• by Marc Goldberg , Op-Ed Contributor, December 19, 2018

I can’t un-see some of the sites we have come across at Trust Metrics. I have seen sites so egregiously vulgar and hate-filled that saying they are not brand-safe would be an enormous understatement. However, it’s not just the worst of the worst we are after. We also recognize issues on sites that help identify bad intent and nefarious practices that might not be so obvious to the untrained eye.

If you look at your post-campaign reports, you will notice sites you never heard of earning a lot of impressions. Look at those sites — don't stop at surface level.

Take for example Contact Us, Privacy Policy and Terms of Service pages. They are almost stitched into the fabric of the internet and most of us don’t even notice them.

These pages generally don’t contain any substantive content, but rather generic legalese, terms and contact info. Even the biggest sites on the web don’t have a lot of traffic to these pages, since the content is only relevant to the few users who might need the information.

Besides, publishers being lazy with their templates, why do some sites have dozens of ads on these masthead pages?

Bad guys take advantage of these less-monitored pages to hide ad fraud.

Since few legitimate human users will notice ad clutter on these pages, some publishers take advantage by littering them with ads and send bot traffic there. As we’ve learned from Methbot, 3ve, and other exposures of Big Fraud, bots can be designed to trick vendors into believing they are human.

They take actions on pages — like scrolling up and down and “clicking” on pages — that mimic the activity of a human just enough to occasionally sneak past detection services. These descriptive masthead pages are easy targets; they have predictable layouts and are usually clickable from a site’s homepage. When a bot comes in, it will go to these pages to generate a lot of ad views.

Publishers with bad intent use these pages to game the system to monetize “safe” pages that are devoid of substance.

Usually, there are a few layers of safeguards that would protect your brand from fraudulent activity. However, these pages usually get past safety vendors, as there are no swears or other indications of unsavory content on these pages, just benign legalese. It’s important in these cases to remember that quality matters, even when a page is “safe.”

There might not be anything particularly “wrong” with a page, but there isn’t anything particularly “right” about this environment either. These pages do not have unique editorial content (or sometimes any content) that would warrant a legitimate human audience. So why would you want to serve your ads here in the first place?

Digging into examples of these pages serving a high volume of ads, we often notice the pages don’t even serve their stated purposes. Rather than putting a legitimate Privacy Policy or Terms of Service up, some of the worst offenders just put up the default Lorum Ipsom language or a non-working contact form.

The bad guys know that no one digs into these pages, so they often don’t bother covering up their tracks; they leave generic template pages as-is. Buyers, we don’t blame you for missing this. It is impossible to evaluate thousands of sites and ensure you are only running on the best, most relevant content.

Often, a buyer will scan a website’s homepage — a well-lit, clean page in an environment they would be comfortable running on — and not bother digging into the pages that serve the most impressions. It’s important in these cases to have a combination of machine-based analysis at scale with human intelligence validating there are no instances where a publisher or fraudster is intending to game the system.

Advertisers believe they are covered by this sort of thing — but that isn't the case.

Every week, we come across these sites and let brands know of their wasted budget. Here is one that came across our desks this week:

We’ve shared this page with dozens of advertisers and are happy to share it with you if you’d like, just send me a note. I don’t want to give any more attention to these sites than what I'm doing here. We’ve hidden the actual advertisers, but you can see how much real estate they take up on these pages.

I have resisted the urge to publicly shame the advertisers on these pages, but take a look for yourself. Who do you see? Are you there?

Publishers fighting for your ad dollars by doing the right things are hurt by advertisers’ support of these fraudulent pages. Publishers spend lots of time and money implementing IAB standards and joining DCN and other groups that help shepherd in best practices for advertisers and consumers. Reward them directly or indirectly.

For example, if you are regularly looking at reports and are doing diligence on some of the sites you run on, hopefully you can remove some of these crappy sites. When you do, the impressions hopefully go back to the good guys.