There is always someone who thinks he is smarter than the others who want to extract an extra buck or two without breaking a sweat due to some elaborate sleight of hand shenanigans. Ad Fraud is probably one of the most poignant examples of fraud in any industry.
As such, programmatic advertising scams are one of the most significant problems in an adtech industry, the one that gives it a bad rap. You know how it goes: if there is any form of money and multiple middlemen involved — expect something fishy to turn up. According to Ad Age, every $1 out $3 spent on online advertising is snatched by the fraudsters.
Every year ad fraud causes damages amassing up to $16,4 billion in 2017 with expectations to rise towards $20 billion in 2018. These are some crazy figures. But why those numbers are growing? Despite all efforts, every time there is a new technological solution to detect it — ad fraud evolves and starts all over again.
But first, let’s sort a few things out.
Programmatic digital advertising fraud is a deliberate, malicious activity that manipulates with the delivery of ad content and prevents its serving to the targeted audience. One of its primary weapons is bots. These software programs that carry out the dirty work.
AdTech attracts fraudsters with its money figures. Just think about it — the payouts are enormous and risks of penalty are limited. It is not card fraud where you can get a big time if busted. It is not much you can do with it after you’ve been cheated. It is not like someone stole your money; it was you who spent it the wrong way. Sure, you’ve manipulated into doing so — but the fact remains.
Digital advertising scams operate on multiple levels. It can manipulate with traffic, and it can work with more sophisticated things, such as impressions, conversions and full-on imitation of user activity. For these kind scams, stats are the primary field of tricks. The distortions and obfuscations of a real state of things cause the challenges with Ad Fraud. Ad Tech is a performance-oriented thing. Numbers and results are everything. The effectiveness of the campaign is based on what the metrics show — in terms of traffic, bounce rates, impressions, conversions, etc.
However, metrics are fallible; certain manipulations with the information can rig them and this is the flaw exploited by the fraudsters. Sure, there are fail-safe mechanisms that prevent more blatant attempts, but there is always a way to “get on through” and “rig the game.”
To understand how to counter programmatic advertising scam, one needs to understand what drives the fraudsters with their malicious intentions to Ad Tech industry. And the reason is in its very nature.
There are two major types of a programmatic advertising scam operation. In terms of technical solutions — there is not much difference. The difference is in the scope and intentions of operation.
The first type is when a criminal intends to feed off your operation. It's like a parasite that sucks resources (i.e., money) and is interested in a long-term relationship without making much of a fuss in the process. It is a form of pickpocketing in the realm of ones and zeroes.
Competitors can be the ones who perform the second type of ad fraud, as a means of disrupting the marketing operation and damage overall business proceedings. In this case, it can be very damaging and potentially destructive to the company.
How exactly Scams affect Digital Advertising?
While financial gain is the main reason for scams, the direct result in Ad Tech is not exactly that. It is insufficient information that affects critical decisions regarding the proceedings of the campaign.
In addition to wasting money, distorted stats and warped campaign results take the ground off the marketer's feet and leave them bumfuzzled.
Even though the chosen strategy might be useful in a normal situation, the presence of malicious sources dilutes its effect.
Cookie stuffing is one of the most common types of Ad Fraud. It is primarily used in affiliate marketing schemes. Cookie stuffing misleads and dilutes audience information and subsequently messes up the results of an entire campaign.
Cookie stuffing done right sucks the campaign into a warped wormhole. You get the results, and they often look outstanding. Judging from the performance stats your advertising is working, so you keep doing what you've been doing (while you actually lose money in reality.)
How does it work? Cookies are vital elements in tracking the user’s journey from affiliate to the central sites. When a user comes and clicks on an affiliate link — there is a cookie exchange. When a user comes to the source site — source site pays for it to an affiliate. Cookie stuffing pads out the stats and makes the source site to pay more while gaining less.
Traffic generates revenue. However, traffic is a thing that can be easily imitated, and that imitation can trick the analytics into thinking that everything is going better than ever thus increasing spending for theoretical results. It is the easiest to implement as well as detect.
Impressions are in the center of CPM-based operation. The goal of impression fraud is to generate hollow fake impressions that will be subsequently traded as real albeit delivering zero benefits. Since these impressions are essentially useless, their uselessness affects overall CTR and thus it damages the position of the website.
Here’s how it works — advertisers buy ads from the publisher, but some part of ads is served to intentionally irrelevant low-profile websites which do not generate anything. However, advertisers do not see that immediately.
According to reports, their ads are served to legit websites relevant to the target audience. This trick is achieved by an elaborate redirect planted into ad calls.
Cost-per-click is one of the standard models for digital advertising. Clicks are also one of the easiest things to rig.
According to Pixalate, in 2017 one click out of five was fraudulent. And there is a tendency towards two out of five. Why is it so? Click fraud is simple to pull off.
Ad Click fraud inflates the numbers of a click of CPC ad and presents distorted picture on the ad activity. While the number of the clicks is there — results of the clicks are not. This racks up fraudulent charges and so on. A perfect bleeding scheme for the fast times.
Curiously, it is more often used by the competitors than criminals.
