Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Why Fraud detection doesn't work

2,572 views

Published on

Everyone is paying for fraud detection, but without enough technical knowledge, they don't realize the fraud detection doesn't work or is easily tricked by the bad guys. So what's worse is that the people paying for fraud detection have a false sense of security and take their eyes off of the obvious fraud that is still getting through.

Published in: Marketing
  • Want to earn $4000/m? Of course you do. Learn how when you join today! ▲▲▲ http://scamcb.com/ezpayjobs/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Earn $500 for taking a 1 hour paid survey! read more... ♣♣♣ http://ishbv.com/surveys6/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Why Fraud detection doesn't work

  1. 1. Why Fraud Detection DOESN’T Work June 2018 Augustine Fou, PhD. acfou [at] mktsci.com 212. 203 .7239
  2. 2. June 2018 / Page 1marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Despite using fraud detection… Launch Week 3 and beyondWeek 2 Initial baseline measurement Measurement after first optimization After eliminating several “problematic” networks Obvious fraud still gets through
  3. 3. June 2018 / Page 2marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou After all flavors of“fraud filters” Obvious fraud still gets through; but we turned off manually early in the campaign
  4. 4. June 2018 / Page 3marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Conflict and bad measurement Incorrect IVT Measurement Source 3 - in ad iframe, badly sampled Sources 1 and 2 corroborate One agency sticks to fraud measurement company (that is owned by same agency holding company), despite proven errors in IVT measurement (due to sampling and tag being in ad iframe). Uses high IVT numbers to get refunds, which agency keeps as profit.
  5. 5. June 2018 / Page 4marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Bad guys actively trick measurement FAKE 100% viewability AD • Stack ads all above the fold to trick detection • Use code to alter the detection code
  6. 6. June 2018 / Page 5marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou (2018) Code to trick measurement “the [malicious] code used by NMG is designed to interfere with the ability of third-party measurement systems to determine how much of a digital ad was viewable during a browsing session. This code manipulated data to ensure that otherwise unviewable ads showed up in measurement systems as valid impressions, which resulted in payment being made for the ad.” Buzzfeed, March 2018
  7. 7. June 2018 / Page 6marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Bad guys A/B tested their bots They know for sure their bots get through the filters and get marked as “valid” – they charge more for them. Selling “compliant” traffic
  8. 8. June 2018 / Page 7marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Blacklists/whitelists don’t work bid request fakesite123.com cookie ft.com blacklist whitelist ✅ ✅ bid ad impression Pre-bid filters FRAUD DETECTIONPROGRAMMATIC SEQUENCE In-ad declared FAILS because everything is declared (i.e. easily faked) Lists rely on or compare against declared data, so they don’t work
  9. 9. June 2018 / Page 8marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Fraud filters don’t work Turning ON and OFF 4 different fraud filters resulted in NO DIFFERENCE in the heights of the red peaks (bots) or blue peaks (naked ad calls)
  10. 10. June 2018 / Page 9marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou No better than manual, costs more 1.Fraud filters are no better than manual blacklists 2.In some cases, there’s MORE fraud when filter is on 3.Using fraud filters adds 20 – 24% to costs; manual blacklists are free
  11. 11. June 2018 / Page 10marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou declared to be: Brand safety tech doesn’t work Pre-scanned Domain List In-ad tag Ad tags that are in the foreign iframe (different domain) cannot look outside the iframe. So they cannot read content on the site to determine brand safety. bad word porn terrorism hate badsite123.com badsite123.com badsite123.com badsite123.com goodsite123.com goodsite123.com goodsite123.com Domain Placement Reports goodsite123.com goodsite123.com goodsite123.com goodsite123.com goodsite123.com goodsite123.com goodsite123.com FAILS because it is not directly measured; relies on domain placement reports which have declared data.
  12. 12. June 2018 / Page 11marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Why it doesn’t work In-ad tag ad iframeBad word Bad content Bad word Bad content Basic browser security (no cross-domain)… … means tracking tags, riding along with the ad (in ad iframe) cannot read content on the page to do brand-safety measurements.
