What You Need to Know About Ad Fraud

Anew study from Juniper Research, an independent UK based researcher, forecasts that advertisers will lose $42 billion of ad spend globally this year to fraudulent activities committed via online, mobile and in-app advertising. To be more specific, for every $3 spent on digital ads, $1 is lost to fraud.This is a 21 percent increase from the $35 billion lost to ad fraud in 2018. According to the World Federation of Advertisers (WEF), such numbers mean that up to 30 percent of advertising is unseen by consumers, affecting about 21 trillion online ads annually. The WEF predicts that ad fraud will become the biggest market for organized crime by 2025, worth $50 billion. Such an increase will be influenced by differing factors but the main one will be the fact that fraudsters will start to rely on more advanced techniques such as spoofing ad networks to falsify clicks, or exploiting the programmatic ad buying

algorithms that online advertising relies so heavily on. Fraud is obviously a global problem but Juniper Research predicts that the cost of online ad fraud in China alone will amount to $19 billion in 2022. More worryingly over 80 percent of the world’s advertising fraud originates in China, according to Group M. Ronen Mense, the president and managing director for APAC at AppsFlyer, commented on the numbers, saying that “Marketers are not paying enough attention to new anti-fraud technology and neglect the threat of fraud overall because the number of app installs remains high. Countries like India and Indonesia are experiencing massive growth in their digital economies, but this results in marketers being distracted with scaling quickly because it presents tempting business possibilities.“ In general, ad fraud is defined as “a type of online fraud where fraudster deceptively makes an advertiser pay for low quality and fake traffic.“There are many ways to commit ad fraud. The most common are cookie stuffing, ghost sites, ad stacking, domain spoofing, app spoofing, bots.Ad fraud tactics evolve and grow more innovative every year, spreading to emerging channels. A few years ago, the Department of Justice unsealed indictments against eight people, who ran the infamous online advertising scams, dubbed 3ve and Methbot. The defendants were accused of collecting more than $36 million from companies. They managed to infect 1,7 million computers with malware that remotely directed traffic to empty websites designed for bot traffic. To be more specific, websites were designed to fool advertisers into thinking that an impression of their ad was served on a premium publisher site, like Vogue or the Economist. Meanwhile, views were faked by malware-infected computers with marvelously sophisticated techniques to imitate humans: bots faked clicks, mouse movements and even social network login information to imitate engaged human consumers. Computer security company White Ops, which was the first to first reveal Methobot’s existence back in 2016, commented on the scheme, saying that “It was bringing whole new levels of innovation to ad fraud, operating at an unprecedentedly large scale that spooked advertisers.“ But let’s take a closer look at the most popular ad fraud tactics. Today, as much as 40 percent of internet traffic comes from botts, making it the number one source of ad fraud.The Times recently reported that for a certain period in 2013, a full half of YouTube traffic was “bots masquerading as people“.And there’s more, The Times also found out that you can buy five thousand YouTube views — thirty seconds of a video counts as a view — for as low as $15. Most of the time, customers are led to believe that the views they purchase come from real people. However, more likely, they come from bots. As you’ve already understood from the example above, bot traffic refers to automated systems, designed to mimic human activities often at the center of an ad fraud scheme. Malicious bots are programs that infect devices and perform tasks in the background, sapping computing power from legitimate tasks. Each bot instance can be controlled by one controller, creating a botnet on individual programs that can be used to create fake traffic to scam advertisers. Unsophisticated bot traffic can be spotted easily: if there’s a high number of visitors simply opening and closing a webpage, you can be sure that behind this scheme is a hacker. However, as hackers understand what triggers suspicion, today they manage to adapt algorithms to mimic mouse movements, browsing behaviors, and any other interaction, making it look more believable. Then there’s also domain spoofing: any scheme that reroutes ads to a different website than expected, usually to maximize traffic, qualifies for the term. Consequences of domain spoofing can range from a waste of money to a brand safety disaster. A new type of ad fraud that has been increasing in recent years are websites, known as “ghost sites“. At first sight, these websites might look like real sites with real content, but when you take a closer look, most of the content is actually stolen from other sites. The entire purpose of a ghost site is to look as real as possible, so it can get approved on ad networks and display ads. Then, once it has the ads up and running, it buys fake traffic to generate impressions on the website. In the end, generated impressions get turned into advertising commissions from the oblivious networks, which usually pay on a per-impression basis.

