Conmen and fraudsters thrive in confusion. And few places are more confusing and opaque than the jargon-ridden world of online advertising. Which is odd really, since the entire social media edifice – Google, Facebook, Twitter, Snapchat – depends on it. 2017 was the year of the tech-lash, when people and politicians started to push back against tech-led disruption. But there’s potentially a far more significant threat looming for the tech giants: ad fraud.

On one level, online advertising is very simple: you get shown endless adverts as you bounce your way around the net, and an advertiser pays whenever someone either looks at, or – the holy grail! – clicks on one of the damn things. Every year tens of billions of pounds are spent in this war for your attention, and some of the world’s finest minds are engaged. But on another level it’s not simple at all. There are ‘demand side’ platforms that decide which online ad space to buy and for how much (mostly done via some complicated big data analysis); and ‘supply side’ platforms which sell the space to them. The two are matched up on exchange sites which run real-time auctions every millisecond of every day. Whenever you refresh a web-page, a nano-auction is conducted over who will offer the highest amount to show you an advert, which is surely one of the strangest things about the internet.

This system is boring, clever, complicated, automated and opaque all at once. Hardly anyone fully understands how it all fits together, including the advertisers who are paying for it, and regulators who, as far as I can tell, are struggling to get to grips with it. This is a perfect cocktail for online fraudsters who have – of course – rustled up some ingenuous scams. One recent magazine article presented nine types of digital ad fraud, such as cookie stuffing, impression fraud, and domain spoofing. Some website owners create sophisticated proxies which fire meaningless bot traffic at a site to artificially boost their numbers and lure advertisers in. Others ‘stack’ adverts which have no chance of being seen – hiding ads under ads under ads, so although they are running, no-one sees them. A couple of years back one bunch of Russian criminals built thousands of websites, generated a truckload of fake views and clicks via half a million ‘users’ (who were in fact bots) and managed to scoop up roughly £2.3m ($3m) a day in adverts, even though the whole thing was smoke and mirrors. This outright fraud doesn’t even include gentle exaggeration that goes on all the time, such as social media companies generously measuring levels of engagement on their sites.

These factors would surely sink any other industry within a week. According to Cnet, only 38 per cent of traffic on the web is human. One estimate is that only nine per cent of digital adverts have a shot at being seen by a real person. No-one knows for sure, but according to various reports, online ad fraud in 2016 was somewhere between £4bn and £9bn ($6bn to $12bn). Several analysts reckon about 50 per cent of all ad money spent online is basically nicked. Yes: as much as half of the underlying economic model of the free-services-in-exhange-for-ads system that keeps social media afloat could be fraudulent. It’s bonkers this receives so little coverage outside the ad-tech world (where it is talked about incessantly). I put this down to its insomnia-inducing complexity and the fact it’s still new. Perhaps the weirdest thing of all is that hardly anyone ever gets caught – the only significant case I can find was a couple of years back, when an Estonian called Vladimir Tsastsin was sentenced to seven years after raking in millions of dollars from one of these scams over several years. In his recent book, Throwing Rocks at the Google Bus, tech writer Douglas Rushkoff sums this insanity up quite nicely:

“

‘Malware robots watch ads, monitored by automated tracking software that tailors each advertising message to suit the malbots automated habits, in a human free feedback loop of ever narrowing personalisation. Nothing of value is created but billions of dollars are made’

There are lots of reasons this isn’t getting sorted. No one wants to rock the boat too much, and plenty of people still get paid even if it is fraudulent. (Although advertisers always lose). Everyone in the chain seems to think it’s someone else’s responsibility. And for all its faults online advertising still allows far greater nuance and accuracy in terms of targeting a market of people you want to reach. But in the end, if advertisers and marketers start to wonder if their online ad spends are really worth it, it would be an existential threat to some of the big tech firms. And if internet users themselves also get fed up and start downloading ad-blocking software, then the whole thing will be blown to smithereens. This is why companies are upping their efforts on trying to stamp this out, especially the big players like Google, who take this very seriously. They currently have 100 people dedicated to fighting fraud of this kind, and boot anyone off their ad platform if fraud is suspected.

I expect 2018 to be the year when this is either fixed – perhaps there will be some use found for the exciting new block chain technology everyone is talking about but no-one really understands – or it starts to seriously impact the way the internet works. Over the last year, pressure from newspapers and MPs committees has been applied to tech firms to get them to change their behaviour. But we will see that nothing focuses the mind of these companies quite so well as the bottom line.