  13. 13. June 2018 / Page 12marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Entirely different measurements In-Ad On-Site ad tag / pixel (in-ad measurement) (copy and paste ad tag) Google Analytics BotAnalytics
  14. 14. June 2018 / Page 13marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Tag placement matters ... A LOT In-Ad (in foreign iframe) On-Site (on page) window sizes detected as 0x0 or 0x8 pixels correct window sizes for ads detected 0% humans 60% bots 60% humans 3% bots “fraud measurements could be entirely wrong, depending on where the tag is placed and where the measurement is done.”
  15. 15. June 2018 / Page 14marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Redirect traffic – not detected “this is bigger than ALL of the monthly pageviews of good publishers combined.” How much is available? a.k.a. “zero-click” “pop-under” “forced-view” “auto-nav”
  16. 16. June 2018 / Page 15marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Apps load webpages – not detected “fraud sites’ traffic comes from apps that load hidden webpages” Openly selling on LinkedIn
  17. 17. June 2018 / Page 16marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Legit sites incorrectly marked Domain (spoofed) % SIVT esquire.com 77% travelchannel.com 76% foodnetwork.com 76% popularmechanics.com 74% latimes.com 72% reuters.com 71% bid request fakesite123.com esquire.com passes blacklist passes whitelist ✅ ✅ declared 1. fakesite123.com has to pretend to be esquire.com to get bids; 2. fraud measurement shows high IVT b/c it is measuring the fake site with fake traffic 3. Fake esquire.com gets mixed with real so average fraud rates appear high. 4. Real esquire.com gets backlisted; bad guy moves on to another domain.
  18. 18. June 2018 / Page 17marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Fake sites/apps NOT detected 1221e236c3f8703.com 62b70ac32d4614b.com a6f845e6c37b2833148.com da60995df247712.com d869381a42af33b.com a1b1ea8f418ca02ad4e.com 1de10ecf04779.com 2c0dad36bdb9eb859f0.com a6be07586bc4a7.com fe95a992e6afb.com 42eed1a0d9c129.com da6fda11b2b0ba.com afa9bdfa63bf7.com 739c49a8c68917.com baa2e174884c9c0460e.com d602196786e42d.com 153105c2f9564.com 8761f9f83613.com 20a840a14a0ef7d6.com 31a5610ce3a8a2.com 5726303d87522d05.com 3ac901bf5793b0fccff.com b014381c95cb.com 2137dc12f9d8.com 06f09b1008ae993a5a.com fbfd396918c60838.com 97ff623306ff4c26996.com b1f6fe5e3f0c3c8ba6.com 23205523023daea6.com 6068a17eed25.com b1fe8a95ae27823.com f4906b7c15ba.com eac0823ca94e3c07.com 1f7de8569ea97f0614.com 21c9a53484951.com 24ad89fc2690ed9369.com efd3b86a5fbddda.com 34c2f22e9503ace.com 0926a687679d337e9d.com 6a40194bef976cc.com 33ae985c0ea917.com 02aa19117f396e9.com f8260adbf8558d6.com 9376ec23d50b1.com pushedwebnews.com a0675c1160de6c6.com 0f461325bf56c3e1b9.com 850a54dbd2398a2.com com.dxnxbgj.mkridqxviiqaogw com.obugniljhe.fptvznqwhmcjm com.bpo.ksuhpsdkgvbtlsw com.rlcznwgouw.vvtexstbfttngc com.kasbgf.sbzwtgpcbjexi com.bprlgbl.vbze com.zka.lzhsoueilo com.alxsavx.mizzucnlb com.jxknvk.lrwfdfirdzpsw com.tvwvqbt.wbshaguqy com.iwnxtpahcu.leyuehdwdbb com.okf.rhvemtykfibzpxj com.obpmirzste.ldsjpv com.zmm.shmxvjxnsagndui com.nqzwr.leusrmpmsq com.rced.zcdsglptpdlwpu com.kerms.ehlsgnc com.cmia.iabhheltm com.skggynmtx.tyyjnwpefvqtll com.kgdtltnuv.hayvfhob com.ztzsiqg.dyojlxdscxws com.xlwuqe.ddrdhsuosbn com.rkrhmzee.wjcoznxu com.ebhzb.hbzvomzpcctovj Fake sites Fake sites Fake apps
  19. 19. June 2018 / Page 18marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou “Verified” no different than control “Verified Bots” “Verified Humans” Control: No Targeting +$0.25 data CPM +$0.25 data CPM “verified bots” and “verified humans” showed no difference in quality to each other – AND both were no different than the control where no targeting was used.
  20. 20. June 2018 / Page 19marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Obvious fraud seen in analytics top 4 referrers – same exact pattern/data
  21. 21. “fight ad fraud with common sense” - stop wasting money on tech that doesn’t work - insist on detailed data and look at the analytics yourself
  22. 22. June 2018 / Page 21marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou About the Author Augustine Fou, PhD. acfou [@] mktsci.com 212. 203 .7239
  23. 23. June 2018 / Page 22marketing.scienceconsulting group, inc. linkedin.com/in/augustinefou Dr. Augustine Fou – Independent Ad Fraud Researcher 2013 2014 Published slide decks and posts: http://www.slideshare.net/augustinefou/presentations https://www.linkedin.com/today/author/augustinefou 2016 2015 2017

×