Ad Fraud Detection and Prevention Mechanisms

Overview

Digital advertising is one of the sources of revenue for both the advertisers and indeed the publishers/affiliates.

Knowing the targets of cyber criminals in the processing of the Ads is very important in the early detection and thus, prevention of ad fraud

While advertisers earn revenue from the increased traffic to their websites which is directly because of the actions [conversion into buyers] of the visitors/users when they browse the publisher’s website and follow the advert placed there; yet the publishers are paid for the impressions/clicks generated from the advertisement they display on their websites on behalf of the advertisers.

However, digital advertising is not immune to fraud, and as such, its large-scale adoption coupled with its significant revenue potential has made it a very attractive and frequent target to numerous cyber criminals gangs.

Typically, Ad fraud has increasingly become widespread and hence a big challenge for the online advertising industry. It was reported to cost advertisers about $ 34 billion in 2020 and is predicted to increase to about $ 87 billion by the end of 2022.

>>>>>>>>>>>>>>>> For a detailed understanding of the revenue potential of online/digital advertising for both advertisers and publishers check here >>>>>>.

In understanding Ad fraud, one must also understand how the advertising process proceeds: Typically, the first step in the process involves placing an advert on the publishers’ websites. Here, the location and number of the adverts become a critical issue.

Secondly, what happens when the visitor/user clicks on the advertisement? The aim of this activity is to direct the users/visitors to the advertisers’ page. Therefore, the outcome is to increase traffic to the advertisers’ websites.

Thirdly, is the action of the visitors/users after landing on the target advertisers’ page (s). Will he/she take any action and which action will he/she take? If the visitors/users make purchases, then conversions of visitors to customers have been realized by the advertisers and hence revenue earned.

This means that the more visitors/users are directed to the target page, the more of the number that land there will convert into buyers and the more revenue to both the advertisers and the publishers.

The fraudsters target these steps in the processing of an online advertisement to commit cybercrime. Hence, ad fraud is currently categorized into three major classes, namely, Placement Ad fraud, Traffic ad fraud, and Action ad fraud, respectively.

>>>>>>For details on how each of these categories is performed, please check here <<<<<<<<

Knowing the targets of cyber criminals in the processing of the Ads is very important in the early detection and thus, prevention of ad fraud. This is very important for both Advertisers and Publishers. Since Advertisers place a big budget on advertisement campaigns, they ought to be even more alert to ads. Ads fraud.

That this is very important for Advertisers stems from the fact that in some Ad frauds, even the Publishers participate fully!!

Detection of Ads Fraud.

Several tools have been developed to detect Ad fraud and they are several commercial companies as well as Academic entities that have invested in the development and deployment of tools/programs/systems to solve this problem of ad fraud.

As the processing of an advertisement follows three major steps, highlighted earlier, what I am about to let you know i.e., the detection tools for ad fraud, are also going to be explored along those processing levels: Placement fraud, Traffic fraud, and finally, Action fraud detection tools/programs/system, respectively. Thereafter, I will show you what approaches/tools have been developed to prevent them.

Detection of Placement Ad frauds

As explained earlier, placement ad fraud can take any of these forms: a) Malvertising [whereby advertising malware is injected into the publishers’ website to lure the user/visitor to register and then re-directed to malicious sites to generate inflated impressions]; b) Stuffing or stacking keywords/pixel [whereby keywords or pixel is stuffed such that it is not visible to the naked eyes, c) Domain spoofing [whereby fraudsters create fake sites that mimic real authentic sites with an aim of either stealing identity information or account credentials] d) Malware and toolbars [whereby the malware could be injected in the user’s/visitor’s computer and used later by the fraudster to inject and Ad window on the publisher’s site that is being viewed by the user/visitor to create fraudulent impressions and e) Ad Tag misrepresentation [whereby Ad Tags are targeted in the bid auction].

Most of the tools available, as we shall see shortly, are very effective in detecting traffic ad fraud. However, the tools offered by Integral Ad Science (IAS) Inc., Forensiq Inc., DoubleVerify (DV) Inc., and White Ops Inc. can detect some forms of placement ad fraud, in addition to traffic ad fraud as well as action ad fraud (Forensiq. Inc. tools).

