Know Thy Enemy: Who the Digital Ad Industry Is Fighting and How to Stop Them
Fraudsters. Bad actors. Blackhats. It doesn’t matter what you call them because they all mean the same thing – the bad guys. They’re the ones that keep publishers up at night and wreak havoc on the rest of the ecosystem. And as anyone on the frontlines can attest, these bad guys aren’t pushovers.
But do we really know who the fraudsters are? And what motivates them? After all, if Sun Tzu’s words in the Art of War still carry any relevance – and I absolutely assure you they do – then knowing thy enemy is the centerpiece to any effective wartime strategy. And that’s exactly what the digital ad ecosystem faces in these fraudsters – a war, with billions of dollars and an entire industry on the line.
So let’s get to know the enemy a little better and discuss what publishers and platforms can do to stop them. Yes, it’s a tough fight, but one that digital advertising can decisively win with key insights and the right tools leading the way.
Follow the Money
I’m sure that you can think of several words to describe fraudsters, many of which might not be well-suited for a PG rated blog. But I’m going to use a few basic terms that will tell you everything you need to know about the bad guys and their bad ads. Smart. Conniving. Motivated. That’s them in a nutshell, and it’s a mistake to underestimate them.
In fact, many of the fraudsters are highly-educated but live in areas where there just aren’t a lot of well-paying jobs. And that’s where their primary motivation plays such a pivotal role – money. We’ve said in the past how malvertising costs the digital advertising industry over $1 billion a year, a number dwarfed by the nearly $50 billion estimated global price tag for ad fraud in total. But how, exactly, does that translate to the individual fraudster?
Through a myriad of bogus websites, apps, redirects, and fake ad impressions, those billions equate to somewhere between $5 million and $20 million in income per year for a “professional” bad actor. That kind of money leaves little doubt as to why these intelligent people are opting for a life of crime rather than getting their MBA. Like it or not, bad ads pay.
Redirects Equal Stacks of Cash
Suffice it to say, money makes the ad fraud world go ‘round. But how exactly does it all happen? How does something like a forced redirect, for instance, equate to stacks of cash for the fraudsters? Well, it can really occur in a few different ways:
- First is a click arbitrage play, where the bad actor pays a low rate to get onto a website. They then turn around and resell that traffic for a much higher cost per page impression. Therefore, if the bad actor pays a penny on the front-end but sells every impression or download they can get the other party for a dollar, that redirect drives a huge profit margin for the bad actor.
- Alternatively, black hats can use redirects and fake rewards or offers to gather information from susceptible users. Since those that attempt to claim the “reward” are probably more gullible than others, the bad guys will target them with follow-up phishing scams. Unfortunately for those users, black hats know that their chances for a successful scam are far higher than they would have been if they targeted a general sample of consumers.
- A fraudster could also use a redirect to install malware on a user’s device and use it for nefarious means. Something like keystroke listening malware, for instance, gives fraudsters an easy way to pilfer credit card numbers, banking logins, Social Security numbers, and other sensitive information. Fraudsters also use malware to create gigantic botnets from users’ devices, where they can use their army for a DDoS attack or to fake traffic– but for a handsome price, of course.
Little Risk, Massive Reward
The point is, there are seemingly countless ways for fraudsters to make serious money. But let’s put some context into the discussion and look at the bigger criminal picture. According to research from HP, ad fraud is such a burgeoning industry because of its extraordinary payouts relative to little risk.
(image from https://martechtoday.com/wp-content/uploads/2018/08/Ad_Fraud_graphic_trllx3.png but from this HP white paper: http://static.politico.com/b9/55/4e3ce4cc41d88401e264dcacc35c/hpe-security-research-business-of-hacking-may-2016.pdf)
As you can see, ad fraud is simply a better business decision than old fashioned stalwarts like organized crime and extortion. That’s why it’s second only to the drug trade in income derived from crime. And if we’re comparing making millions from affiliate marketing, click arbitrage, and cookie stuffing versus the drug trade and other unsavory occupations, I can easily make a case that The Godfather Part IV would take place in cyberspace. In business speak, ad fraud is a high growth industry with low barriers to entry, and that makes it incredibly attractive to criminals.
Beating the Fraudsters at Their Own Game
Now that I’ve sufficiently frightened you with the reality of this war for ad quality, it’s time for a ray of hope. As bleak as things appear right now, publishers have effective solutions that can put the fraudsters in their place. It’s just a matter of choosing the right tools.
We’ve spoken before about the importance of flexibility when battling bad actors. Unfortunately, the industry doesn’t have a crystal ball that will tell it exactly what tactics the fraudsters will use down the road, no matter how advanced technology gets. But that’s why agility can be such powerful difference makers.
Using our own experience in the war for ad quality as an example, we’ve seen first-hand how much bad ads have evolved over the years. Techniques used by fraudsters just 18 months ago now seem antiquated and archaic in comparison to what they use today. And that notion will only continue in the future, making it an exercise in futility to guess what they might have up their malicious sleeves a year or two from now.
Therefore, since it’s next to impossible to predict what’s coming down the malvertising pike, we built our dynamic threat analysis with the specific intention of catching new patterns as they emerge. This approach ensures that our ad quality solution is always one step ahead of the bad guys, no matter what they might have up their malicious sleeves.
Using the COVID-19 crisis as an example, hundreds of millions of deceitful, misleading, and fraudulent ads spread across the ecosystem over a matter of weeks, hawking everything from bogus face masks and test kits to “miracle” cures. But because we were able to quickly react to these new threats through our dynamic analysis, we were able to protect our clients – and, therefore, their brand – from these bad ads.
Of course, dynamic analysis is just one of the techniques we use in our holistic approach to ensuring ad quality. Since new malicious ploys are always popping up, choosing the wrong ad partner – one that isn’t as comprehensive and far-reaching with their solution set – usually means you’re leaving your brand, customers, and stakeholders susceptible to the countless forms of ad fraud. Remember, we’re fighting an intelligent, motivated enemy, and the last thing you want is to get caught bringing a Swiss Army blade to a digital shootout. With Ad Lightning, we can assure you that will never happen.