Online advertising is huge right now.

It generates billions (and counting) every year. In 2017, digital advertising spending had surpassed TV ad spending for the very first time. Naturally, such figures attract questionable individuals in search of an easy buck who realize their cruel intentions through ad fraud.

According to Magna report, in 2017, digital ads brought in $209 billion, which was 41 percent of the ad market out of which around 10 percent are eaten up by ad fraud.

The fact of the matter is — the world of digital advertisement is riddled with leeways for malicious activity with scams and overwhelming busts practically at every corner. Ad fraud is probably one thing that is universally despised by every respectable industry worker.

It is not like it came out of nowhere — ad fraud was always there, but with the rise of ad tech and mass adoption of real-time bidding model, the problem that once was more of a pesky nuisance turned into a dangerous threat capable of seriously damaging companies.

First, let’s explain the basics.

What is ad fraud?

Ad fraud is a type of illegal activity that deliberately exploits various types of advertising technologies and benefits on their flaws.

There are several common types of ad fraud:

Impression fraud — This is more common in mobile fraud. Users don’t see an ad, per se, but advertisers are forced to pay for it through manipulations.

Click fraud — involves bloating of cost per click (CPC) stats through bot and ghost sites. Click fraud involves bloating of cost per click (CPC) stats through bot and ghost sites.

Conversion fraud / action fraud — A more elaborate use of bots that is designed to imitate full cycle up to conversion, but with no actual result.

Pixel stuffing — This i nvolves slight manipulations with ad spaces (in case pixel stuffing ads are invisible, yet present on the page). Technically, they are loaded, but remain unseen. Nevertheless, the advertiser pays.

Ad stacking — Stacking is p lacing ads on top of one another. Upon a visit, an impression is counted anyway, although an ad remains unseen.

Ad injection — Where paid ads get replaced with other ads, hitting both both advertisers and publishers.

Cookie stuffing — A ttaching multiple cookies to user's consent. It is mostly a hit and miss, but heavily affects affiliates who don't get their cut.

Domain spoofing — Selling ad inventory on irrelevant websites that are falsely presented as relevant.

Unlike other types of digital fraud, which have the luxury of being clearly defined — ad fraud is more of a con than anything else. Ad fraud is not directly stealing the money out of an advertisers pocket. Instead, it manipulates an advertiser into spending the ad budget wrongfully so that the fraudster benefits from it.

Why is it possible? Real-time bidding is a complicated process with a lot of moving parts and not the most transparent metrics from all involved parties.

Because of that, it is unclear who is paying for what exactly, even without an ad fraud factor - the figures are always floating in one way or another. This means that, in a way, ad tech is ad fraud-prone.

Why ad tech is attractive for ad fraud?

Ad tech is attractive to fraudsters for two major reasons:

The payouts are huge, and The risks of penalty are eerily limited.

According to the experts from The APP Solutions, both reasons grow out of lacking transparency and trust between industry players. The thing is — every involved party expects dirt.

The whole distortion and obfuscation schtick is incredibly damaging both for the reputation of advertisers and their budgets. Because ad tech a performance-oriented — numbers and results rule. The effectiveness of campaigns is based on what the metrics show — in terms of traffic, impressions, conversions, etc.

However, metrics are fallible. They can be rigged by certain manipulations with the information. This critical flaw is exploited by fraudsters. Sure, there are fail-safe mechanisms that prevent more blatant attempts, but there is always a way to “get on through” and “rig the game.”

Damages of ad fraud

The thing is — ad fraud is a problem that is seemingly never going to go away completely. When one fraud method is exposed, there is always another one coming. It is an endless cycle.

Every year, ad fraud sweeps billions in damages, becoming more and more sophisticated and adopting emerging technologies and unconventional approaches to sneak into advertising ecosystems and do their dirty work.

According to AdAge, every $1 out $3 spent on digital advertising is going into fraudsters' pocket. In 2017, the approximate sum of the damages was $16.4 billion, with expectations that the number is going to rise to $20 billion by the end of 2018. According to Juniper Research, in 2018, advertisers are losing approximately $51 million on ad fraud per day.

However, it is important to understand that ad fraud is not meant to be a destructive factor. It is damaging, but its ultimate goal is to parasite on an ad network. More sophisticated cases of ad fraud are long-running parasites that take their cut little by little.

