A new global scheme using screensavers to hijack CTV devices has been creating fraudulent ads and impressions worth about $6 million per month, according to DoubleVerify, which exposed the fraud.
Dubbed “SmokeScreen,” the fraudulent activity is able to operate even when CTV devices are turned off.
DoubleVerify says it has neutralized the threat for clients, but that the fraud remains active on unprotected CTV platforms and ad campaigns, affecting nearly 10,000 devices and generating up to 10 million fraudulent ad requests per day, at an average CPM of $20. On average, a typical hijacked device generates three times the impression volume of its legitimate counterpart.
The fraud affects CTV publishers, streaming platforms and app developers, as well as advertisers, says Roy Rosenfeld, head of DV’s Fraud Lab.
Once an end user installs the malicious screensaver, SmokeScreen generates impressions en masse using falsified data, allowing the fraudsters to run impressions in the background continuously, without device users’ knowledge.
DV says its Fraud Lab used data and insights from the company’s video filtering solution, which works even in environments where blocking is not supported, including CTV, to create a detector for the screensaver fraud.