The Truth About Online Ad Fraud

The FT published an article documenting the levels of online ad fraud present on a recent Mercedes-Benz campaign earlier this week bringing the debate to a more mainstream audience.

Jalal Nasir, Pixalate, co-founder, CEO, lifts the lid on some of the techniques used by the more nefarious aspects of the ad tech industry.   

Lately, I’ve seen a lot of news about the impact online ad fraud is having on the digital marketing ecosystem. Just this week, the Financial Times reported that Mercedes-Benz ran a campaign where bots viewed the majority of the impressions

Forecasts suggest ad fraud could cost marketers as much as $11bn in 2014, a 22% increase over 2013. Notwithstanding any unintentional inflation in these stats, it’s clear that ad fraud is running amok. At the same time, RTB display advertising continues to grow quickly.

According to eMarketer, RTB now accounts for 22% of all display ad spending. It grew 76.5% last year and by 2018, is expected to account for one third of all display ad spending, or $12bn. While the industry has responded to ad fraud, most detection technologies don’t account for malware that changes IP addresses, manipulates cookies and hijacks browser settings.

This leaves both marketers and end users at risk, because the fraudsters are able to stay one step ahead. In order to solve the ad fraud problem, we need to first understand its complexity, diversity and sophistication. Here’s a comprehensive look at ad fraud techniques that web security experts have discovered.

Crowdsourcing (Cyclops): Thousands of users are recruited and paid just to view an article, providing page views (and extra cash) to the hacker. In these cases, the users are unaware that they are performing fraudulent activities.

Incentivised Ad Networks (Voldemorts): Individuals are given incentives like reward points, gift cards or Bitcoins to read an article or to view/click on an ad. They may know they are doing something wrong but abide by a “don’t ask, don’t tell” policy.

Click Farms (Zergs): These are organised groups of individuals who are paid to click. They use a combination of mobile devices and SIM cards to perform fraud online and repeatedly change their devices and networks to evade detection. They are called Zergs (just like in StarCraft) and operate in big groups with a malicious intent.

Computer Malware (VaderBots): Highly sophisticated and difficult to catch, VaderBots are masters of disguise. Thousands of PCs infected with malware (also known as bot slaves) work in conjunction with a bot master to perform smart fraud online. The bot master decides which sites the slave accesses and which ads it views and clicks so its actions appear to be random and to come from the computer of a "real person."

Sophisticated Fraud (PhantomBots): This type of bot travels around the web to visit websites, view ads and click using a fairly sophisticated algorithm. Think of it as a digital ghost that is always boosting numbers.

Retargeting Fraud (DeceptiBots): This bot can mimic a human's intentions, such as an interest in a specific brand of car. Ads targeted to a particular niche result in a higher CPM than untargeted ads. DeceptiBots deceive advertisers into believing they are receiving valuable, targeted clicks.

Mobile Simulator (CryptoBots): A mobile simulator on a computer that mimics a smartphone running mobile apps, CryptoBots are used to perform fraud on in-app mobile ads while their real identities remain hidden.

Ad Stacking: This is the practice of placing multiple ads on top of each other in a single ad placement. Even though the “stacked” ads are invisible to the person visiting the page, they often reported as viewable to the advertiser, so the fraudster gets paid.

Toolbars: While browser toolbars have legitimate uses, they are sometimes exploited by fraudsters. Bad actors distribute branded toolbars as part of software bundles that are often times installed without the user’s knowledge. They hijack the user’s browser, reset the default search engine and enable a platform for serving ads. The new default search, will usually mimic a well known search engine and can be extremely difficult to uninstall.

Ad injection: Usually masked as “deal finders” for online shoppers, these programs will inject unauthorised ads on legitimate web pages. Like toolbars, this software is usually distributed in software bundles and will install without the user’s knowledge.

Domain Identity Theft: A fraudulent seller hard codes a publisher domain into an ad unit. The ad runs on different publisher that commands a lower price. The buyer thinks their ad ran on the intended domain and somehow they got a deal (i.e., got the ad below market value) Neither the publisher or advertiser know that they’ve been defrauded.

The size and magnitude of the ad fraud problem is immense and growing. The ad community is making some effort to deal with this problem. The IAB’s Traffic of Good Intent Task Force (TOGI), recently issued their Traffic Fraud: Best Practices of Reducing Risk to Exposure.

This is a good start; however, more needs to be done to remote out and eradicate fraud from the online ad ecosystem. Solving this problem will fall to the smart minds who are actively working on solutions to stay one step ahead of the bad guys.