Advertising fraud is expected to cost marketers $6.5 billion in 2017. High-profile schemes frequently make headlines, including Methbot, a massive fraud effort that reportedly earned its criminal perpetrators $3-$5 million a day. Although there are numerous fraud detection solutions available, such as those from White Ops, Integral Ad Science, Moat and others, only 39% of marketers deploy an ad verification service, according to the 2016 Gartner Marketing Technology Survey.
Basics of ad fraud
At its core, advertising fraud pertains to malicious activities performed to reroute revenue to a fraudulent actor. It occurs when bad actors use duplicitous methods to redirect portions of the advertising ecosystem, typically by generating bot traffic. From there, criminals obtain compensation for simulating impression, click or conversion activity.
Why ad fraud matters
Fraud in the advertising ecosystem exposes programs to inaccurate measurement and increased costs. Bad actors will continue to take advantage of vulnerabilities in the advertising ecosystem. Ad fraud is unlikely to go away anytime soon and all digital advertisers are susceptible.
How to address ad fraud
Identify ad fraud
What’s the real definition of an ad impression? Most marketers would start by saying that an impression is when a user views their ad. This is inaccurate. An impression is when a web browser makes a request to serve an ad from an ad network. That’s it. There’s no person required — and that makes it appealing to criminal actors. They seek to exploit vulnerabilities in the advertising ecosystem for their own monetary benefit by generating invalid bot traffic.
The two types of invalid traffic
Invalid traffic is split into two groups: General invalid traffic and sophisticated invalid traffic. General invalid traffic, such as automated “spiders” that scrape websites for information, is relatively straightforward to detect because it is routine in its behavior and easily mitigated through white and blacklists. The second type of fake traffic, sophisticated invalid traffic, is much harder to detect. Ad stacking is an example of sophisticated invalid traffic, where instead of having just one ad display and thus one impression, multiple ads are fraudulently placed on top of each other to register multiple impressions. Malware, domain spoofing and cookie stuffing are all examples of hard-to-detect sophisticated invalid traffic.
Learn to identify ad fraud as the first step toward preventing it. With this knowledge you can understand the extent to which invalid traffic affects your programs. Establish a baseline level of fraud when you start any advertising campaign, and perform ongoing monitoring to measure the effectiveness of fraud mitigation efforts.
Mitigate ad fraud
Even if you haven’t detected fraud, you should still use an ad verification provider to be proactive. The technology that vendors provide will help automate the otherwise resource-intensive task of looking for fraud. Pay attention to whether providers are accredited by the MRC or other trade groups to detect general invalid traffic, sophisticated invalid traffic or both. Embrace transparency and open communication to realize the benefit from your ad verification technology.
“Don’t assume these measures make you immune to fraud,” says Foo Kune. “Ensure you’ve got an escalation process to understand the scope of the issue within your marketing program.”