  • Integral Ad Science (IAS) Inc.

Integral Ad Science (IAS) Inc. technology is my first on the list of companies that supply tools that can detect Ad fraud at the level of Ad-placement. It does so by validating the quality of Ad placements. Typically, the company uses Ad verification, optimization, and analytics solutions, including massive-scale web page classification using “active testing” to validate the quality of online Ad placements for both media buyers (advertisers) and sellers (Publishers).

Besides, IAS offers a variety of customized products to marketers, programmatic players, and media sellers, and is known for addressing issues around fraud, Ad viewability, brand risk, and TRAQ (true advertising quality).

Specifically developed by IAS, TRAQ, which is a unique Ad quality scoring system, provides scores ranging from 250 to 1,000, to both buyers and sellers, which in turn, these entities are used to value media by assessing such metrics as: brand safety, Ad fraud, page content and structure, time viewed, the share of view, and Ad clutter, among others.
Integral Science Inc (ISA) is a member of the Interactive Advertising Bureau and works with the “Brand Integrity Program Against Piracy” initiative by the Trustworthy Accountability Group.

  • Forensiq Inc. Detection system

The Forensiq Inc., detection system work for all stages of the Ad campaign i.e., at all three processing levels, namely; pre-campaign [at placement], in-campaign [during traffic], and post-campaign [during and after the action is taken].

It should, however, be emphasized here that Advertisers place Ads on Publishers’ websites that are popular and thus with huge traffic.

In an Ad-ecosystem, the publishers (or suppliers) rely on the Supply Side Platforms (SSPs), which manage the publisher’s inventory (i.e., the available Ad space) and sell it in multiple ad networks and exchanges.

On the Advertiser’s side (or the demand side), they rely on the Demand Side Platforms (DSPs), which act as Advertiser’s agents /representatives in multiple ad networks and exchanges, where they actively participate in selecting the right audiences as well as the most appropriate media to represent the advertiser’s Ads.

Having highlighted the demand and supply entities in an Ad-ecosystem, this is how Forensiq. Inc. system can help in the detection of placement ad fraud. In the pre-campaign fraud detection, the Forensiq system scores each of the impressions to determine the level of risk for each of the impressions within 10ms. This is done before DSP sends out the bid to the SSP. This kind of pre-bid fraud detection is based on aggregate data and IP reputation from an evolving fraud intelligence database.

Moreover, Forensiq Inc.’s fraud analysis and detection system is powered by Machine Learning Technology, which enables it to parse (resolve) and assess data to make decisions without human input. Forensiq system learns from the billions of requests being processed to identify new scoring parameters and malicious patterns, to determine which type of fraud is being committed.

Because the Forensiq system uses a multilayer approach in processing these billions of requests, it can detect all types of traffic including traffic generated by fraudsters. This system can detect placement fraud such as keyword stuffing or stacking, fraudulent Ad injection, unwanted bots, and other activities that fraudsters can think of doing before and during ad placement.

I hasten to add that the Forensiq system is more of value to Advertisers. No wonder, it is accredited by the Media Rating Council (MRC), so I do advise advertisers to seek the services of Forensiq Inc.

  • DoubleVerify (DV) Inc. And its Pinnacle platform

DoubleVerify (DV) offers a unified service and performance platform, Pinnacle, which evaluates the quality of each impression delivered and the net result of each quality measure, such as the percentage of viewable impressions, fraud-free impressions, brand-safe impressions, and in geo-targeting impressions, among others.

The capabilities of Pinnacle, enable DV to offer customized services for all stakeholders in the Ad ecosystem. For instance, for advertisers and agencies, DV Pinnacle identifies, with great accuracy/ precision, optimization actions to drive the return on investment (ROI) for in-flight campaigns.

For publishers and Ad networks, Pinnacle allows the optimization of the yield of the inventory (available Ad spaces) by delivering quality traffic to clients.

