Endpoint
12/9/2013
02:34 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Best Practices For Reducing Traffic Fraud Risk Unveiled By IAB

IAB is also publishing “Digital Simplified: Understanding Traffic Fraud,” an educational backgrounder on how digital advertising fraud takes place

NEW YORK, NY (December 5, 2013) -- Fraudulent traffic has reached critical levels across the digital advertising ecosystem, and in response the Interactive Advertising Bureau (IAB) and its Traffic of Good Intent Task Force have released "Best Practices – Traffic Fraud: Reducing Risk to Exposure" to meet this challenge. Entering the public comment phase today, the best practices explain how robotic traffic (aka "bots") can infiltrate legitimate publisher inventory. Accordingly, it provides premium publishers and networks, as well as buyers, with specific recommendations.

"The companies that participate in the digital advertising supply chain have been struggling with how to handle criminal enterprises intent on gaming the system," said Steve Sullivan, Vice President, Advertising Technology, IAB. "These fraudsters are diluting the value of all legitimate inventory while simultaneously diminishing the integrity of the entire digital marketing industry. The introduction of these best practices is a first step in reducing the marketplace repercussions of these illegal activities."

"When only a handful of companies act to reduce fraud, the criminals win. We need to band together to effectively put a stop to the destruction of our industry at the hands of racketeers," said John Battelle, Founder and Chairman, Federated Media, and co-Chair of the IAB Traffic of Good Intent Task Force. "Even the most scrupulous publishers and networks can be hit with non-intentional traffic propagated by criminals. If we want to truly address the problem, it is incumbent upon all stakeholders to embrace uniform levels of vigilance."

In tandem with release of the best practices for public comment, IAB is also publishing "Digital Simplified: Understanding Traffic Fraud," an educational backgrounder on how digital advertising fraud takes place and why industry leaders should take action to eradicate this criminal activity.

"One of the challenges of dealing with traffic fraud is its inherent complexity," said Tom Phillips, CEO of Dstillery and co-Chair of the IAB Traffic of Good Intent Task Force. "There's no magic bullet for eliminating fraudulent traffic, because there's no single method by which criminals exploit the digital advertising system. We've prepared this overview of the issue and a set of best practices to start the industry on a path to root out these corrupt practices."

For a full copy of "Best Practices – Traffic Fraud: Reducing Risk to Exposure," and to view "Digital Simplified: Understanding Traffic Fraud," go to iab.net/trafficofgoodintent.

The public comment period for the best practices is open until January 10, 2013. Please submit any feedback to Steve Sullivan at steve@iab.net prior to the deadline.

About the IAB

The Interactive Advertising Bureau (IAB) is comprised of more than 500 leading media and technology companies that are responsible for selling 86% of online advertising in the United States. On behalf of its members, the IAB is dedicated to the growth of the interactive advertising marketplace, of interactive's share of total marketing spend, and of its members' share of total marketing spend. The IAB educates marketers, agencies, media companies and the wider business community about the value of interactive advertising. Working with its member companies, the IAB evaluates and recommends standards and practices and fields critical research on interactive advertising. Founded in 1996, the IAB is headquartered in New York City with a Public Policy office in Washington, D.C. For more information, please visit iab.net.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web