It isn’t so much the size of the problem, but rather its implications.
A recently published report by White Ops, a digital advertising security and fraud detection company, reveals that the source of most online ad fraud in the United States isn’t large data centers, but rather millions of infected browsers in devices owned by people like you and me.
This is an important finding, because when bots run in browsers, they appear as “real people” to most advertising analytics and many fraud detection systems.
As a result, they are more difficult to detect and much harder to stop.
These fraudulent bots that look like “people” visit publishers, which serve ads to them and collect revenues.
Of course, once detected, the value of these “bot-bound” ads plummets in the bidding markets. But is it really a self-correcting problem? Hardly.
The challenge is that even as those browsers are being detected and rejected as the source of fraudulent traffic, new browsers are being infected and attracting top-dollar ad revenue just as quickly.
It may be that only 3% of all browsers account for well over half of the entire fraud activity by dollar volume … but that 3% is changing all the time.
Even worse, White Ops reports that access to these infected browsers is happening on a “black market” of sorts, where one can buy the right to direct a browser-resident bot to visit a website and generate fraudulent revenues.
… to the tune of billions of dollars every year. According to ad traffic platform developer eZanga, advertisers are wasting more than $6 billion every year in fraudulent advertising spending. For some advertisers involved in programmatic buying, fake impressions and clicks represent a majority of their revenue outlay — even as much as 70%.
The solution to this mess in online advertising is hard to see. It isn’t something as “simple and elegant” as blacklisting fake sites, because the fraudsters are dynamically building websites from stolen content, creating (and deleting) hundreds of them every minute.
They’ve taken the very attributes of the worldwide web which make it so easy and useful … and have thrown them back in our faces.
Virus protection software? To these fraudsters, it’s a joke. Most anti-virus resources cannot even hope to keep pace. Indeed, some of them have been hacked themselves – their code stolen and made available on the so-called “deep web.” Is it any wonder that so many Internet-connected devices – from smartphones to home automation systems – contain weaknesses that make them subject to attack?
The problems would go away almost overnight if all infected devices were cut off from the Internet. But we all know that this is an impossibility; no one is going to throw the baby out with the bathwater.
It might help if more people in the ad industry would be willing to admit that there is a big problem, as well as to be more amenable to involve federal law enforcement in attacking it. But I’m not sure even that would make all that much difference.
There’s no doubt we’ve built a Frankenstein-like monster. But it’s one we love as well as hate. Good luck squaring that circle!