Fighting click fraud is basically finding the fine line between stopping the attackers and letting the innocent visitors in. By setting the click fraud threshold you actually hint the system regarding your common user behaviour. Each IP that meets the threshold criteria will be detected and flagged as a suspicious IP.
This threshold has different effects for the different protection plans-
For the basic protection plan
Once the threshold is met by a clicker, an email will be sent to you and it will include the attacker's IP so you will be able to manually exclude the attacker and block him from clicking on your ads any further.
For the standard protection plan-
The whole process is done automatically.
Once the threshold is crossed, the IP that was detected as causing the fraud is automatically added to all of the campaigns' exclusion lists of the user.
For specific Threshold roles & recommendations for your business type, please also read our Setting your threshold article.