The scam involves 34,000 domains, enticing advertisers to invest up to hundreds of thousands of dollars per day on what resembles standard ad space — but is really on fake websites with sizable traffic from spiders rather than human visitors.
The operation, dubbed “Hyphbot,” was uncovered this week by Denmark-based advertising-technology company Adform and has provided renewed urgency to people in the advertising sector seeking to fight these tactics.
“It is really important to leverage these stories as chances to renew interest in procuring the supply chain,” said Sonia Carreno, president of the Interactive Advertising Bureau (IAB) in Canada.
For the IAB, that means another event to push the industry to embrace Ads.txt, an easy way for publishers to communicate with marketers just which advertisement buys carry legitimate inventory out of them. The text code, which is embedded on a site only by the website’s owner, was made by the IAB’s Tech Lab to allow both automatic ad exchanges and buyers who use them to confirm that an ad space available is valid.
1 point of this program is to combat “domain spoofing,” a frequent fraud strategy where fake ad space is set up for sale but made to look like it is coming from a legitimate site.
Domain spoofing has been a problem for decades, but discussions about the issue were given renewed vigour with the “Methbot” scheme shown early this season. WhiteOps, a company that conducts fraud detection, it “the biggest and most profitable ad fraud procedure … to date.” The operation created over 6,000 sites that seemed to belong to renowned U.S. publishers, gamed programmatic (or automated) exchanges to sell video ads on these fake websites, guided robots to “view” these ads, then collected the money advertisers paid for those clicks. Video ads are a specific target for these schemes because they command a higher price. WhiteOps estimated that the scheme drew $3-million (U.S.) to $5-million per day, beginning late last year.
The Hyphbot plot revealed this week has been operating since August, to Adform, and the company estimates the network of robots it utilizes is three to four times bigger than the one used in Methbot.
“Look at the way the ad industry has transitioned. Previously, you’d advertisers working directly with publishers. Then, for some time, you had the ad-network version — one trusted third party that has been in the midst facilitating that connection. Now, it is a really crowded space. You’ve got all these parties in between,” said Rick Abell, vice-president of international publisher development for advertising technology company Exponential, which has been advocating for Ads.txt adoption among its clientele.
“In several cases, the advertiser and the publisher have grown pretty far apart. … Any lack of transparency creates less clarity in terms of what is going on in that advertisement chain. Fraudsters will thrive in complicated, convoluted environments,” Mr. Abell added. “We have seen publishers get requests to place code on their Ads.txt webpage [authorizing a vendor], and they are unfamiliar with that partner — that is good. You should know who of your partners are in the value chain.”
As it was announced in May, over 35,000 publishers have embraced Ads.txt globally, according to the IAB. While adoption was somewhat slow initially, Google’s support has helped promote growth, Ms. Carreno stated. Since September, Google has announced its programmatic purchasing platform, which is one of the biggest in the business, would only purchase from confirmed sources, when an Ads.txt file was available, and that its selling platforms would start filtering out unauthorized vendors, when recognized by a writer’s Ads.txt file.
Spoofing hurts both publishers and entrepreneurs. The advertiser wastes money placing advertisements in front of bots and on low-quality websites, where they would not wish to be seen, and the respectable publisher that might have sold them legitimate advertisements loses out on pre-tax earnings.
In September, the Financial Times looked into the problem and found spoofed FT advertisements available on 10 exchanges and spoofed video advertisements on 15 imports — for a total value of approximately #1-million (more than $1.6-million). Fake FT advertisements were offered by approximately 300 accounts.
“Advertisers can not abdicate their responsibility in the supply chain,” Ms. Carreno stated. “As procurement [departments] have obtained over the choices on working with [media-buying] agencies, the strain has been to acquire high amounts of stock at low price. Just because one agency can provide to [purchase ad space] in a fraction of the price of some other agency, that is not valid as a decision-making rationale any more. … It’s quite easy to say, ‘I want transparency.’ But all of this could have been averted had there not been this downward pressure on prices — had we never seen electronic as this weird dollar-store socket for media.”
Advertisers and their media buyers should be exerting more pressure on exchanges where fraudulent stock is found available, said Jason Kint, CEO of Digital Content Next, a business association representing publishers such as The New York Times and FT.
“The buyer needs to stop purchasing the Rolex watches on the street corner,” he said.