Fraud is a big problem and the only way we’re going to solve it is by becoming realistic about marketers’ response to fraudsters, argues Richard Kahn. As long as fraudsters are at work, we have to work harder.
Ad fraud’s costly $6.5 billion proliferation is no secret. By 2025, ad fraud will reach an estimated $50 billion, according to the World Federation of Advertisers. In fact, a recent WhiteOps report warns that ad fraud will surge during this year’s holiday season. Why can’t we curtail its exponential growth? How come the bad guys keep on winning?
The answer is, in part, that executing ad fraud is relatively simple. If you have the right knowledge, it is a low-risk/high-reward endeavor. Writing some code and building a bot is easy.
During last year’s tumultuous election season, I noticed that many online polls didn’t use CAPTCHA forms, or other methods of protecting their surveys from fraud, to ensure they were collecting responses from actual people. I partnered with one of our team’s engineers to create a bot of our own in half an hour. The bot we created could cast votes in digital surveys and sway the results in one direction or another with a simple change in code.
The experiment raised questions about the accuracy of online polling. It also made me wonder why the publishers hosting the online polls weren’t taking precautions, particularly given what we know now about fake news and Russia’s election meddling. But the takeaways extend beyond the election.
Certainly, advertisers are aware of the prevalence of ad fraud, but many are not yet experts in identifying it. Sophisticated marketers excel at optimizing their campaigns to drive conversions, but some of the traffic they are working to convert is fraudulent. Advertisers need to learn to validate conversations so they can be sure their leads are real—not bot traffic or human fraud, and that they are optimizing toward true conversions and not fake ones.
Brands can’t sit around and wait for the industry to solve this problem for them. Yes, we are fighting the good fight. Organizations like TAG work to raise awareness, increase transparency and roll out solutions, but we are not going to eliminate fraud. Interpol, the International Police Organization, is doing its best, but it doesn’t have the time nor manpower to get involved with every single threat. For fraudsters, there is just too much money to be made, and the risk/reward ratio sure beats robbing a bank. Advertisers have to take matters into their own hands.
Fight fraud by being realistic
If I can create a bot during my lunch hour, imagine what a full-time criminal with a team of like-minded hackers can do. Ad fraud is a cat-and-mouse game: Just when the good guys think they’ve rolled out a solution that can’t be beat, the fraudsters develop a workaround. This isn’t going to stop. Earlier this year at INTERPOL World, law enforcement, security professionals and technology companies came together to discuss solutions for creating a safer world. They discussed global ransomware outbreaks and the changing security landscape, in which criminals use technology to wage unprecedented cyber-attacks on individuals, businesses and governments.
Part of the challenge when it comes to fighting ad fraud is that Interpol doesn’t get involved unless a crime involves a certain monetary amount. I learned this first-hand when my business fell victim to a cyber-crime back in 2006. This policy makes sense --Interpol has to prioritize its resources -- but criminals are aware of this benchmark. They know how to fly under the radar. They will set up hundreds of accounts, and as long as the “good guys” can’t link them, they will avoid going over that threshold.
Even the Googles of the world still have problems with fraudsters. Advertisers need to focus on detecting fraud as well as preventing it. Working to spot suspicious patterns, such as clicks that occur at the same interval or conversions that happen too quickly, can pinpoint obvious red flags, but not everything. The bad guys behind the bots have gotten more advanced and are adept at programming bots that beat systems.
To make the most informed decisions about their advertising, brands need access to as much data as possible, along with a system for analyzing that data to make conclusions about traffic sources. That requires a combination of technology and skill: a human touch.
Brands should focus on validated lead conversions—arguably the only metric that fraudsters cannot beat. It is not enough to optimize by leads, calls or sales. Advertisers have to validate each lead first, then optimize their campaigns based on that validated data. It is not a simple process, but by tying these validated conversations back to traffic sources, marketers can then determine what’s working, and what is not.
If they want to have a fighting chance to protect their ad dollars, advertisers need to “get real” about ad fraud and the strengths and limitations of existing ad fraud protection and prevention tools. As hard as fraudsters are working, marketers have got to work harder.