As the ad tech business grows, so does the attack vector for ad fraud. While ad fraud has always existed for advertisers, its impact on publishers’ bottom lines is becoming increasingly substantial. Learn how to efficiently deal with ad fraud.
What Exactly Is Ad Fraud?
Ad fraud is unethical marketing. Every fraud is deliberate deceitful conduct carried out for ill-gotten advantages. Ad fraud is defined in the ad tech business as fraudsters tricking the system in order to drain ad money from the supply chain.
It is the process of falsifying traffic, clicks, impressions, conversions, or data events to generate revenue. Ad fraud is a complicated problem that impacts genuine publishers and advertisers across a wide range of channels and formats, including banner ads, video ads, in-app ads, search marketing, and affiliate marketing.
For example, displaying ads to bots while marketers believe the ads are being seen by actual individuals is a form of ad fraud. Ad fraud may take many forms, but as a publisher, you need to understand why it matters to you before diving into the forms of ad fraud.
Why Should You Care?
When we look at the situation, it appears that ad fraud has no effect on publishers. After all, it is the advertiser that is losing money. However, ad fraud is also a concern for publishers, and here is how.
- Revenue Theft: Some ad fraud tactics, such as ad injection and domain spoofing, can siphon revenue from visits that are actually flowing to your website.
- Deflation: Fraudsters increase the amount of available inventory in the market by manufacturing phony inventory. According to the demand and supply law, the bigger the supply, the lower the price. Furthermore, the money that the advertisers spend on the fraudster might have been spent on a genuine audience on the legitimate publishers’ site.
- Blacklisting: If ad networks and demand partners (SSPs/Ad exchanges) detect invalid behavior (false impressions or clicks) from your site, even if you are not participating in any fraudulent conduct, your site may be blacklisted. If it gets blacklisted, you will be unable to sell any of your remaining impressions.
Now that we’ve shown that ad fraud is bad for publishers as well, let’s look at the many forms of ad fraud for a better understanding.
Types Of Ad Fraud
Domain spoofing is the process of masking one website as another, more valuable domain in order to trick advertisers into paying premium fees for counterfeit ad inventory. The Financial Times, for example, revealed a few years ago that such counterfeit, or “spoofed,” FT.com inventory was being traded on various premium exchanges. The business calculated that $1.3 million worth of counterfeit FT ad space was sold monthly.
Impersonating publishers is not usually used in domain spoofing. It can also take the form of unscrupulous actors scraping content to create a false site that seems and feels “genuine,” and then attempting to make a profit by purchasing low-quality traffic and running adverts. As CNBC’s Meg Graham documented in her research, she was able to obtain permission to run ads from numerous networks after establishing a website and stocking it with copyrighted CNBC content.
Affiliate marketing is used by many e-commerce firms and platforms, like Amazon and eBay, to incentivize third-party content providers to promote their products and services. When a user makes a purchase, the affiliate who influenced that purchase receives a share of the transaction in compensation. This is managed by third-party tracking cookies.
Cookie stuffing is the practice of placing affiliate tracking cookies that are unrelated to the website the user is presently viewing without the user’s awareness. If the user later returns to the e-commerce site and makes a qualifying purchase, the cookie stuffer receives the commission from the transaction despite having played no genuine role in the purchase process. Cookie stuffing wastes advertiser dollars and harms legitimate affiliate publishers by taking credit for leads and purchases.
How To Prevent Cookie Stuffing?
Fake ad blockers and other browser add-ons can sometimes act as cookie stuffers. You must also educate the users about the issue. Request that they delete the extension that isn’t from a reliable source.
But how can you be sure that the users have unauthorized plugins installed? Obtain feedback from consumers on the ads and user experience at random — Inquire about how many adverts they [users] see on the page. How can we make the ad experience better? etc.
Pixel stuffing is a form of impression fraud used to exploit cost-per-mille (CPM) advertising campaigns. It works by producing small 1 X 1 pixel placements and putting one or more ads into them, all of which are undetectable to the naked eye.
Fraudsters can use pixel stuffing to show dozens or more adverts on a single webpage and receive credit for supplying those impressions. These campaigns produce no results for marketers since none of the ads are ever seen by actual consumers. Pixel stuffing is typically linked with low-quality sites and inventory; nevertheless, even high-quality publishers’ inventory can be compromised by third parties without their knowledge.
Ad injection is a type of malvertising in which fraudsters use hacked browser extensions, plugins, and other types of malware to either insert advertisements where they should not appear or replace the current ads set up by the publisher with a different set of ads. When the ads are monetized using CPC or CPM methods, the unscrupulous actors pocket the ad income earned, despite the fact that they do not own any valid inventory.
One major challenge here is that the targeted company remains unaware of this attack for long periods. Many frequently used security solutions concentrate on server-side monitoring, whereas ad injections operate on the client-side. By the time publishers discover they’re being targeted by looking at revenue figures, they’ve already lost some money.
How To Prevent Ad Injection?
Ad injection prevention measures are comparable to cookie stuffing prevention measures. Make the necessary preparations to cope with rogue ad blockers, and utilize plugins with caution. As previously said, you may also run short surveys among your users about their user experience and the adverts they see on the website to determine if they are seeing anything strange on the site.
What is Bot Traffic? Bot traffic, also known as invalid traffic, is defined by the Trustworthy Accountability Group (TAG) as any traffic that does not fulfill particular ad serving quality or completeness standards, or otherwise does not reflect legitimate ad traffic that should be included in the measurement. One of the reasons why ad traffic may be declared invalid is that it is the product of non-human traffic (spiders, bots, and so on) or behavior designed to generate fraudulent traffic.
Invalid traffic is divided into two categories: general invalid traffic (GIVT), which includes search crawlers, traffic from recognized data centers associated with invalid activity, and unusual patterns such as duplicate clicks. And sophisticated Invalid Traffic (SVIT), in which fraudsters go to great lengths to disguise their behavior as genuine; examples include incentive clicks, deceptive user interface, and fraudulent browser automation.
How To Prevent Bot Traffic?
If you see unusually high traffic on your website make an inconspicuous link from your homepage. Human users will not be able to view it, but bots will. You may also use robot.txt to block the link. Now, any bot that reaches the linked webpage despite the robot.txt file is unquestionably malicious. Begin gathering records of all visitors to the page and begin preventing bots.
To block all IP addresses, log in to your website’s cPanel and look for the IP blocking tools under the security-related menu.
What Else To Do To Prevent Ad Frauds?
There is no “one-size-fits-all” approach to ad fraud detection and prevention. Ad frauds employ a variety of approaches, requiring a variety of responses. The key to prevention is to ensure that you have safety measures in place to spot abnormal behavior as soon as possible. These include:
- Proactively hiring ad fraud detection firms that can assist publishers in combating the problem.
- Maintaining an ads.txt file.
- Hiring great copywriting services and keeping an eye out for copyright theft.
- Setting up custom alerts.
- Partnering with a trusted vendor.
- Inspecting third-party plugins and scripts, and
- Staying informed about ad fraud.
The issue of ad fraud is widespread. It is expected that ad fraud would cost advertisers and publishers approximately $100 billion by 2023. When it comes to ad fraud, whether you are an advertiser or a publisher, you should be proactive. You must remain conscious of the problem’s existence; else, its ignorance will cost you dearly.