On the sides of DSP and Ad exchanges, Pinnacle authenticates the quality of pre-bid decisions with the transparency necessary for quality inventory control. To achieve this, DoubleVerify.s Pinnacle, uses extensive cookie-based and fingerprinting-based tracking for impression analysis and validation.

In a nutshell, Pinnacle can be deployed to protect the Ad-ecosystem from encroachment by fraudsters before any placement of the Ads is done, which should be desirable to advertisers. The same tool ensures that there is quality ad space for publishers to avail advertisers, in tandem with the available traffic to their websites.

  • White Ops Inc. detection system

White Ops Inc. is the second company I have identified to have ad fraud detection technology, which can be valuable in the detection of Ad placement fraud. One of the placement fraud sub-categories, malware and toolbars, malware and malicious toolbars are installed on the visitor’s computer and then remotely controlled by the fraudster to generate fake impressions.

White Ops technology detects this remote-control system that fraudsters are used to communicate with the malware installed on the visitor’s computer and then any fraudulent activity is detected. Moreover, the White Ops technology can also detect bot-generated traffic and hence differentiate between human and non-human activities.

This technology would serve well publishers and advertisers. For Publishers, fraudsters falsely make it appear as though fraudulently generated impressions are coming from genuine publishers and hence if the advertisers were to make any purchases, then the publisher would lose out. For advertisers, this kind of fraud, if not checked, would result in them paying for impressions/clicks which would not convert into purchases, hence draining their ads-campaign budget.

Ad Traffic Fraud Detection

A number of commercial companies offer fraud detection at the traffic level and included are: Are You A Human (AYAH) Inc., Double Verify (DV) Inc., Forensiq Inc., Integral Ad Science (IAS) Inc., Moat Inc., ValidClick Inc., and White Ops, among others.

  • Are You A Human” (AYAH) Inc.

The AYAH tool is essentially a human verification tool and when deployed helps to differentiate human generated from bot traffic. Once this is achieved, any of the third parties can effectively block the traffic generated by bots. The tool operates by collecting and analyzing users’ behaviors by placing codes on millions of sites. To verify genuine human users/visitors, a unique feature used by AYAH is a game-based CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) [https://support.google.com/a/answer/1217728?hl=en].

A CAPTCHA test tool is composed of two simple parts, namely, a randomly generated sequence of letters and/or numbers that appear as a distorted image, and a text box. To prove that you are human [in other words to pass the test], you will be required to simply type the characters you see in the image into the text box. The task is easy, yet fun, for genuine human users, but rather difficult for non-human users, such as bots.

Once a user/visitor is verified as a human, information will be added to a “Verified Human Whitelist” and re-verified from day to day.

As effective as CAPTCHA is in differentiating humans from non-human users/visitors, it is becoming susceptible, and thus can be cracked by machine learning and artificial intelligence techniques. Typically, machine learning and artificial intelligence have been demonstrated to have capabilities of attacking the segmentation and the recognition problems, crucial in the operation of this tool, simultaneously.

Moreover, as a detector of Traffic ad fraud, it may not be effective in the detection of non-bots implemented scams such as Impression fraud and click fraud, where real humans are hired to manually view and click on the advert to increase both impressions and clicks.

  • Forensiq Inc.

As pointed out above, Forensiq Inc. provides a fraud detection system working for all stages of the Ad campaign, i.e., at all three processing levels, namely; pre-campaign [at placement], in-campaign [during traffic], and post-campaign [during and after the action is taken]. The Forensiq tool/program/system is also useful in detecting fraud at the traffic or in-campaign level i.e., after placing the advertisement on the pages of the publisher. You may want to know how it does it. Continue reading please:

For In-campaign fraud detection a forensiq tag, which is a JavaScript tag is inserted either into publishers’ websites or Ads, will track the impressions and obtain real-time scores.

  • Moat Inc.

Moat offers real-time Ad analytics in addition to providing a variety of Ad performance metrics including: viewability assessment, non-human traffic detection, audience characterization, and audience attention and engagement evaluation. To achieve these goals, Moat uses a combination of pixels, JavaScript, and browser signals, to count ad impressions; detect, measure, and filter invalid (non-human) traffic; measure attention and determine the context of the environment in which an ad is placed. These metrics not only validate the Ad impressions but also are useful in assessing the audience. Moreover, both advertisers and publishers would confirm that ads are shown to real people in environments that are brand safe and would also be able to measure the attention paid to the ads.

