Endpoint
12/9/2013
02:34 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Best Practices For Reducing Traffic Fraud Risk Unveiled By IAB

IAB is also publishing “Digital Simplified: Understanding Traffic Fraud,” an educational backgrounder on how digital advertising fraud takes place

NEW YORK, NY (December 5, 2013) -- Fraudulent traffic has reached critical levels across the digital advertising ecosystem, and in response the Interactive Advertising Bureau (IAB) and its Traffic of Good Intent Task Force have released "Best Practices – Traffic Fraud: Reducing Risk to Exposure" to meet this challenge. Entering the public comment phase today, the best practices explain how robotic traffic (aka "bots") can infiltrate legitimate publisher inventory. Accordingly, it provides premium publishers and networks, as well as buyers, with specific recommendations.

"The companies that participate in the digital advertising supply chain have been struggling with how to handle criminal enterprises intent on gaming the system," said Steve Sullivan, Vice President, Advertising Technology, IAB. "These fraudsters are diluting the value of all legitimate inventory while simultaneously diminishing the integrity of the entire digital marketing industry. The introduction of these best practices is a first step in reducing the marketplace repercussions of these illegal activities."

"When only a handful of companies act to reduce fraud, the criminals win. We need to band together to effectively put a stop to the destruction of our industry at the hands of racketeers," said John Battelle, Founder and Chairman, Federated Media, and co-Chair of the IAB Traffic of Good Intent Task Force. "Even the most scrupulous publishers and networks can be hit with non-intentional traffic propagated by criminals. If we want to truly address the problem, it is incumbent upon all stakeholders to embrace uniform levels of vigilance."

In tandem with release of the best practices for public comment, IAB is also publishing "Digital Simplified: Understanding Traffic Fraud," an educational backgrounder on how digital advertising fraud takes place and why industry leaders should take action to eradicate this criminal activity.

"One of the challenges of dealing with traffic fraud is its inherent complexity," said Tom Phillips, CEO of Dstillery and co-Chair of the IAB Traffic of Good Intent Task Force. "There's no magic bullet for eliminating fraudulent traffic, because there's no single method by which criminals exploit the digital advertising system. We've prepared this overview of the issue and a set of best practices to start the industry on a path to root out these corrupt practices."

For a full copy of "Best Practices – Traffic Fraud: Reducing Risk to Exposure," and to view "Digital Simplified: Understanding Traffic Fraud," go to iab.net/trafficofgoodintent.

The public comment period for the best practices is open until January 10, 2013. Please submit any feedback to Steve Sullivan at steve@iab.net prior to the deadline.

About the IAB

The Interactive Advertising Bureau (IAB) is comprised of more than 500 leading media and technology companies that are responsible for selling 86% of online advertising in the United States. On behalf of its members, the IAB is dedicated to the growth of the interactive advertising marketplace, of interactive's share of total marketing spend, and of its members' share of total marketing spend. The IAB educates marketers, agencies, media companies and the wider business community about the value of interactive advertising. Working with its member companies, the IAB evaluates and recommends standards and practices and fields critical research on interactive advertising. Founded in 1996, the IAB is headquartered in New York City with a Public Policy office in Washington, D.C. For more information, please visit iab.net.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-1421
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-2105
Published: 2014-04-22
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.

CVE-2013-2187
Published: 2014-04-22
Cross-site scripting (XSS) vulnerability in Apache Archiva 1.2 through 1.2.2 and 1.3 before 1.3.8 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, related to the home page.

CVE-2013-4116
Published: 2014-04-22
lib/npm.js in Node Packaged Modules (npm) before 1.3.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names that are created when unpacking archives.

CVE-2013-4472
Published: 2014-04-22
The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Best of the Web