rate, lower retention and shorter bounce times than expected, and a sudden drop in ROI.