Dōmo arigatō, Mr. Roboto, NOT!

August 13, 2014

Email this to someoneTweet about this on TwitterShare on FacebookPin on PinterestShare on Google+Share on LinkedIn


When The Wall Street Journal publishes multiple articles1 on digital ad fraud, the industry and clients sit up and take notice. Digital ad fraud is a serious problem, a $6 billion dollar problem in the US in 2013, as estimated by White Ops, a company that tracks online criminal behavior.2

Digital ad fraud is caused by hackers who surreptitiously install malware on computers. This malware is used to hijack hundreds of thousands of computers to act as “bots” by visiting sites or clicking on ads to mimic human behavior. Botnet operators make money when they direct non-human/bot traffic to websites to generate impressions, which are then bought on ad exchanges by automated buying platforms (i.e., demand side platforms).

Many Eastern European hackers who previously focused on electronic bank transfer fraud have turned their attention to digital ad fraud, as it can be more profitable. In digital marketing, there are no Secret Service men monitoring this fraud, and it’s not yet a criminal offense.

At a recent event that Collective hosted in Boston on battling bots, they explained how they are being vigilant about detecting fraudulent non-human traffic. Collective has a dedicated team that looks at “big data” within log files to detect patterns that represent suspicious activity. A few patterns identified by Collective and CPX Interactive’s Botwatch.com are as follows:

• Site overlap: Bots tends to visit a limited number of sites with high regularity in order to generate traffic while humans visit a limited number of sites per day. Sites with aberrant traffic patterns can be flagged as questionable.

• Browsing behavior: Bots tend to visit the same site in rapid-fire succession within a very short time between visits (usually one second) while visiting patterns of human traffic has hours or days between visits.

• User agent analysis: A user agent is software that sends a line of text to identify a computer’s browser and operating system to a web server. Analyzing user agents can identify bot traffic as normal sites have varied distribution of browsers and operating systems while bots use fewer browsers and operating systems.
Companies like Integral Ad Science , White Ops , MdotLabs (recently acquired by comScore) and Adometry (recently acquired by Google) have also developed technologies to detect bot traffic in order to avoid fraud.

Additionally, the IAB has started to certify companies that are compliant with its Quality Assurance Guidelines (QAG) that provides greater transparency on how companies are acquiring and vetting digital inventory. All of the ad networks and programmatic buying partners that we work with are QAG certified.

Walter Wriston’s quote, “money goes where it’s well treated” applies to how we invest our client’s digital ad budgets with media partners. As we have increased our use of programmatic media buying partners, we have made a commitment to only working with partners who are actively addressing the issues of digital ad fraud.

– Bob

  1. “Phony Web Traffic Tricks Digital Ads”, September 30, 2013 (http://on.wsj.com/1zYbo0j), “Crisis in Online Ads: Bogus Traffic”, March 24, 2014 (http://on.wsj.com/1AYkw6I), “Bots and Drone Pools: The Deep Bag of Tricks in Video-Ad Fraud”, May 26, 2014, http://on.wsj.com/1shN48C 

  2. White Ops On a Mission to Root Out Ad Fraud, March 27, 2014 (http://www.adexchanger.com/online-advertising/white-ops-on-a-mission-to-root-out-ad-fraud/