The Hidden Problem With Ad Fraud
I have spent much of my career catching individuals and companies who have reaped billions from advertisers (SynthNet, Weasel, etc..). Despite all the technologies out there, the money lost to fraud hasn’t decreased. There are many publishers, SSPs, DSPs, ad networks, and ad exchanges that have, at best, ignored fraud, and at worst, actively participated or orchestrated it. Many publishers are aware of the issues with fraud, but may not have the tools they need to effectively combat it. To understand why ad fraud can be so difficult to prevent, let’s look at some of the most common ad fraud schemes:
- Computer Generated Traffic
- Traffic Laundering
- Content Laundering
- Payment Theft
Computer Generated Traffic
This is often what people think of when they hear the term “ad fraud.” Essentially, traffic is generated via a computer script or program, instead of a human. These can be simple or complex depending on the scale and purpose. This area of ad fraud is what major ad fraud prevention companies like DoubleVerify, Human, and IAS mainly focus on.
One of the most pervasive practices in the space. It relies on the lack of attention on ads.txt and sellers.json to exploit the ad tech supply chain to take low quality content and present it as having high quality users. This is mostly accomplished through ad injection techniques, where attackers take brute force control of a publisher’s ad unit, run secondary auctions within it, and manipulate the auction to present the publisher’s users as coming from their own content.
Similar to traffic laundering, except the purpose is to mask the content, not the user. This is employed to avoid brand safety restrictions. Banned content with a high volume of users will often use a very sophisticated masking attack and funnel their users through another property, or more often, through an ad exchange that can alter data and pass it on to a reputable SSP. It succeeds only when the upstream accomplice has the necessary authorizations via ads.txt to sell the masked traffic as legitimate.
The oldest type of fraud in the space, it is conducted by middlemen who find a publisher to buy traffic from and then resell it upstream. To get publishers to buy in, they offer them higher rates for their inventory than competitors, and then they sell the traffic lower than market rate to entice buyers. They buy high, sell low and have no intention of paying most of the money they collect back to the publisher. As long as the scheme can keep onboarding new publishers and keeps getting paid, it can float for a few years before the amount of unhappy publishers becomes too large and the company has to fold and start over again. Typically conducted by entities outside of the U.S. and Major Markets. Doesn’t Ad Fraud Protection Software Prevent This? Ad fraud prevention software can catch some kinds of fraud (particularly computer-generated fraud) but is rarely able to catch all kinds, and it is often not accessible to many publishers. Ads.txt and Sellers.json were designed to create some transparency to improve this, but too often publishers lack the tools and know-how to implement them. With warnings like “your earnings are at risk” being sent to them regularly, they are under pressure to copy and paste whatever they are given, and by association may become unknowing participators in many of the types of fraud mentioned.
The Biggest Issue
Education. Publishers are the beginning of all ad auctions, and as such should be the first line of defense against fraud. Yet all the systems created are not designed to help publishers; they are designed to help advertisers. Most publishers only find out they have had fraud on their properties when they are notified by an upstream partner. Chargebacks, and sometimes delisting from an exchange, can be the consequence, even if the publisher wasn’t knowingly involved in the scheme. In essence, we often punish a victim instead of the perpetrator. One of the worse consequences is that publishers' inventory becomes devalued when they are associated with fraud. By providing tools to them to combat fraud on their end, we can eliminate many schemes before they get off the ground.
To address this issue, I have built a suite of tools that publishers can use to understand what fraud is being run on their site and untangle their ads.txt. The product is called Spartan (https://spartanad.com) and it can help publishers remove fraud before any ad auctions occur, thereby avoiding schemes designed to steal revenue from them and lower their inventory’s value. Because we believe every publisher should be able to understand their traffic, we’ve made our introductory service, Spartan Analyze, completely free for anyone to scan their inventory. Publishers can now get real time data on exactly how much of their traffic will be flagged as fraud by upstream partners and advertisers. For publishers who want to go further, we also have Spartan Shield, which gives publishers the tools to not only identify all kinds of fraud, but also block it before it can do any damage. Contact us today to learn more or visit http://spartanad.com.