By now, most readers have heard of - the multi-year ad fraud scheme that defrauded advertisers of millions of dollars. These schemes received global coverage because even though ad fraud has been around for years, the US Department of Justice is finally looking to hold someone accountable. And while these rings are getting a lot of press attention, they are not the first of their kind.
Over the years, it has become common practice to nickname bot fraud activity in the media but in practice a lot of the newly discovered bot fraud methodologies are just old botnets using new fraudulent methods. The same culprits that used malware last year to generate nonhuman impressions can this year, using fraudulent mechanisms, spoof desktop impressions as premium CTV. And while bots often take center stage, they are not the only fraudulent actor you should watch out for on the world wide web.
So what kinds of sophisticated invalid traffic (SIVT) should you look out for in 2019 and beyond?
- Bot Fraud. The most well known ad fraud by far. This type of fraud masquerades as real, human users. Serving impressions to bots is about as effective as serving impressions to cardboard cutouts of celebrities. One interesting nuance about bots and bot activity is that it is very short lived. DV has found that new bots live on average for 72 hours and produce the highest amount of fraudulent impressions within the first 24 hours.
Botnets are groups of devices that run malicious software or malware that can commit ad fraud. Frequently, users of these devices do not know this fraud is occurring on their devices! Talk about stealth. Botnets can syphon thousands of ad dollars through schemes like falsified websites. For example, in a fraud scheme uncovered by DV in , falsified website activity appeared to come from a premium publisher but was actually being delivered from the botnet’s fraudulent server.
- Site Fraud. Although site fraud doesn’t receive nearly as much press anymore, the practice is still quite prevalent. Site fraud is committed by bad actors who generate fraudulent quality views on websites with little to no traffic. One common type of site fraud is impression laundering.
Impression laundering - similar to it’s distant cousin money laundering - conceals the actual URL where an ad appears by using ‘front sites’ that mask themselves as legitimate publishers, in order to monetize ad impressions that otherwise wouldn’t be bought by brand advertisers.
- Adware/Malware. The unseen killer. Adware/Malware is malicious code that runs in the background of user’s devices. This is not limited to any one particular device. It can happen to desktops, tablets, and mobile devices as well. The most common fraud perpetrated by Adware/Malware is ad injection. Have you ever visited a less-than-premium website only to be bombarded by 20 ads within the first minute of opening the page? The ads are so abundant that they clutter the screen, overlapping products, obscuring messages? These are ads that have been injected onto this page by the malicious software. Many advertisers do not even realize their ads are running in such undesirable locations.
- App Fraud. Pandora’s box has been opened. With more and more consumers turning to their mobile devices for a complete desktop experience, fraud has followed the money. Scammers are using methods like hidden ads and app spoofing to defraud advertisers.
Hidden ads run silently in the background of your app and are invisible to the user, therefore providing no benefit whatsoever to the advertiser. App spoofing is a little more nefarious and occurs at the exchange. Advertisers are duped into buying poor quality apps that are published on the exchange as premium. This bait and switch also occurs on desktops with domain spoofing.
Ad fraud is unlikely to go away entirely because like any crime there is too much incentive financially. However, the more you know the better you can recognize symptoms of ad fraud in your media investment and stop the theft from happening.