This anti-ad fraud platform would better serve to detect bot-generated impressions as well as clicks.

ValidClick Inc.

Targeting specifically affiliate networks, ValidClick Inc., develops a real-time click fraud detection system. The system is designed to serve entities in the affiliate ecosystem, namely: the visitors, the affiliate websites, the click verification web server, and the advertisers.

In its operation, each time a visitor makes a request on the affiliate website, the affiliate/publisher will make another request to the click verification web server, along with the visitor’s request information, IP address, and agent browser information.

In turn, the click verification web server will send visitor’s request information to the advertiser, in order to obtain the relative advertisement.

Once the advertisement is obtained, the Click verification web server will generate and store a verification ID for each advertisement. Additionally, the URL of the advertisement, the visitor’s IP address, and agent browser information will be stored in the click verification web server’s database. Thereafter, the advertisement will be on the affiliate website through the click verification web server.

In the meantime, a client-side script provided by the click verification web server will be executed on the affiliate website when certain events are triggered by visitors such as on mouseover event. Thus, verification ID, visitor’s IP address and agent browser information, size of the browser window, and name of the web page will be sent and stored in the click verification web server’s database.

So, when a visitor clicks the advertisement, the requested information along with the URL of the advertisement is sent to the click verification web server. Then, the information that was stored in the database will be retrieved according to the URL of the advertisement. Based on this information, the click verification web server will check the validity of this click by examining rules set up for affiliates to see if the browser window is sufficiently large or the IP address is from suspicious countries or regions

This Ad fraud tool would be valuable in the detection of both impression and click fraud, especially, that is generated by botnets. Approaches involving the hiring of genuine human labor to click on an advertisement, may not be detected.

Detection of Action Ad Fraud

  • Forensiq Inc.

As pointed out above, Forensiq Inc. provides a fraud detection system working for all stages of the Ad campaign, i.e., at all three processing levels, namely; pre-campaign [at placement], in-campaign [during traffic], and post-campaign [during and after the action is taken].

The Forensiq tool/program/system is also useful in detecting fraud at the action or post-campaign level i.e., the action of visitors/users after they land on the target pages of the advertiser. You may want to know how it does it. Continue reading please:

For Action/post-campaign fraud detection, some of the in-campaign mechanisms may be employed in addition to the following:

  • overall data is collected and analyzed such that any risks from the Ad-campaign are identified through a risk-scoring system;
  • any fraud trends detected from the collected and analyzed data.

Overall Opinion on the Ad fraud detection tools:

I have shown you some of the tools being used to detect Ad fraud at various levels on the Ad processing trail and shown you the effectiveness of various tools.

What I can say is that the general opinion is to be able to detect fraud either before or at the time of placement of the ads. As you can observe, I have shown four companies offering tools for this purpose.

While it is very important to detect ads at the placement level, some approaches to fraud may circumvent detection, especially where real humans are hired to participate in the inflation of impressions/clicks. It is pertinent that fraud is detected even after this has been done.

Forensiq Inc. system seems to offer overall detection since it will provide a review of the campaign to identify the probable gaps.

It will be good, especially for advertisers, to deploy this system before going for any Ad-campaigns, because it provided an all-around solution to Ad fraud detection.

Ad fraud Prevention Mechanisms:

As we have seen, Ad fraud is very complex crime which can be committed by those who should fight it, in the first place!! For instance, both the publishers/affiliates and the advertisers/merchants, have been found to get involved in click fraud, especially, in the CPC/PPC Ad ecosystem mainly because CPC/PPC campaigns dominate the Ad networks. With these campaigns, both the publishers and the advertisers may operate with diverse motives: while publishers work for increasing traffic and hence the number of clicks, the advertisers must deal with competitors and thus maximize conversions on their sites.

