There’s an assumption in the marketing world that ad fraud attacks all campaigns equally, but this isn’t really the case. Instead of skimming a small percentage off the top of all your campaigns, cybercriminals have very specific targets to maximize their payout.
The most susceptible campaigns are those in which demand, or the available budget of the ad campaign, outstrips the available inventory that matches the intended targeting of that campaign, also known as supply.
This can happen during a holiday season or a major sporting event, during the end of a campaign, or with a highly-targeted list. Marketers need to be vigilant against these attacks by monitoring those campaigns with a tool that can highlight any fraud “hotspots” effectively.
Here’s a step-by-step walkthrough of how to find fraud hotspots with White Ops.
The best place to begin your fraud investigation is on the FraudSensor Summary dashboard. Since there’s usually a significant amount of data in that view, it’s best to start high and then work your way down.
The main thing you’re looking for at this stage is some kind of major anomaly. Most often, these anomalies manifest as sophisticated invalid traffic, or SIVT, spikes on any given day.
Once you find an anomaly like this, adjust the timeframe to correspond to the period of elevated SIVT. Then, scroll down to the Impact Assessment Summary below the dashboard graph. These summary charts show the top ten domains, campaigns, providers, etc. (you can customize by interest) with the highest amount of SIVT.
We suggest you look at the publisher or domain first. Frequently, you’ll find that certain publishers or domains have high SIVT rates that account for the bulk of fraudulent activity on a given exchange or SSP. Use the filters on Explore tab (it’s one over from the Summary tab) to find these “hotspots.” Try looking for domains with >10% IVT or a certain number of fraudulent impressions. This can help you drill down into where the fraud is actually taking place.
From there, look at specific campaign summaries from those publishers. Found something interesting? Good — take a look at placements from those campaigns. There you should be able to see which placements had highest SIVT volume, or any trends in types of placements.
For example, during a hotspot analysis, one White Ops customer was able to prove that the majority of the non-human traffic flooding their campaign was coming at the same time that they were running a full homepage takeover on a specific publisher’s website.
This tiered approach will ensure that you are finding the areas of highest fraud and highest economic impact within your campaigns. These types of analyses are a recommended best practice for your team to ensure fraud is always carefully monitored and effectively removed.
If fraud is coming through in your programmatic buys, identifying poor-performance domains and blacklisting them on a weekly basis is a method that has proven to be effective.
If fraud is coming through in your direct publisher buys, identifying specific placements and/or domains and notifying the publisher so they can address the issue will usually fix the problem. If the publisher is unable to address the issue, then you may need to reconsider your relationship with them.
Some of our customers don’t see daily spikes, but still have levels of SIVT that are consistently higher than they would like. In these situations, instead of focusing your publisher analysis on specific days where fraud spiked, you can run your publisher analysis on the whole time period (i.e. Last 30 Days, Last Quarter) in question. The follow-on logic is the same.
Though you should be looking for fraud in all your campaigns at all times, there are some periods during the year during which you should be extra vigilant. These times include:
While many people assume that ad fraud is equally spread out across, our research has shown this is far from the case. Systematically identifying and remediating hotspots can be time well spent for savvy marketers.