Guy Tytunovich, founder and CEO of Cheq, a cybersecurity company, noted that “Hackers look for loopholes. The more convoluted an environment is, the easier it is for fraud to occur.“ Today, fraudsters show a special interest in mobile apps: industry reports revealed that fraudulent transactions from mobile apps have increased by 300 percent since 2015. Mobile advertising fraud, which has been a concern since 2010, continues to be one of the most serious challenges for businesses: according to AppsFlyer, it is costing brands between $700 and $800 million globally quarterly. However, the Asia Pacific region is suffering the most: from November 2018 to April 2019, the region experienced an average fraud rate that was 60 percent higher than the average worldwide. What is more, the 2018 Mobile Ad Fraud Report by Interceptd revealed that Android suffers from a slightly higher level of digital ad fraud than iOS, with 26,9 percent of app traffic fraudulent, compared to 21,3 percent. The report also found out that some app categories are more vulnerable to fraud than others: on Android, finance tops the list, followed by shopping, gaming, and social media. On iOS, the most vulnerable category is shopping, followed by gaming, finance, and travel. The question is, how to combat the ad fraud, especially when it comes in so many different forms that aren’t always obvious. Well, there’s no catch-all ad fraud solution, especially keeping in mind that web fraud and mobile fraud behave differently. However, there are some beneficial tactics for combating ad fraud. John Malatesta, CEO, and President of the ad tech company Codewise, noted that today the ad ecosystem is fully globalized in nature, so the challenge of regulating against ad fraud requires a truly global approach. According to him, an ultimate solution to ad fraud could be “the creation of a global ad blockchain, a distributed ledger of online interactions that unites all actors in the ad ecosystem under a single and open platform. This could drive transparency and detect and eliminate fraud nearly instantly.“However, this solution , although an effective one, might still take some time to implement. For one thing, in order to use blockchain to effectively combat ad fraud, all parties to a programmatic transaction must agree to use it — and use the same system.Another important factor is speed: Dan Slivjanovski, CMO at the DoubleVerify, says that “To prevent ad fraud, it’s necessary to operate in virtually real-time. Digital advertising transactions require a 10-millisecond response interval. The fastest blockchain transaction takes 1,5 seconds. If latency issues could be overcome, the technology might have a more material role in combating fraud.“ But there are also other ways to combat ad fraud. Most advertisers work with a certain partner to place their digital ads. And that’s the first step right there: to start a conversation with the digital partner, making sure they have all the necessary steps in place to combat ad fraud. The recent TAG report carried out by the 614 Group showed that working with certified partners, channels, and vendors reduced fraud rates across the European markets from an industry average of 8,99 percent to 0,53 percent. The situation is improving, and collaboration within the industry has proven to be a crucial tool for combating ad fraud on a global scale. It’s also important to look at the metrics, which show real engagement and conversions and to focus on organic traffic, not just exclusively on ads. The problem of ad fraud is a complex one, and it will not entirely go away anytime soon, if ever. But to maintain reputations in the digital advertising space and to protect their budgets, brands and businesses should concentrate on making reasonable and proactive efforts to avoid ad fraud. There is some good news, too: according to the fourth Bot Baseline report from White Ops and the Association of National Advertisers (ANA), for the first time ever more ad fraud will be stopped in 2019 than will succeed. Bob Liodice, the ANA CEO, commented on the news, saying that “The decrease in ad fraud suggests that the war on fraud is winnable. Less fraud means more resources can be devoted to brand and business building.”