Everyone is paying for fraud detection, but without enough technical knowledge, they don't realize the fraud detection doesn't work or is easily tricked by the bad guys. So what's worse is that the people paying for fraud detection have a false sense of security and take their eyes off of the obvious fraud that is still getting through.
2. June 2018 / Page 1marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Despite using fraud detection…
Launch Week 3 and beyondWeek 2
Initial baseline
measurement
Measurement after
first optimization
After eliminating several
“problematic” networks
Obvious fraud still
gets through
3. June 2018 / Page 2marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
After all flavors of“fraud filters”
Obvious fraud
still gets
through; but we
turned off
manually early
in the campaign
4. June 2018 / Page 3marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Conflict and bad measurement
Incorrect IVT Measurement
Source 3 - in ad iframe, badly sampled
Sources 1 and 2
corroborate
One agency sticks to
fraud measurement
company (that is owned
by same agency holding
company), despite
proven errors in IVT
measurement (due to
sampling and tag being in
ad iframe).
Uses high IVT numbers to
get refunds, which
agency keeps as profit.
5. June 2018 / Page 4marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Bad guys actively trick measurement
FAKE 100% viewability
AD
• Stack ads all above the fold to trick
detection
• Use code to alter the detection code
6. June 2018 / Page 5marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
(2018) Code to trick measurement
“the [malicious] code
used by NMG is designed
to interfere with the
ability of third-party
measurement systems to
determine how much of a
digital ad was viewable
during a browsing
session.
This code manipulated
data to ensure that
otherwise unviewable
ads showed up in
measurement systems as
valid impressions, which
resulted in payment being
made for the ad.”
Buzzfeed, March 2018
7. June 2018 / Page 6marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Bad guys A/B tested their bots
They know for sure their bots get through the filters
and get marked as “valid” – they charge more for them.
Selling
“compliant”
traffic
8. June 2018 / Page 7marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Blacklists/whitelists don’t work
bid request
fakesite123.com cookie
ft.com
blacklist
whitelist
✅
✅
bid
ad impression
Pre-bid filters
FRAUD DETECTIONPROGRAMMATIC SEQUENCE
In-ad
declared
FAILS because
everything is declared
(i.e. easily faked)
Lists rely on or compare against declared data, so they don’t work
9. June 2018 / Page 8marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Fraud filters don’t work
Turning ON and OFF 4 different fraud filters resulted in
NO DIFFERENCE in the heights of the red peaks (bots)
or blue peaks (naked ad calls)
10. June 2018 / Page 9marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
No better than manual, costs more
1.Fraud filters are no better than manual blacklists
2.In some cases, there’s MORE fraud when filter is on
3.Using fraud filters adds 20 – 24% to costs; manual
blacklists are free
11. June 2018 / Page 10marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
declared to be:
Brand safety tech doesn’t work
Pre-scanned Domain List
In-ad tag
Ad tags that are in the foreign
iframe (different domain) cannot
look outside the iframe. So they
cannot read content on the site
to determine brand safety.
bad word
porn
terrorism
hate
badsite123.com
badsite123.com
badsite123.com
badsite123.com
goodsite123.com
goodsite123.com
goodsite123.com
Domain Placement Reports
goodsite123.com
goodsite123.com
goodsite123.com
goodsite123.com
goodsite123.com
goodsite123.com
goodsite123.com
FAILS because it is not directly
measured; relies on domain placement
reports which have declared data.
12. June 2018 / Page 11marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Why it doesn’t work
In-ad tag
ad iframeBad word
Bad content
Bad word
Bad content
Basic browser security (no cross-domain)…
… means tracking tags, riding along with the
ad (in ad iframe) cannot read content on the
page to do brand-safety measurements.
13. June 2018 / Page 12marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Entirely different measurements
In-Ad On-Site
ad tag / pixel
(in-ad measurement)
(copy and paste ad tag)
Google Analytics
BotAnalytics
14. June 2018 / Page 13marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Tag placement matters ... A LOT
In-Ad
(in foreign iframe)
On-Site
(on page)
window sizes detected
as 0x0 or 0x8 pixels correct window sizes
for ads detected
0% humans
60% bots
60% humans
3% bots
“fraud measurements could be entirely wrong, depending on
where the tag is placed and where the measurement is done.”
15. June 2018 / Page 14marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Redirect traffic – not detected
“this is bigger than
ALL of the monthly
pageviews of good
publishers combined.”
How much is available?
a.k.a. “zero-click” “pop-under” “forced-view” “auto-nav”
16. June 2018 / Page 15marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Apps load webpages – not detected
“fraud sites’ traffic comes from apps that load hidden webpages”
Openly selling on LinkedIn
17. June 2018 / Page 16marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Legit sites incorrectly marked
Domain (spoofed) % SIVT
esquire.com 77%
travelchannel.com 76%
foodnetwork.com 76%
popularmechanics.com 74%
latimes.com 72%
reuters.com 71%
bid request
fakesite123.com
esquire.com
passes blacklist
passes whitelist
✅
✅
declared
1. fakesite123.com has to pretend
to be esquire.com to get bids;
2. fraud measurement shows high
IVT b/c it is measuring the fake
site with fake traffic
3. Fake esquire.com gets mixed with
real so average fraud rates
appear high.
4. Real esquire.com gets backlisted;
bad guy moves on to another
domain.
19. June 2018 / Page 18marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
“Verified” no different than control
“Verified Bots”
“Verified Humans”
Control: No Targeting
+$0.25 data CPM
+$0.25 data CPM
“verified bots” and “verified
humans” showed no difference in
quality to each other – AND both
were no different than the
control where no targeting
was used.
20. June 2018 / Page 19marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Obvious fraud seen in analytics
top 4 referrers – same exact pattern/data
21. “fight ad fraud with
common sense”
- stop wasting money on tech that
doesn’t work
- insist on detailed data and look at
the analytics yourself
22. June 2018 / Page 21marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
About the Author
Augustine Fou, PhD.
acfou [@] mktsci.com
212. 203 .7239
23. June 2018 / Page 22marketing.scienceconsulting group, inc.
linkedin.com/in/augustinefou
Dr. Augustine Fou – Independent Ad Fraud Researcher
2013
2014
Published slide decks and posts:
http://www.slideshare.net/augustinefou/presentations
https://www.linkedin.com/today/author/augustinefou
2016
2015
2017