Skip to content
Ideas Ad Ops

Everything you know about ad fraud is wrong

Eric Kirtcheff

When you think of Ad Fraud, what typically comes to mind is bad actors using hacked machines to generate millions of fake impressions on ads every hour. To some extent this is what they do today but this world has only gotten more complicated and all categories are being exploited in different ways.

Each day, I read about a new way someone has found to attack infrastructure and then exploit the ad ecosystem to make money. While a lot of attention of this activity coming from Russia and China, not all of it is. Many are in the US but all are looking to make money off advertising with little effort.

The Exploitation of Content

As a provider of paid video content, that content is your product, money is made off of subscriptions to that content or running advertising against that content. But recently rogue OTT apps are stealing paid content. Let’s say a new movie is acquired in digital form and copied. The bad actors begin running it for free in an OTT app with ads against it that only they will get paid for. Impact is three-fold, first your content is being stolen and second someone else is monetizing it and third those advertisers are running on stolen content.

Impact: Lost revenue, Pirated Content & Potentially Ads Serving against it.

The Exploitation of Sim Cards and Social Handles

One of the newest mobile phone scams is related to sim card swapping. Criminals are targeting users with influential social handles by claiming they need a new sim card. They get the users phone number then they try to entice or trick an employee at a phone store to swap their sim card. Once swapped, the legit phone says Sim Missing and the cyber criminal’s phone now controls the target phone number. They can now easily defeat 2 factor authentication and change your password to login.Once they control the social handle they can influence millions of users by directing them to fake websites with ads, sites that deploy malware or propaganda.

Impact: Increase botnet control (Malware), generate more impressions, create disruption for brands/influencers.

The Exploitation on App Stores

Criminals can represent themselves as legitimate buyers or builders of real applications. Recently, we’ve seen CheetahMobile and Kootek apps who provide custom keyboards to Android phones get hit with this scheme. New updates to the applications are pushed through app store testing and pass as legitimate apps. Days or weeks later is when they flip a switch to turn the botnets on and start running fake traffic on these apps. It can be weeks or months before they are caught.

Impact: Increase botnet control(malware) on phones, fake inventory for fraud on mobile phones.

The exploitation of Walled Gardens

Advertisers may think of Walled Garden environments such as Facebook as being less susceptible to ad fraud. After all, the operators of walled gardens have little incentive to defraud advertisers and face huge repetitional damage for engaging in or facilitating such activity. However, walled gardens are often not as walled as advertisers think. Audience extension and revenue sharing schemes by the walled gardens create opportunities for fraudulent behaviour from unscrupulous third parties. Within the past few days, Facebook has filed a lawsuit against two Android app developers, LionMobi and JediMobi, for infecting their users with malware that faked clicks on ads within the Facebook Audience Network. The Facebook Audience Network lets Facebook's advertisers host their ads on participating mobile apps, whose developers receive a payout if a user clicks through. Not only is this notable as an admission that fraudulent activity exits within Facebook’s walled garden, it is also a rare case of a legal action being taken against the developer of allegedly fraudulent apps.

Ad Fraud Infrastructure is growing

We know Botnets have grown based on three data points. Those being the largest known and found ad fraud botnets over the past three years. Methbot(570K IP Addresses), HyphBot(600K IP addresses), 3ve(1 Million IP Addresses).

Impact: More money can be filtered to fraud at the touch of a button.

Fighting ad fraud can feel a bit like pushing up against the ocean. But all hope is not lost. We have seen the first real federal cases against digital ad fraud actors this year and many journalists continue to report on new discoveries what seems like weekly. The IAB is rolling out Ads.txt and Sellers.JSON which the Essence Fraud Squad believes is the first step to fighting ad fraud by cutting off the supply that they profit from.