>>>>>>>> For details classification and characterization of ad fraud, please check here<<<<<

Because of such possibilities, to effectively prevent fraud in a digital advertising environment, a comprehensive across-the-board endeavor is required to force all parties to follow proper advertising strategies and increase public awareness of the unethical motivators that bring fraud into the ad ecosystem.
For simplicity, I will divide the approach to the prevention of Ad fraud into two major categories: Prevention at the operational level and prevention at the technical level.

Prevention at Operational Level

At the operational level, the following ought to be observed:

  • The ad banner viewability on the ad-serving platforms should be studied,
  • The web pages should be arranged in a way that it is easy to identify potential placement vulnerabilities fraudsters may seek after,
  • As Google AdSense suggests, ads should be placed closer to the contents of the host web page; yet remain completely distinguishable from the main web page contents so as not to misguide users.
  • Google AdMob goes on to advise that putting many ad placements on one single page increases the possibility of stuffing and stacking fraud and should thus be avoided. Thus, Google AdMob recommends not placing ads in areas that can be easily clicked on by accident.
  • Avoiding click inflation fraud conducted by the publisher. Advertisers must verify the publishers’ identification before making any decision (such as signing them up in the ad network). As we have seen above any of the detection tools that can identify pre-placement activities ought to be used.
  • Advertisers should focus more on visitors’/users’ actions other than just on the raw number of impressions provided by publishers. In other words, before making any decisions as to whether they should place adverts on the publishers’ web pages, advertisers should go beyond just the viewability and demand full transparency about the source of each ad impression.
  • A novel reverse proxy approach innovated by Distil Networks, may be deployed by advertisers, which would inspect each HTTP request in real time and determines if it is generated by a bot or not.
  • All parties in the ad ecosystem should regularly update and deploy IP blacklisting to prevent displaying of ads to those IPs. Notably, entities behind blacklisted IPs would likely produce fraudulent impressions, clicks, or other more involved actions.

Prevention at the Technical Level

Prevention at the technical level: I call these ad fraud preventive mechanisms technical because they are more technology-based and provide more comprehensive solutions for the prevention of fraud in ad platforms. They are classified into the following four categories: honeypot-based, signature-based, anomaly-based, and credential-based prevention mechanisms.

  • Honeypot-based prevention approach
    (i.e., bluff ads): is a mechanism whereby, the Ad server [Advertisers] intentionally serve a number of carefully defined bluff Ads to publishers. Notably, these bluffs or honeypot ads are known to be unrecognizable [i.e., they are either too small or transparent] by human users. So, if bluff Ads result in such interactions as click events, it will have contradicted the assumption that they are unrecognizable and thus signal fraudulent activities in the ad system. The different conversion rates between the bluff-ads and the legitimate-ads can be used as an indicator to detect ongoing fraudulent activities.
  • Signature-based prevention approach: In this type of prevention approach, predefined features/patterns are used to find malicious impressions or traffic. In other words, malicious traffic and bogus impressions are identified and prevented by hunting specific patterns or features in the traffic. For example, a typical signature could be a click count on published ads in order to detect duplicate clicks. Moreover, it has also been found that if a client-side code execution is inconsistent with known models (such as JavaScript), it is very likely that the traffic is not generated by real human users but by a bot. So, by testing code execution environments, such as JavaScript support or mouse event test, it is possible to filter out a significant portion of fraudulent traffic.
  • Anomaly-based prevention technique: This prevention approach applies statistical analysis and historical data to identify and detect suspicious ad placements, suspicious websites, and publishers with abnormal traffic when compared to generic user traffic. For instance, if the average probability of click events in displaying advertisement were roughly 0.2%, meaning that on average there are about 2 click events on every 1000 impressions, then if a Publisher’s website shows significantly higher click-through rates, should raise red flag, thus requiring further investigation to rule out or to confirm any fraudulent activities.
  • Credential-based prevention mechanism: This prevention mechanism, which is also known as Website Popularity or Page Ranking, relies on assessing the creditability of the publishers to discover the authenticity of their web page contents or the number of impressions they generate. Typically, to assess the credentials of a publisher, DSPs of the Ad networks or Advertisers can use reverse crawling to find the content of web pages and verify that the content matches the tags associated with the impression submitted for auction. Alternatively, one can also use the number of impressions generated from a publisher’s web pages and compare their value with trusted website rankings such as Alexa or RangeRank. If a publisher’s website generates more impressions than its traffic ranking, this will imply the existence of potentially fraudulent activities on the publisher’s website.

