Ad fraud is when cybercriminals deploy bots to exploit advertising platforms and advertisers. Because bots are capable of defrauding real people, publishers, and most devices—from desktop and mobile to other emerging ecosystems, such as Connected TV (CTV)—this type of fake activity can be both extremely difficult to detect and frustratingly pervasive.

Monitoring and disrupting ad fraud has become a major priority for many marketers, so that they can ensure that their ad spend is going toward real customers and defend themselves against security threats, brand erosion, and much more.

Ad fraud comes in many different forms and levels of sophistication. Here are some of its main methods.

Cybercriminals seeking financial gain through ad fraud use malicious bots that mimic the behaviors of real users. This means that ad fraud has many different forms and levels of sophistication.

The many different types of ad fraud can be bucketed into two categories: device-driven fraud and content driven-fraud.

Cybercriminals use computers, servers, phones, and more to spoof advertisers by faking real ad impressions, utilizing bots hidden within these user devices to mimic typical human behavior on websites or to otherwise impersonate real devices.

This type of bot activity, known as sophisticated invalid traffic (SIVT), is highly advanced and often starts with a publisher commissioning a third-party traffic provider to rack up clicks. Those providers occasionally subcontract the work out to fourth- and fifth-party aggregators—which is where, typically, malicious bots have infiltrated.

Content-driven fraud, which is slightly more complex, uses fake sites and apps to sell space to advertisers who think their ads will be reaching human eyes. This is mainly achieved on “ghost sites” or “cashout sites,” which are visited by bots who facilitate the fake impressions.

Sometimes, cybercriminals will also counterfeit, or “spoof,” reputable websites and brands. Because the malicious actors behind such schemes make these requests look nearly identical to those from the reputable website, it becomes difficult for advertisers to differentiate, meaning fraudsters earn a higher cost-per-click for ads that will earn no human impressions.

As technology evolves, cybercriminals do, too, and emerging formats such as CTV have become recent targets. Sophisticated bots are impersonating CTV devices, soliciting advertisers, and then selling these expensive impressions. Cybercriminals often attack these CTV ecosystems through SSAI spoofing—where ads are delivered, by way of proxy servers, in tandem with the video content so that the viewing experiences appear seamless.

In mobile advertising, meanwhile, there is the problem of app spoofing: the creation of fake apps to serve exclusively as a space for ads and even using a device to commit additional types of fraud, such as device impersonation.

Fraud is a multi-billion dollar industry. With every new ecosystem that enters the market, the opportunities for cybercriminals grow. In recent years, the advertising industry has made significant inroads in their fight against fraudulent activity—with improvements in built-in fraud prevention measures and many other third-party security tools.

With this increase in cybersecurity defenses, the cost and risk of crime has also increased, dissuading many would-be fraudsters from pursuing this particular method of cybercrime. However, increased protections have given way to more advanced evasion tactics from cybercriminals, as malicious actors continue to adapt to avoid detection.

Empowered by our collective protection approach, HUMAN is on a mission to disrupt the economics of cybercrime.

HUMAN believes that the best way to dismantle ad fraud is to disincentivize it. Our cutting-edge detection methods help ensure that committing ad fraud has real and lasting consequences. We verify more than 15 trillion digital interactions every week and can give our clients insight into the difference between human and bot traffic patterns with just a single line of code. Receive multilayered protection through our leading ad fraud product:

• MediaGuard
  With this tool, we help ad tech platforms, media owners and advertisers gain context into each impression, even before the bid; cross-referencing our findings against our global detection knowledge base in order to identify ad fraud within milliseconds. Advertisers can utilize MediaGuard to provide insight into and protection against even the most dynamic bots, across any device or ecosystem.

In 2016, for instance, we took down Methbot, at the time the world’s largest ad fraud botnet, whose ringleader, the self-proclaimed “King of Fraud,” was recently sentenced to 10 years in prison. Since that exhilarating success, we’ve invested even more deeply in our belief in collective protection with the formation of the Human Collective – a group of more than 25 industry leaders who come together to fight ad fraud.