How ad fraud threatens the whole programmatic industry

Media Consulting 23 March 2017

Ad fraud has been around for years, but the rise of programmatic and audience targeting campaigns has made it a top concern for brand marketers. Though nobody agrees on its real impact on advertising budgets, fraud casts a shadow on the whole programmatic industry, which eventually leads marketers to re-allocate budgets to allegedly safer environments like Facebook, YouTube and Snapchat.

Ad fraud applies to a wide range of techniques that aim at nibbling at advertising budgets through bot-generated actions. Every traffic acquisition channel is exposed to ad fraud (even Google reports an estimated 5% fraudulent clicks, which however are not charged to advertisers), but programmatic is by design more exposed, as it is more decentralised than AdWords or Facebook Ads, and therefore more difficult to control. Now that programmatic is bigger than direct Display buys according to eMarketer, ad fraud accounts for a significant share of display impressions – how much exactly is hard to say, even for fraud detection experts like White Ops, who face backlash from publishers and sell-side players every time they release an estimate.

Ad fraud is actually a mafia-style well-organised cyber-criminal activity, not just a nerdy teenager pet project (even though computer hacking history shows that nerdy teenagers should not be overlooked). It involves massive networks of servers in the cloud or thousands of malware-infected personal computers. Once infected, flocks of computers called botnets open fake browsing sessions, using fake cookies on real browsers to ensure higher CPMs. Indeed, brand X is likely to pay a higher CPM for a cookie that represents a returning visitor than for a generic user. Botnets are sophisticated enough to mimic user behaviour, like mouse movements and page scrolling, and thus to fool most ad-viewability players.

Why not just exclude domains that do not belong to a curated whitelist? It could help fighting basic botnets, which only focus on Run of network (RON) campaigns targeting lower quality exchanges. However, modern botnets also damage Premium campaigns and direct deals with Tier 1 publishers.

To understand how it works, let’s consider the following example:
Brand X wants to run a guaranteed campaign on a high-quality News publisher’s network. It’s likely the publisher will sell not only guaranteed inventory on its own domain, but also “extended reach”, which is a way to target the publisher’s audience on remnant programmatic inventory at a cheaper cost. Such a guaranteed premium deal, which can potentially bring great results, can be affected by ad fraud in two different ways.

  • First, extended reach is guaranteed against an audience (well… a pool of cookies) but the selection of inventory is up to the publisher, unless Brand X asks for transparency and strict whitelisting. The publisher then acts as a trading desk and buys inventory on run-of-network campaigns, which makes it easy for a botnet impersonating the publisher-cookie to get decent CPMs on fraudulent websites.
  • Second, the publisher has to make sure it can honour a guaranteed buy on its own inventory with enough traffic on a specific day or week. It is no secret that a quick and dirty fix for this potential issue is to mandate third-party networks, which are paid on a click basis to drive additional traffic when needed. The problem is that such ‘traffic boost’ deals are hard to control and incentivised click networks often work with fraudulent websites and provide ghost traffic. An advertiser running a Premium deal on a Premium guaranteed inventory can then accrue many impressions from bots, even if the publisher website is not a fraudulent website.

Again, nobody really knows how much money we are talking about. White Ops estimates that the sole Methbot operation generates 3 to 5 million dollars per day, but sell-side companies like AppNexus answer it may be 100 times less. Notwithstanding this vague estimate, brand marketers are now aware that programmatic, whether guaranteed or auction-based, is a potentially risky and opaque place in which to invest advertising budgets. Meanwhile, Silicon Valley giant Facebook claims to have stopped investing in a proprietary DSP because of ad fraud, and pitches advertisers for fraud-free campaigns on the Facebook/Instagram apps, putting the whole programmatic ecosystem at risk and highlighting the need for publishers’ networks to provide full transparency to buyers. A long way to go for sure, but a necessary next step.

Would you like another cup of tea?