Nefarious interests ranging from criminal fraudsters, purveyors of malware and even state-sponsored disinformation campaigns have figured out how to weaponize the tools of automated media-buying — and it is an “existential threat” for Madison Avenue’s programmatic advertising marketplace.
So concludes one of the market’s leading platforms, AppNexus, in a comprehensive report released late Wednesday.
“In addition to costing advertisers billions of dollars each year, ad fraud undermines brands’ confidence in the programmatic marketplace,” reads the top-line conclusion of the report “Viral Content: The First Warning Sign Of Fraud.”
The ironic conclusion of the report is that so-called “viral content” -- long the Holy Grail sought by most big consumer marketers and their ad agencies in recent years -- is now seen as a leading signal and potential vector for fraud.
“Experts have seen that generally, publishers specializing in viral content are much more likely to receive non-human traffic,” the AppNexus analysts note.
They added: “We have established this link by using data science methods to find suspicious traffic patterns and overlaps in these sites’ audiences, as well as similarities in the content they produce. Our analysis strongly suggests that many of these sites are operated by the same people.”
So-called “fake news” and various forms of attributed and non-attributed hate speech may seem like a new phenomenon in the wake of the 2016 presidential election and various disclosures made by digital media platforms and Congressional investigators during 2017. But they actually are “just another form of viral content,” according to AppNexus.
“We’ve also seen a connection between viral publishers and the 'fake news' and extremist political content that dominated the public conversation in the months prior to and following the 2016 U.S. presidential election. In fact, it appears that many of the ad-supported sites in these categories are likely driven by money as much as by ideology. Regardless of which motivation is stronger, a key goal for most of these sites is to attract lots of cheap traffic in order to maximize profits from ad revenue.”
The report seeks to break down the overarching generalization of digital ad fraud into discrete categories, noting that while fraudsters “use a variety of tactics to carry out their theft, the common denominator is that they profit by selling phony web traffic under false pretenses.
“In many cases, these schemes involve charging brands and/or publishers to access audiences that don’t actually exist.”
AppNexus categorizes three primary methods:
• Browser or device hijacking programs: malware that takes over a user’s browser and navigates to specified websites without the user’s knowledge.
• Bot networks: server-based browsers that masquerade as human users — in recent years, this tactic for generating non-human traffic has become more widely used than the browser hijacking malware described above.
• Ad-stuffing: a tactic in which the publisher fills a web page with invisible ads the user can’t see.
“While it’s impossible to know exactly how much money the bad guys have made off with, the Interactive Advertising Bureau estimates that ad fraud cost our industry $8.2 billion in 2015,” the report notes, adding that the estimate could be as high as $16.4 billion this year.
“These numbers are inherently imprecise, as there’s no one indicator that guarantees an impression is fraudulent -- but these estimates make it clear that this is a huge problem for our industry. Beyond the sheer magnitude of this theft, fraud presents an existential threat to the digital ecosystem because it undermines brands’ trust in the programmatic marketplace.”
AppNexus attributes the growth to a parallel increase in the “complexity” of the programmatic advertising marketplace, which creates opportunities for fraudsters to exploit less-than-transparent vulnerabilities in the system.
The main takeaways are that brands and agencies need to be vigilant about working with organizations dedicated either to the creation and distribution of “viral content” and/or "onces" solely focused on “traffic acquisition” vs. publishers and content based on authentic user and brand experiences.
The report categories “organic marketing efforts” and “search search engine pay-per-click” models as “generally considered safe,” but lists the following as “completely fraudulent”:
• Cloudbots and traffic exchanges: In this type of traffic acquisition deal, a bad actor rents a virtual private server from a cloud hosting service and then run a headless, automated browser and visit several websites, either directly or through a traffic exchange.
• Pay-per-click exchanges and botnets: A network of computers that have been infected by “malware” that allows hackers to exploit their computing power for nefarious purposes. In the case of ad fraud, bad actors use the captured devices to drive automated, non-human traffic to various websites.
Less clear is a group of programmatic media-buying practices that AppNexus describes as “proceed with caution:”
• Content discovery networks: Firms in this category promote links to publisher content in native advertising widgets on sites across the web.
• Social media pay-per-click: A social media pay-per-click buy occurs when a publisher pays a platform like Facebook or Twitter to place native content links in the middle of the user’s feed.