On the other hand, there are cases of so-called, “Corporate Ad Fraud,” when competitors are trying to cause as much damage as possible in a concentrated hit. However, from a technical standpoint, both are fought with the same methods.

10 strategies to decrease ad fraud risk

Below I have provided you with 10 strategies that will help you decrease ad fraud risk.

1. Know your enemy

The first step in fighting ad fraud is to know how it affects your campaigns. There are several red flags that can be signs of something fishy going on in your campaign.

Let's go through them:

Lacking performance is probably the most obvious sign that something is going south. It is especially easy to detect by comparing different channels (for example, on-site ads and Facebook marketing ).

Poor on-site analytics is another disturbing call. If such metrics as bounce rate and session durations take a nosedive while the overall amount of sessions is growing - it is almost a guarantee of ad fraud happening.

Anomalous click-through rate (CTR) often occurs in spikes through click fraud. If there are certain ads that deliver more than expected without reasonable explanation while others under similar circumstances are floundering - it is better to investigate the activity.

Suspicious IP addresses can be caused by traffic fraud. In cases of traffic fraud, IP's often originate from data centers instead of real stations. By identifying such, you can blacklist them and cut off your campaign.

All this information can be gathered from marketing automation software such as Hubspot or Marketo.

2. Know your metrics

The next step in effectively fighting against ad fraud is to closely study your metrics. Numbers can be rigged, and that is easy to spot in comparison.

While it may seem obvious, there is a reason to do it — metrics provide you with the context of a situation that constitutes the big picture of your ad campaign.

Here’s what you need to check:

Typical CTR,

Standard bounce rate,

Typical session time, and

Realistic conversation rates over different channels.

These metrics serve as a background against which you can compare any sudden spikes of activity and conversions.

It is much easier to detect suspicious activity if you know that this kind of spike is out of the ordinary.

3. Avoid easy-to-fake ad goals

Easy-to-fake goals are the ones that bring you direct benefit (i.e. impressions and clicks). These are proxy metrics that do not guarantee actual business gains (i.e. conversions in the form of sales, subscriptions, and so on).

Coincidentally, these metrics are also among the most sensible to ad fraud. Because of that, it is unreasonable to build your campaign goals around them.

While it is not a guarantee to fully avoid the effects of ad fraud — making more tangible goals can help lessen the impact of ad fraud to a minimum.

4. Pay for ad performance, not clicks

As a direct aftermath of choosing easy-to-fake goals comes paying for the wrong thing (i.e. clicks and not the actual performance). It is one of the most common mistakes made by advertisers.

The thing is — numbers are easy to rig. It is not a big deal to paint a satisfying figure or augment it with the help of bots, then demand pay because formal requirements are met.

It is much harder to pay from fraudulent results if you are aiming at something more tangible, such as conversions or purchases.

These things are harder to fake in a convincing manner. Therefore, it is much easier to filter which results will be paid for and which will be discarded.

5. Use diverse methods of fraud detection

Because ad fraud is a sprawling and multi-faceted process, it requires a similarly multi-faceted approach to its detection.

There are three major methods used in ad fraud detection:

Signature-based method uses a set of patterns to detect suspicious actions, impressions, clicks, or traffic. It compares patterns with the monitored activity and determines whether it is suspicious and worthy of further investigation. In result, fraudulent activity can be shut off before it settles in.

Anomaly-based uses statistical analysis and historical data to check ad spaces, websites, or publishers. This helps it detect questionable happenings, such as suspiciously spiking traffic, odd ad space placements, and other things of interest.

Credential-based is a method that studies digital credentials of the suspicious websites (its registration data, ranking, tagging, types of activity, etc.) to determine it has potential for generating fraud activity. Credentials are analyzed through combined methods of reverse crawling, thorough checks of the content, and tagging. This method also includes study of the site’s position on trustworthy rankings, like Alexa .

6. Use universal whitelist and blacklist domains

IP blocking is one of the most effective ways of making ad fraud operations ineffective for a time being. One of the ways to maintain continuity with this effort is to keep a twofold domain list — whitelist and blacklist.

Whitelist contains sites that are verified as trustworthy and effective — the ones you specifically target.

