3VE and Methbot Are Just the Tip of the Iceberg - DoubleVerify

By now, most readers have heard of 3ve and Methbot, the multi-year ad fraud scheme that defrauded advertisers of millions of dollars. These schemes received global coverage because even though ad fraud has been around for years, the US Department of Justice is finally looking to hold someone accountable. And while these rings are getting a lot of press attention, they are not the first of their kind.

 

Over the years, it has become common practice to nickname bot fraud activity in the media but in practice, many newly discovered bot fraud methodologies are just old botnets using new fraudulent methods. The same culprits that used malware last year to generate nonhuman impressions can this year, using fraudulent mechanisms, spoof desktop impressions as premium CTV. And while bots often take center stage, they are not the only fraudulent actor you should watch out for online.

 

So what kinds of sophisticated invalid traffic (SIVT) should you look out for in 2019 and beyond?

  • Bot Fraud. The most well-known ad fraud by far. This type of fraud masquerades as real, human users.  Serving impressions to bots is about as effective as serving impressions to cardboard cutouts of celebrities. One interesting nuance about bots and bot activity is that it is very short-lived. DV has found that new bots live on average for 72 hours and produce the highest number of fraudulent impressions within the first 24 hours.

Botnets are groups of devices that run malicious software or malware that can commit ad fraud. Frequently, users of these devices do not know this fraud is occurring on their devices! Talk about stealth. Botnets can syphon thousands of ad dollars through schemes like falsified websites. For example, in a fraud scheme uncovered by DV in 2017, falsified website activity appeared to come from a premium publisher but was actually being delivered from the botnet’s fraudulent server.

  • Site Fraud. Although site fraud doesn’t receive nearly as much press anymore, the practice is still quite prevalent. Site fraud is committed by bad actors who generate fraudulent quality views on websites with little to no traffic. One common type of site fraud is impression laundering.

Impression laundering – similar to its distant cousin money laundering – conceals the actual URL where an ad appears by using ‘front sites’ that mask themselves as legitimate publishers, in order to monetize ad impressions that otherwise wouldn’t be bought by brand advertisers.

  • Adware/Malware. The unseen killer. Adware/Malware is malicious code that runs in the background of user’s devices. This is not limited to any particular device. It can happen to desktops, tablets, and mobile devices as well. The most common fraud perpetrated by Adware/Malware is ad injection. Have you ever visited a less-than-premium website only to be bombarded by 20 ads within the first minute of opening the page? With ads are so numerous that they clutter the screen with overlapping products and messages? These are ads that have been injected onto the page by malicious software. Many advertisers do not even realize their ads are running in such undesirable locations.
  • App Fraud. Pandora’s box has been opened. With increasing numbers of consumers turning to their mobile devices for a complete desktop experience, fraud has followed the money. Scammers are using methods like hidden ads and app spoofing to defraud advertisers.

Hidden ads run silently in the background of your app and are invisible to the user, therefore providing no benefit whatsoever to the advertiser. App spoofing is a little more nefarious and occurs at the exchange. Advertisers are duped into buying poor quality apps that are published on the exchange as premium apps. This bait and switch also occur on desktops with domain spoofing.

 

Ad fraud is unlikely to go away entirely because, as with many crimes, there is too much incentive financially. However, the more you know the better you can recognize symptoms of ad fraud in your media investment and stop the theft from happening.

 

Ready to Get Started?
Get in Touch and Request a Demo.

Request a demo
image