Conclusion

Briefly, I have tried to highlight the major detection strategies that advertisers and to some extent publishers should use in order to check for any fraudulent activities taking place within the Ad ecosystem. I have also provided a modest list of commercial companies that are devoted to developing technology for detection of fraud at an early stage such that the transaction goes on smoothly and more so for advertisers and publishers to get return on their investments.

What is paramount, however, in the prevention of ad fraud, is both Advertisers and publishers exhibiting high level of honesty to each other. This will mean that there will be mutual cooperation in fighting a common enemy, the fraudsters.

For more details on Ad fraud detection and prevention the following source could be consulted:

https://doi.org/10.3390/jcp1040039
If you have any comments or questions, please leave them in the
comment/question box below and I will make sure you get answered
(probably within 1 hour). Thank you.

Cheers

Joseph Hawumba

10 thoughts on “Ad Fraud Detection and Prevention Mechanisms”

  1. Hello and thanks so much for sharing, you are so right about what you said. In this line of work, I have heard of so much scammers that seek to take your hard-earned dollar. One sure sight of a scammer is if it sounds too good to be true then a red flag should go up then an investigation should follow. Thanks again for sounding the alarm and making us aware.

    Reply
  2. Hi Joseph,

    What a comprehensive guide on a topic which I, as a publisher, have never paid attention. However, it was always worrisome to work in the digital space. 

    The article covers almost all aspects of Ad Fraud giving me a great insight into what are the factors we should keep an eye on- probably an high bounce rate does mean something. It may not be just because of huge number of visitors clicking on our affiliate links.

    I use only Adsense trusting Googles fraud detection programs. However, tools like APT surely gives more confidence to venture put further in the field.

    Thanks for writing this great article which is a well laid out guide for anyone using ad as a source of revenue.

    Best Regards,

    Rohit 

    Reply
    • Hi, Rohit, thank you for this valuable addition to what I have provided. Indeed AdSense of google is safe. However, if you consider placing Ads on another website, i.e, if you become the advertiser, then maximum care has to be exercised to rule out fraudulent activities. Thank you once again.

      Reply
  3. Hello and many thanks for sharing about Ad Fraud Detecetion and Prevention; you are absolutely correct in all that you said. I’ve heard of a lot of con artists in this line of employment who want to steal your hard-earned money.

    If anything seems too wonderful to be true, that is one solid sign of a con artist, and an investigation should be launched.

    Nearly every facet of ad fraud is covered in the essay, which has given me fantastic insight into the things we should watch out for.

    For example, a high bounce rate probably does indicate something.

    It might not just be because so many people are clicking on our affiliate links.

    Great and informative post!

    Reply
    • Hi, Valdez, thank you for the comment and observation. True, not all impressions come from visitors. If they are so many, then one is to think twice and investigate. Thank you once again.

      Reply
  4. Everything about this article is very interesting and worth reading over and over, because there are a few things that I dont understand yet, but I will use it as a future reference. I chose Google Adsense for advertisement and this I needed to figure out by myself on where to place my ads. I have now switched to Monumetrics and everything is done for me now, I hope that there will be no fraud at their end and that they will protect my website. thank you for this information

    Reply
    • You are welcome, Lizzy. You may not have problems with AdSense. But problems start when you are the one placing adverts on other sites and you are to pay!! There you need to be very careful concerning Ad fraud. Thank you once again

      Reply
  5. Everything about this article is very interesting and worth reading over and over, you are so right about what you said,I choose Google Adsense for advertisement and I needed to figure out by myself where to place my ads.

    Thanks for this great article which is a well-laid-out guide for anyone using ads as a source of revenue.

    Best Regards,

    Reply
    • Hi, Kayode, thank you for your appreciation. Ad fraud is real and early detection is crucial for effective prevention. Thank you, once again

      Reply

Leave a Comment