March 2019 / Page 0marketing.scienceconsulting group, inc.
Digital Ad Fraud is Not
Illegal Yet, But Should Be
Augustine Fou, PhD.
acfou [at] mktsci.com
March 2019 / Page 1marketing.scienceconsulting group, inc.
Why, what is it like?
March 2019 / Page 2marketing.scienceconsulting group, inc.
Just like fake watches and handbags, fake digital ads
March 2019 / Page 3marketing.scienceconsulting group, inc.
Computer crimesMany of the tech/actions that support ad fraud are computer crimes
“computer crimes such as breaking into computers or computer
networks. Computer crime can be broadly defined as criminal activity
involving information technology infrastructure, including illegal
access (unauthorized access), illegal interception (by technical means
of non-public transmissions of computer data to, from or within a
computer system), data interference (unauthorized damaging,
deletion, deterioration, alteration or suppression of computer data),
systems interference (interfering with the functioning of a computer
system by inputting, transmitting, damaging, deleting, deteriorating,
altering or suppressing computer data), misuse of devices, forgery (or
identity theft) and electronic fraud.
March 2019 / Page 4marketing.scienceconsulting group, inc.
Illegal Access / Breaches
Harvesting personal info, ecommerce transactions, other data
March 2019 / Page 5marketing.scienceconsulting group, inc.
Keystroke logging to collect logins, passwords, other personal info
Source: Freedom to Tinker, Nov 2017
March 2019 / Page 6marketing.scienceconsulting group, inc.
Alteration or suppression of computer data
Buzzfeed, March 2018
“Laguna Niguel man pleads
guilty in 'cookie stuffing' scam
against Ebay. The online
auctioneer paid Dunning’s
company about $5.2 million in
2006 and 2007, the U.S. Attorney
March 2019 / Page 7marketing.scienceconsulting group, inc.
Misuse of Devices
Ransomware and malicious cryptomining using humans’ devices
March 2019 / Page 8marketing.scienceconsulting group, inc.
Forgery, falsified profiles
Unverifiable lookalike audiences contain fake profiles/preferences
Bots pretend to be
oncologists by visiting
oncology related sites.
“[LOTAME] purged 400 million
of its over 4 billion profiles after
identifying them as bots.”
Adweek, Feb 2018
March 2019 / Page 9marketing.scienceconsulting group, inc.
Bad guys pretend to be politicians, celebrities to trick consumers
March 2019 / Page 10marketing.scienceconsulting group, inc.
Entire pages copied to thousands of other sites, to get free traffic
Google search on entire phrase in quotes:
Source: Buzzfeed, March 2019
March 2019 / Page 11marketing.scienceconsulting group, inc.
Multiple forms of fraud, violating different laws
Quote from Doc Searls,
1. “All four ads are flat-out frauds, in up to
four ways apiece: All are lies (Tiger isn’t
gone from Golf, Trump isn’t disqualified,
Kaepernick is still with the Niners, Tom
Brady is still playing), violating Truth in
2. They were surely not placed by ESPN and
CNN. This is fraud.
3. All four of them violate copyright or
trademark laws by using another
company’s name or logo. (One falsely
uses another’s logo. Three falsely use
another company’s Web address.)
4. All four stories are bait-and-switch scams,
which are also illegal. (Both of mine were
actually ads for diet supplements.)”
March 2019 / Page 12marketing.scienceconsulting group, inc.
Large numbers of cloned sites containing 100% pirated content
sites use pirated
content to attract
- Show ads
- Attempt to hack
them or track them
March 2019 / Page 13marketing.scienceconsulting group, inc.
DDoS traffic for ad revenueDDoS attacks overwhelm with traffic; now use traffic to make ad revenue
Google Digital Attack Map
March 2019 / Page 14marketing.scienceconsulting group, inc.
Ad dollars fund child abuse sites
“Using a variety of sophisticated techniques to avoid detection,
offenders are exploiting online advertising networks to monetise their
distribution of child sexual abuse material.”