Blacklist contains websites that are considered discredited with various types of fraud spotted. The blacklist can also contain IP addresses of identified bots.

However, using whitelists and blacklists is not really an effective solution on its own. It is mostly a catch-up that can serve as a solid shield for already identified threats.

You can check out suspicious domain on sites like MxToolBox.

7. Use ad verification vendor

Ad verification vendor provides an additional layer of protection against ad fraud. Basically, it helps to identify cracks in your anti-ad fraud armor.

Vendors provide performance insights with various metrics, such as viewability and invalid traffic.

With the assistance of these tools, you can shut down low-quality publishers and websites while performing a thorough campaign audit, which can be subsequently used in the optimization of the campaign.

Among the most trusted Ad Verification Vendors are DoubleVerify, Moat and comScore.

8. Use ads.txt

Ad arbitrage is a process of third-party buying, repackaging, and reselling impressions that is highly fraud-prone.

Ads.txt is a fool-proof solution in keeping your ads from being used in fraudulent activities.

Ads.txt has authorized digital sellers developed by IAB Technology Labs that helps to prevent illegitimate inventory arbitrage and some forms of domain spoofing. It is a text-file, similar to robots.txt, designed to make certain ad tech processes more transparent and trustworthy.

What does ads.txt do to lessen an impact? Ads.txt files contain data on the parties involved in a particular ad tech operation (i.e. SSP, DSP, Ad Exchange, etc) — basically, it is a certificate of a partnership.

With an ads.txt file in the root domain — web crawlers can see the relations of particular actors of the operations. Ads.txt can also be used as an ID reference in real-time bidding requests. As such, it can indirectly block the unverified side from interacting with the rest.

Companies, such as AppNexus, are providing handy Ads.txt validator tools that simplify the implementation process.

In July 2018, Google allowed advertisers to buy ads.txt authorized inventory exclusively, which seriously increased the influence of ads.txt.

9. Build trust and transparency

One of the ways to lessen the risks of getting hit by ad fraud is working with trustworthy ad server networks that have a reputation of ones that deliver the goods.

Sure, it limits the choice to the big boys of the segment (i.e. Google, Bing, DoubleClick, Facebook, etc), but, at the very least, it guarantees that you won’t get trapped in the swamp of fraud with swarms of bots.

On the other hand, it is very useful to maintain transparency with your partners and demand it from each involved party.

More detailed reports and a more open approach to operations might be a solution. Although, this is rather challenging due to a lack of stability in the digital ad market.

Implementation of blockchain is a potential game changer, but the technology is yet to be capable of operating in ad tech scopes.

TIP: Ready to implement blockchain? Check out the highest rated blockchain platform software here!

10. Apply artificial intelligence (AI) machine learning solutions

One of the common threats of ad fraud is that it is constantly evolving, prompting you to adapt to its current state in order to minimize its effect on your marketing operation.

It is a tiresome process filled with trials and fails that require a lot of effort.

In addition, efficient fraudulent activity detection requires processing huge amounts of data, which takes precious time.

Hopefully, the rapid development of machine learning software makes the fight against ad fraud a lot easier and much more efficient.

How? There is a song by Daft Punk titled “Harder, Better, Faster, Stronger” — that is a rather accurate description of what AI and machine learning bring to the table.

Not only is artificial intelligence software able to sift through the stream of data faster, but machine learning enables more effective results with each coming round.

Solutions like Forensiq and AppsFlyer are implementing elements of AI and machine learning to their stacks, and it seems like the technology is here to stay.

However, it should be noted that machine learning versus ad fraud is still in the process of finding its feet.

In Conclusion - Ad fraud is a big problem

At the moment, ad fraud remains one of the biggest problems of an advertising industry. Even with aforementioned methods of fighting back— it still runs berserk over an industry, poisoning thousands of advertising ecosystems and causing millions of dollars in damages in the process.

On the other hand, ad fraud is one of the reasons why advertisers moved away from simple ad campaigns and toward ones more demanding and hard to fake. This necessity made digital advertising much better, and that wouldn't have been possible if not for massive ad fraud onslaught.

Hopefully, with the development of technologies and implementation of new legislation— things will change, and, one day, we will talk about ad fraud as a thing of the distant past.