This post is by Ari Levenfeld, Senior Director of Privacy and Inventory Quality at Rocket Fuel.
It has been forecasted that ad fraud in 2014 will cost brands £6.5 billion ($11 billion), according to the Internet Advertising Bureau (IAB). This represents a 22 percent increase in the level of fraud seen in 2013 and means that between 25-50% of digital ad spend could be wasted on ads that are never viewed by humans (Association of National Advertisers).
With the global digital ad spend expected to be worth $121 billion in 2014, it is little wonder that more and more criminals are realising the money-making potential the online advertising world has to offer.
In a typical online advertising campaign, an ad is placed on a website which is being looked at by a person. The value or price of placing that ad is decided by a number of factors including which people interact with the site and how relevant they are for the advertiser. The way that ad fraud comes into the equation is when a skilled individual, or group of criminals, creates a fake website and fools an advertiser into placing ads on this site. In order to make the website an attractive location for placing the ad, the fraudster uses a 'botnet' (large group of infected computers) to direct traffic to the website and increase visitor numbers. Finally, once the advertiser has placed an ad on their fake site the fraudsters then direct the bots to click on the ad. For each click, the hackers make a small amount of money from the advertiser, but when the fake clicks number in the millions, pretty soon you're talking real money.
According to a recent study by Microsoft, seventy percent of malware is used for 'click fraud'. This means that rather than using this malicious software to steal your passwords or credit card details, mostly it is used to hijack your computer to create fake pageviews and clicks. It's a bit strange to think that while you're sleeping your computer is cruising hundreds of sites and registering fake clicks on advertisements.
Setting up fakes sites and creating a botnet is all too easy. Shockingly, it is estimated that it costs as little as £370 for criminals to create a botnet without having the first clue about coding. However, these fraudsters are not just geeks sitting in their parents' basements, it is thought these people are usually involved in some form of organised crime.
Fraudsters are clever, they know that no one would be interested in serving an ad to a 'person' who only visits one site, so the bots visit other sites and click on ads in order to appear 'human-like'. Even if the ad network or ad exchange detects the fraud, and they remove all ad impressions, the fraudster can pop up again within hours with another fake website, even selling on the same ad exchange.
As companies like Rocket Fuel become better at figuring out who these fraudsters are, they also increase their efforts and use more sophisticated ways to fool the system, so we need to make sure we're always adapting and keeping up with these 'bad actors'.
Ad fraud is a topic being widely discussed by pretty much everyone in the media industry at present – more and more articles, blogs and event presentations have all been focussed on the subject. Some claiming to have answers, but most pointing the finger.
Some companies are doing more to combat ad fraud than others. Earlier this year, Google acquired spider.io, a UK company that identified a botnet which was costing advertisers $6 million a month, and Facebook recently sued 22 year-old, Martin Grunin for $360,000 and accused him of running a sophisticated ad fraud scheme.
Mike Zaneis, the Executive Vice President and General Council at the IAB recently said, "Over the years, it has become clear that no company can fight ad fraud alone. We must come together as an industry to create an environment where illegitimate traffic is not tolerated." The IAB recently released a set of "Anti-Fraud Principles" which it said would form the backbone of an industry accountability initiative.
The three actions outlined in the principles include:
In order to combat ad fraud you need to be able to understand and detect what separates human behaviour from non-human behaviour. For example, real people don't visit tens of thousands of websites every single day in a short period but they do buy things on websites using a credit card – two behaviours which separate them from bots.
At Rocket Fuel we use software powered by artificial intelligence to detect these patterns of non-human behaviour. The machine-learning algorithms used to drive real results for our customers are optimised so that when the software notices this strange behaviour, we block the site in order to prevent an ad being served and money being made by a fraudster. We also work closely with partners like Forensiq, DoubleVerify, comScore and Integral Ad Science, to augment our own technology. In fact, Rocket Fuel rejects up to 40% of all online inventory it sees every month (up to 500 billion blocked impressions each month) because it does not pass our rigorous, multi-layered screening process. We then work with the ad exchange to help them get rid of that site (or series of sites) from their inventory supply pool which benefits the entire industry.
Ad fraud is something that can be addressed and contained if you pay attention. Fighting fraud is something Rocket Fuel has been dedicated to doing for years and will continue to concentrate on getting ahead of the fraudsters. It's good to see that the issue of ad fraud is starting to get the attention it deserves and hopefully this will lead to the industry making a concerted effort to stop advertising dollars going to waste.