White Ops

Good news: Online advertising “bot” fraud is down 10%. Bad news: It still amounts to $6.5 billion annually.

Phillip Nones Advertising, Business, Marketing Communications, Media, Publishing , , , , , , , , , , , ,

Ad spending continues with quite-healthy growth, being forecast to increase by about 10% in 2017 according to a studied released this month by the Association of National Advertisers.

At the same time, there’s similarly positive news from digital advertising security firm White Ops on the ad fraud front. Its Bot Baseline Report, which analyzes the digital advertising activities of ANA members, is forecasting that economic losses due to bot fraud will decline by approximately 10% this year.

And yet … even with the expected decline, bot fraud is still expected to amount to a whopping $6.5 billion in economic losses.

The White Ops report found that traffic sourcing — that is, purchasing traffic from inorganic sources — remains the single biggest risk factor for fraud.

On the other hand, mobile fraud was considerably lower than expected.  Moreover, fraud in programmatic media buys is no longer particularly riskier than general market buys, thanks to improved filtration controls and procedures at media agencies.

Meanwhile, a new study conducted by Fraudlogix, and fraud detection company which monitors ad traffic for sell-side companies, finds that the majority of ad fraud is concentrated within a very small percentage of sources within the real-time bidding programmatic market.

The Fraudlogix study analyzed ~1.3 billion impressions from nearly 60,000 sources over a month-long period earlier this year. Interestingly, sites with more than 90% fraudulent impressions represented only about 1% of publishers, even while they contributed ~11% of the market’s impressions.

While Fraudlogix found nearly 19% of all impressions overall to be “fake,” its fraudulent behavior does not represent the industry as a whole. According to its analysis, just 3% of sources are causing more than two-thirds of the ad fraud.  [Fraudlogix defines a fake impression as one which generates ad traffic through means such as bots, scripts, click-farms or hijacked devices.]

As Fraudlogix CEO Hagai Schechter has remarked, “Our industry has a 3% fraud problem, and if we can clamp down on that, everyone but the criminals will be much better for it.”

That’s probably easier said than done, however. Many of the culprits are “ghost” newsfeed sites.  These sites are often used for nefarious purposes because they’re programmed to update automatically, making the sites seem “content-fresh” without publishers having to maintain them via human labor.

Characteristics of these “ghost sites” include cookie-cutter design templates … private domain registrations … and Alexa rankings way down in the doldrums. And yet they generate millions of impressions each day.

The bottom line is that the fraud problem remains huge.  Three percent of sources might be a small percentage figure, but that still means thousands of sources causing a ton of ad fraud.

What would be interesting to consider is having traffic providers submit to periodic random tests to determine the authenticity of their traffic. Such testing could then establish ratings – some sort of real/faux ranking.

And just like in the old print publications world, traffic providers that won’t consent to be audited would immediately become suspect in the eyes of those paying for the advertising.  Wouldn’t that development be a nice one …

Ad fraud: It’s worse than you think.

Phillip Nones Advertising, Business, Content Creation and Content Management, Economics, Marketing, Marketing Communications, Media, Media Consumption, Publishing, Security , , , , , , ,

It isn’t so much the size of the problem, but rather its implications.

affaA recently published report by White Ops, a digital advertising security and fraud detection company, reveals that the source of most online ad fraud in the United States isn’t large data centers, but rather millions of infected browsers in devices owned by people like you and me.

This is an important finding, because when bots run in browsers, they appear as “real people” to most advertising analytics and many fraud detection systems.

As a result, they are more difficult to detect and much harder to stop.

These fraudulent bots that look like “people” visit publishers, which serve ads to them and collect revenues.

faaf

Of course, once detected, the value of these “bot-bound” ads plummets in the bidding markets.  But is it really a self-correcting problem?   Hardly.

The challenge is that even as those browsers are being detected and rejected as the source of fraudulent traffic, new browsers are being infected and attracting top-dollar ad revenue just as quickly.

It may be that only 3% of all browsers account for well over half of the entire fraud activity by dollar volume … but that 3% is changing all the time.

Even worse, White Ops reports that access to these infected browsers is happening on a “black market” of sorts, where one can buy the right to direct a browser-resident bot to visit a website and generate fraudulent revenues.

… to the tune of billions of dollars every year.  According to ad traffic platform developer eZanga, advertisers are wasting more than $6 billion every year in fraudulent advertising spending.  For some advertisers involved in programmatic buying, fake impressions and clicks represent a majority of their revenue outlay — even as much as 70%.

The solution to this mess in online advertising is hard to see. It isn’t something as “simple and elegant” as blacklisting fake sites, because the fraudsters are dynamically building websites from stolen content, creating (and deleting) hundreds of them every minute.

They’ve taken the very attributes of the worldwide web which make it so easy and useful … and have thrown them back in our faces.

Virus protection software? To these fraudsters, it’s a joke.  Most anti-virus resources cannot even hope to keep pace.  Indeed, some of them have been hacked themselves – their code stolen and made available on the so-called “deep web.”  Is it any wonder that so many Internet-connected devices – from smartphones to home automation systems – contain weaknesses that make them subject to attack?

The problems would go away almost overnight if all infected devices were cut off from the Internet. But we all know that this is an impossibility; no one is going to throw the baby out with the bathwater.

It might help if more people in the ad industry would be willing to admit that there is a big problem, as well as to be more amenable to involve federal law enforcement in attacking it.  But I’m not sure even that would make all that much difference.

There’s no doubt we’ve built a Frankenstein-like monster.  But it’s one we love as well as hate.  Good luck squaring that circle!