However, ad click fraud is the easiest to spot of all types of Ad Fraud. You can do it just by checking the reports on the following subjects:
- IP address
- click timestamp
- action timestamp
- user agent
Action Fraud is a more sophisticated type of Ad Fraud. While Traffic fraud rigs the numbers and distorts the stats — action rigs the stuff that makes money moving. Action Fraud is designed to imitate meaningful user activity.
As such, Action Fraud is much more dangerous and can potentially completely derail the campaign and affect the position of the website.
Conversions are the spice of Ad Tech. It is the most important thing in the business. While merely an action taken by the user — it denotes an intent and this thing costs a lot.
How does it work? There are ad fraud bots involved. With a little help from a couple of scripts, you can train bot to perform simple actions.
The simplest manipulation includes filling forms with some sort of information. More elaborate bots can also click on the links, imitate user journey and even download files. Such things can seriously mess with CRM.
While considered to be more precise and thus a more effective form of digital advertising, retargeting can be easily muddled by misleading information.
How does Retargeting Fraud work? With a little help of ad fraud bots, fraudsters try to realistically imitate user behavior in a couple of specific scenarios. Because of its behavior, bots usually fly below the radar and are not spotted as bots. In result, bots perform actions that qualify them as leads.
This trick boosts the prices for their impressions and since there is nothing you can do with them business-wise — it turns into a waste of money and effort.
Affiliate model is one of the most common in digital marketing. It is a surefire deal. You get a conversion — you get paid. However, it can also be exploited for malice.
Here’s how affiliate fraud works — just like in a regular operation affiliate attract users but worked over in order to rig the stats and bloat the charge.
One of the most effective approaches involves Cookie Stuffing. Instead of a usual cookie exchange, affiliate sites spurts loads of cookies onto user computers that provides false flag signals. After that affiliate claims his cut.
However, this fraud can be disrupted by anomaly-based and credential detection and neutered before wrecking havoc.
Ad Fraud Detection & Prevention Methods
The problem with Ad Fraud, in general, is that you can’t reverse its effects. If the damage is done — you have to admit the failure and move around it. The only effective way of fighting with Ad Fraud is by preventing even the slightest possibilities for it to happen.
You can also read our case study for Custom Ad Fraud Detection System that shows the following methods on practice.
There are four major types of Ad Fraud Prevention:
You know the saying — actions speak volume. And ad fraud bots tend to act unnaturally overzealous regarding ad content.
The signature-based method uses a set of patterns to detect suspicious actions, impressions, click or traffic. It compares patterns with the monitored activity and determines whether it is suspicious and worthy of further investigation.
In result, fraudulent activity can be shut off before it settles in and brings some action.
If there's something strange in your neighborhood — that’s anomaly and that is telling. The anomaly-based method uses statistical analysis and historical data to check ad spaces, websites or publishers and detect questionable happenings, such as suspiciously spiking traffic, odd ad space placements and other things of interest.
It is very useful for neutering bot and click-farming facilities.
This method is used to determine possibilities of fraud activities. In order to do that, it uses reverse crawling and checks the content and its tagging. Then it performs a comparison with requirements for impressions. Also, it compares the value with the trustworthy rankings like Alexa.
If things don’t click — it is implied to be a possible leeway for fraudulent activities.
Bluff is the best way of exposing the fraudster. In the realm of ones and zeroes that is even easier than in the real world as bots are script-driven and don’t have second thought regarding the heat around the corner.
How does it work? A honeypot is an additional field in the form that is not seen by the users due to a special script. However, bots don’t know that, and they fill that field and bust themselves. This triggers the rejection mechanism that prevents further fraud bot activity.
After fraudulent activity was exposed — the next step is to block the source. One of the more effective methods is to block its IP. That will surely limit the fraudster reach.
Basically, it is a good idea to maintain a wholesome blacklist and constantly compare it with widely available blacklists. Aside from proven fraud-likely IP’s, there also must be an additional list regarding suspicious IP’s.
However, it should be noted that IP Blocking is not a firewall that will prevent all instances of fraudulent traffic - it can limit and neuter the exposed IP's but it can't predict possible fraudulent IP's.
We have an entire article dedicated to how ads.txt helps to fight Ad Fraud.
|Spambots inflating impressions, clicks, views, etc., driving down ROI||Advertizers||Anomaly-based / Signature-based / Honeypot / IP Blocking|
|Adverts posted on dead space low-traffic sites||Advertizers||Signature-based|
|Cookie Stuffing distorts campaign performance results and inflates affiliate conversion charges||Advertizers||Anomaly-based / Credential-based|
|Conversions forgery messes with CRM and causes massive time/money waste||Advertizers||Anomaly-based / Credential-based|
|Retargeting manipulations cause monetary losses on charges for the hollow actions||Advertizers||Anomaly-based / Signature-based / Honeypot / IP Blocking|
Ad Fraud is one of the biggest banes of an advertising industry that runs over the thousands of advertising ecosystems. Hopefully, this problem is actively tackled and there are numerous solutions that limit the influence of the fraudsters and prevents them from damaging the publishers and advertisers.