comScore's Anne Hunter comScore / YouTube One of the worst kept secrets of online advertising is that it is riddled with fraud. Talk privately to execs in the world of web and mobile adtech, and they'll agree that fraud is routine stuff.

But it's unusual to hear them say it out loud, on the record. That just happened at a panel in New York hosted by Magnetic, an adtech company.

Generally, in the web ad business, people agree that adtech fraud looks like this: Publishers buy traffic from dubious sources so their numbers look better. Ad networks offer inventory from publishers that no one has ever heard of. Botnets click on everything, juicing the numbers. And ads are served in places where even legit consumers can't see them — "below the fold" of the screen they're looking at, or in "pop-unders" that appear behind their screens. Ad agency trading desks fail to report to their clients how much bogus inventory they're buying. And clients don't seem to care that their money is being wasted because the campaigns appear to be performing well — look at all those clicks! Estimates vary, but perhaps $7 million a month is wasted on adtech fraud.

Speaking on the Magnetic panel were James Green, CEO of Magnetic; Anne Hunter, SVP of global marketing strategy at comScore; Brian Gleason, managing director, North America, Xaxis; David Hahn, SVP of product management, Integral Ad Science; and Walter Knapp, COO of Federated Media Publishing.

Industry blog AdExchanger attended, and produced a terrific transcript. We've excerpted the transcript to highlight only on the bits where they mentioned fraud ... and it's eye-popping.

Xaxis' Gleason: Where there’s money, there’s fraud. Until we do bring standards, the reality is that there will be fraud. ... If I’m not paying attention to what I’m buying programmatically, it can be wrought with fraud. It’s up to me to be able to put the mechanisms in place to prevent it.

Federated's Knapp: There’s a degree of fraudulent traffic on [premium publisher] sites (ESPN and The New York Times were two examples the moderator chose for reference purposes). But it’s not like someone goes out intentionally at ESPN to buy fraudulent traffic. There’s a legitimate strategy to buy search engine marketing and there’s a legitimate strategy to go ask for somebody to generate traffic from our site. Almost every large site does that and some of those people work with other brokers that help drive traffic and one of those guys is incented on driving traffic to a site and therefore buys traffic from some dude in Kazakhstan.

Integral's Hahn: I think what we see from our data, in millions of impressions every month, is typically sites like ESPN or The New York Times have much lower degrees of fraud. They don’t need to buy as much traffic or do these audience extension networks. ... I don’t want to say The New York Times or ESPN are riddled with fraud. It’s a fraction of traffic and it happens rarely. Less than 3% [of those who] typically sell their media have instances of fraud, whereas in the exchange world, sometimes see as high as 30%.

comScore's Hunter: We have data working with premium publishers and data working with networks and exchanges. Fraud happens to premium publishers, usually not by them. They want to be in the comScore 100 and they come to us and say, ‘We have all this real traffic,’ and we work with them to understand how they’re being frauded and getting traffic they don’t want or intend to get. It’s often a surprise, but very quickly resolved.