Digital Ad Fraud
December 22, 2014
You can’t monetize what you can’t measure. Everybody knows that. It’s why publishers and advertisers strive to get meaningful metrics that gauge audience engagement and accurately measure the success of online ad campaigns.
But, did you know that over a third of all traffic to media company websites is fake? The Interactive Advertising Bureau (IAB) recently found that 36 percent of people clicking on digital ads are not human at all. The visitors are “bots”, the product of computers hijacked by fraudsters and programmed to visit sites.
Bot fraud is rampant in all forms of online advertising – web, mobile, social, video – but the problem is especially troubling for news media publishers, where trust and credibility are key to the longstanding relationships between advertisers, audiences and media company brands.
Simply put, digital ad fraud means that advertisers are paying for impressions that appear to be served to real audiences, but are actually “seen” only by computers. Millions of ad impressions are generated every day that are never seen by a human. In one recent case reported by the Financial Times, Mercedes Benz ran an online ad campaign where 57 percent of the impressions were viewed by automated computer programs rather than real people.
Fraudsters use lots of tricks to deceive advertisers and unsuspecting computer users alike, with the goal of illegitimately making money from online ad campaigns. Here’s how it might happen:
1. An innocent computer user, let’s call him Dave, turned on his computer one day and perhaps visited a random site and clicked on a compromised link, or maybe he ran a “certified and safe” cleanup program.
2. At that moment, a fraudulent bot engine was quietly installed on Dave’s computer. (This same thing happened to thousands of innocent Daves on computers, tablets and even mobile devices all over the world.)
3. Later that day, without Dave’s knowledge, the bot engine began communicating with a botnet center located anywhere from Altadena to Zagreb. Dave’s computer was turned into a zombie, and his bot was instructed to visit certain sites in a certain sequence and at a certain frequency.
4. This is the really scary part. The botnet center was so sophisticated that it instructed Dave’s bot to visit high-value audience sites, including news media websites, in order to profile Dave as an ideal candidate for advertisers.
5. Dave’s bot was also programmed to go to sites that promote themselves as “advertising impression storefronts” that drive “real unique visitors.”
6. Website owners and ad networks need to drive traffic, so they purchase impressions from these storefront sites. In reality, these sites are owned by the botnet fraudsters, who collect the money, then send traffic through the nodes in the bot network (like Dave’s computer) and serve ads on pages that are never seen by human beings.
A scary scenario indeed. What’s even scarier is that the digital ad fraud problem is bound to grow as the trend toward greater programmatic buying and selling increases. By removing the human element from direct ad sales, the fraudsters will inevitably find more opportunities to deceive.
So, what’s a publisher to do in order to combat bot fraud? The very good news here is that organizations like the IAB and the Alliance for Audited Media (AAM) are taking proactive steps to help publishers, advertisers and technology companies in their quest to eliminate digital ad fraud. Admittedly, both organizations liken these efforts to playing whack-a-mole – eliminate ad fraud in one area and it quickly pops up in another. Still, the following guidelines for media publishers provide some useful and immediate action items to defeat the fraudsters.
These efforts will help publishers preserve the trust and integrity of their valuable ad inventories:
• As a publisher, you must educate yourself about ad traffic fraud.
• Monitor and vet all traffic sources to ensure the highest quality traffic to your sites. Pay close attention to those sources that are compensated for bringing traffic to websites.
• Only trust business partners that have earned trust. The IAB calls this “practicing safe sourcing.” Technology can be implemented to help detect and prevent fraud. In addition, traffic to media sites can be filtered through third-party vendors who specialize in fraud detection.
• Policies and procedures should be adopted to help eliminate low-level ad fraud. One example of this, according to the IAB, is “comparing impression volumes to audience sizes reported by third-party measurement services.”
• Include the right to audit in all agreements with traffic providers.
• Get involved with – and become certified with – the IAB’s Quality Assurance Guidelines and other fraud initiatives, including the Traffic of Good Intent Task Force, which offers a framework for best practices that promote brand safety and trust.
Finally, publishers and advertisers alike dearly want to measure the actual impact of ad campaigns. No one wants results that are diluted by ads that never have a chance of being viewed by human eyeballs. Better measurement provides greater justification for advertisers to shift budgets to the quality digital inventory that media companies can offer.
Therefore, publishers need to set clear objectives that focus on measurements of true ROI, which is difficult for botnet fraudsters to falsify. Metrics based on click-through rates, completion rates, and last-touch attribution alone are weak because these can be easily faked by fraudulent bot agents. On the other hand, impressions that are fully validated will better align the goals of advertisers and publishers with those of consumers. This, in turn, will lead to a better digital experience that respects all audience members and delivers higher quality rather than higher quantity.
To learn more about Newscycle’s premium workflow solutions for securely managing all print and online advertising, please visit http://www.newscyclesolutions.com/multi-media-advertising-software/
At first glance, it all sounds so simple and straightforward. Back in 2006, the Payment Card Industry (PCI) – the good folks from Visa, MasterCard, American Express and others – came up with a set of rules to ensure that all merchants maintain a secure environment for processing, storing or transmitting credit card information. A merchant is any company that allows customers to pay for products and services via credit card. Just about every news media company is a merchant. read more
Three Things Every News Media Executive Needs to Know. News media websites continue to be prime targets for cyber-attacks. Earlier this month, The Washington Post’s mobile site was hacked by a group claiming to be part of the Syrian Electronic Army. The attack lasted about 30 minutes, and visitors to some section fronts saw messages that said “The media is always lying” before being redirected to a Syrian Electronic Army website. read more
When shopping for point applications or enterprise software systems, buyers face a familiar dilemma. Best-of-breed or single-source? Is it better to purchase the best components possible and make sure they all work together? Or, is it preferable to work with one supplier who will take responsibility for installing and supporting the entire package? read more