So that he wouldn't be a victim again, Hill got some help.
"I partnered with a company called ClickFacts, a startup based out of San Francisco, and they are able to track all of our click-throughs -- where people are coming from," he said.
"They have fairly sophisticated analytics to help you identify what is click fraud and what is not," Hill said. "So we are in a process of tracking with them month by month to watch for it."
According to Mikhail Ledvich, chief strategy officer for ClickFacts, stopping click fraud takes vigilance and high technology.
"We look for abnormal traffic patterns and abnormal user behavior to figure out when there is someone potentially gaming the system to con the advertiser," Ledvich said.
"I'm working with it every day, spending an hour-plus a day doing it," Hill said.
A company victimized by click fraud could also be the target of consumer revenge.
"The person who has a motive for click fraud … could be someone who's upset at J.C. Penney and clicks enough times to make them pay enough that it adds up to the $10 refund [they wanted]," said Dallas attorney Stephen Malouf.
To prevent advertisers from paying for fraudulent clicks, Google and other search engines filter Web traffic, not charging advertisers for some percentage of the hits on their advertisement. The exact methods they use to filter the traffic, however, remain a closely guarded trade secret.
"They are fiercely protective of what they do to prevent against click fraud, but for good altruistic reasons," Kabateck said.
"They believe that the minute someone learns their methods ... it's like a smart virus. They'll find a new way to commit click fraud."
Despite those protections, in 2005 click fraud led to roughly $800 million lost on fraudulent clicks.
ABC News' Maxwell Sandgrund contributed to this article.