Source: The Drum Nov 6, 2018
Source: CNN, Feb 2019
March 2019 / Page 15marketing.scienceconsulting group, inc.
Ad dollars fund piracy, porn sites
Source: Adweek, 2013 Source: BusinessInsider, 2014
March 2019 / Page 16marketing.scienceconsulting group, inc.
Identity theft scenarios
Stolen personal info can be sold, and also later used in hacking
Data Prices on the Dark Web
March 2019 / Page 17marketing.scienceconsulting group, inc.
Money laundering scenario
Dollars are laundered as digital media ad spend on “cash out” sites
1. Buy digital media via ad exchanges on sites
directly or indirectly owned by the same entities
2. Pay “ad tech tax” (cut to middlemen)
3. Collect dollars from “cash out” sites, fully
March 2019 / Page 18marketing.scienceconsulting group, inc.
Credit card fraud scenario
Tiny transactions automated on millions of stolen card numbers
Buy HDTV at Walmart
with stolen credit card;
get caught, card is
Automate millions of 99 cent in-
game purchases of “power-ups,
shields, virtual goods” to
harvest dollars, fully laundered.
March 2019 / Page 19marketing.scienceconsulting group, inc.
Wire fraud scenarios
Knowingly misrepresenting the capabilities of the … technology
“Allegedly engaged in a multi-million dollar
scheme to defraud investors, as well as a
doctors and patients. charged with two counts
of conspiracy to commit wire fraud and nine
counts of wire fraud.
Holmes and Balwani are charged with two
counts of conspiracy to commit wire fraud and
nine counts of wire fraud.
Holmes and Balwani were accused of knowingly
misrepresenting the capabilities of Theranos'
proprietary blood testing technology. The two
allegedly knew there were "accuracy and
reliability problems," and that it "could not
compete with existing, more conventional
machines," the US Attorney's office said.”
March 2019 / Page 20marketing.scienceconsulting group, inc.
Securities fraud scenarios
Deceptive practice of inducing investors with false information
• Revenues derived from illegal activities
• Inflating revenue, profits through ad fraud
• Overstating subscribers, active users, ARPU
• Selling counterfeit services and products
• Misrepresenting the capabilities of services, products
March 2019 / Page 21marketing.scienceconsulting group, inc.
Ad fraud is “cash out”
for criminal activities
March 2019 / Page 22marketing.scienceconsulting group, inc.
The most profitable criminal activity
2,500 - 4,100% returns
11% returns1% interest
digital ad fraud
stock marketbank interest
“where else can I get multi-
thousands percent returns on
my money? Right. Nowhere.”
March 2019 / Page 23marketing.scienceconsulting group, inc.
“Ad fraud is at ALL TIME HIGHS
both in RATE and in DOLLARS…
… and what’s worse is fraud
detection is not catching it, so
people have a false sense of security.”
March 2019 / Page 24marketing.scienceconsulting group, inc.
“solving ad fraud will reduce the
flow of dollars to what amounts to
‘major economic crimes.’
Then, and only then, will we get
back to REAL digital marketing.”
March 2019 / Page 25marketing.scienceconsulting group, inc.
What can each
March 2019 / Page 26marketing.scienceconsulting group, inc.
• Cut or pause digital ad spend to observe if there are
changes to real business outcomes. If not, keep cutting until
you see a change. Anything else was not driving results
anyway, no matter if it was marked “fraud free” or not.
• Always ask why or how? Don’t assume summary reports are
accurate or that other parties are doing what’s right for you.
• Get detailed “line item” reports (e.g. sellerID based
placement reports, not just domain based reports); choose
reliable metrics and avoid easily fakable quantity metrics.
• Rely on your common sense and check your own analytics
for signs of fraud; reduce fraud by turning off sites and
exchanges that exhibit consistent patterns of cheating.
March 2019 / Page 27marketing.scienceconsulting group, inc.
Example: P&G cut $200M
No business impact after cut; plans more cuts, up to half a billion
“Once we got transparency, it
illuminated what reality was,” said
Mr. Pritchard. P&G then took matters
into its owns hands and voted with
its dollars, he said.”
“As we all chased the Holy Grail of
digital, self-included, we were
relinquishing too much control—
blinded by shiny objects,
overwhelmed by big data, and ceding
power to algorithms,” Mr. Pritchard
Source: WSJ, March 2018
P&G: cut $200M, no impact
March 2019 / Page 28marketing.scienceconsulting group, inc.
• Update policies to outlaw the most common forms of
abuses that support ad fraud – duplicate content, phantom
sites, auto-refreshing of pages and ad slots, naked ad calls
• Establish simple “3 strikes” policy to notify offenders and
provide paths to remediation and correction of violations
• Provide detailed reports to clients, specifically sellerID
based reports so all parties can “follow the money trail” and
help identify bad actors
March 2019 / Page 29marketing.scienceconsulting group, inc.
Example: model citizen SSP
• “Strictly enforce ads.txt compliance. This goes beyond just verifying
that an ads.txt is in place (which, as you note, is no barrier). Rather, it
ensures that the domain sending the traffic must be tie back to a
payee that is authorized by the site owner. This ensures that bad
actors won't be paid for spoofed traffic.
• Ban 300x250 video and other commonly arbitraged ad units.
• Operate off a whitelist of partners, domains, and apps. There should
be no chance of inventory going live without human review.
• Scan all creatives for malware and other malicious code.
• Have earned TAG Certification in all relevant programs (e.g. Certified
Against Fraud, Certified Against Malware, Inventory Quality
Guidelines) validated by a 3rd party. TAG certification [requires]
thorough documentation and disclosures, which many bad actors may
not be willing or able to complete.”
March 2019 / Page 30marketing.scienceconsulting group, inc.
• Don’t source traffic (outright buying of hits to your site or
app); this exposes you to ad fraud. This is different from
paid/social media marketing, real content discovery.
• Protect your buyers - filter obvious bots (GIVT – named bots
and data centers) so ad calls are not made; this also reduces
the chances of your getting accused of high invalid traffic
• Protect your website visitors by reducing third party
trackers and carefully vetting the ones that remain; reduce
your own risk of privacy violations and non-compliance
March 2019 / Page 31marketing.scienceconsulting group, inc.
Example: publisher filters bots
Good publishers filter (GIVT) data center traffic, obvious bots
Bots coming to site
Bots filtered out
-9% (filtered GIVT
and data centers)
March 2019 / Page 32marketing.scienceconsulting group, inc.
• Use ad blockers, use malware protection software on all
devices. Limit your exposure to high risk categories of sites
– e.g. piracy sites.
• Use common sense – DON’T click it, even if it appears to be
from a friend or family member. Contact them on a
different channel to ask if they meant to send it.
• Be vigilant – assume that there will be even more hacking
attempts and more malicious malware/malvertising to
come as hackers step up their tech and attacks
• Always monitor for your own personal info, photos, and
other meta data that may be compromised already and
used to trick and compromise you.
March 2019 / Page 33marketing.scienceconsulting group, inc.
Example: ad blocking, VPNs
March 2019 / Page 34marketing.scienceconsulting group, inc.
• Introduce new laws against digital ad fraud and related
fraudulent business practices
• Review government spending (taxpayer dollars) on digital
ads that have proven to be completely ineffective
• Subpoena analytics and reports for details which show
actual performance, hidden in summary reports or averages
• Subpoena financial records to see the money flows (fraud is
very evident when you “follow the money”) and investigate
money laundering and tax evasion
March 2019 / Page 35marketing.scienceconsulting group, inc.
About the Author
Augustine Fou, PhD.
acfou [@] mktsci.com
March 2019 / Page 36marketing.scienceconsulting group, inc.
“It’s easier to fool people than
to convince them that they have
March 2019 / Page 37marketing.scienceconsulting group, inc.
Dr. Augustine Fou – Researcher
Published slide decks and posts: