Risk
1/19/2016
03:30 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Bots Will Inflict $7.2 Billion In Fraud On Digital Advertisers In 2016

Fraudsters see a gold mine in online ad ecosystem.

Despite heightened awareness about digital ad fraud, criminals operating massive botnets continue to completely game the online advertising marketplace. A new report today by WhiteOps and the Association of National Advertisers (ANA) shows the bot masters are making billions of dollars by tricking advertisers into thinking more people viewed and clicked their ads than actually did.

In its second year running, the 2015 Bot Baseline study examined over 10 billion online advertising impressions from dozens of brands across hundreds of campaigns for two months. The study showed that the average brand suffered $10 million in damages. By extrapolating the rate of fraud across the industry, WhiteOps estimates that bots will inflict $7.2 billion in damages to digital advertisers in the coming year.

That's higher than in 2014, when advertisers worldwide lost $5 billion, and within the range of the predicted rate of loss for 2015 concluded in the first report conducted by WhiteOps and the ANA.

The criminals use these bots against advertisers by infiltrating systems at numerous points in the digital advertising ecosystem. With much of today's advertising world run by automated systems and complicated advertising platforms, the fraudsters have figured out how to either use bogus sites that serve up ads to phony "viewers" that are actually just bots, or through unethical traffic sourcing or audience extension services used by publishers who need to boost traffic in order to fulfill inventory requirements promised to advertisers. In the second case, that relationship could be engaged knowingly or ignorant of that third-party's links to shady bot practices.

"Advertising fraud has the curious status of almost seeming legitimate; you couldn’t expect to get away with raiding a bank account or accessing someone else’s Gmail account, but defrauding advertisers, even by using the host user’s identifying cookies, doesn’t seem nearly as criminal," says Dan Kaminsky, co-founder and chief scientist for WhiteOps, explaining that end users see little impact from the fraud while bot operates rake in the cash.

"Many do not even operate their own infrastructure. So this sort of fraud has a surprising number of  'legitimate' participants," Kaminsky says. "We’ve found companies where not everyone at the company knew they were fraudulent operations."

Some bots afflicting advertisers are not necessarily technically sophisticated, but most ad fraudsters operate with a high degree of sophistication in their knowledge of the way digital ads are bought and sold. For example, bots target programmatic advertising 73% more than average. Most specifically, the more expensive programmatic video ads that reap more profitable gains from bot operators saw a 273% higher bot rate than average.

Similarly, bot operators home in on targeted campaigns based on demographic or geographic quotas because advertisers pay more for impressions in these cases. Some targeted campaigns saw a prevalence of twice as many more bots than others. 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Christian Bryant
50%
50%
Christian Bryant,
User Rank: Ninja
1/25/2016 | 10:56:08 PM
Ad Earning Analysis Programs
One aspect of this is the depressing nature of businesses that "don't know" or "don't realize" a particular aspect of their business has either gone awry, hijacked by malicious players, or is actually illegal but being managed by staff who are not aware of it.

Companies who have large amounts of money tied up in adverts should have intelligent applications monitoring, data mining and analyzing what ads are being farmed, what activity surrounds those ads and how much income is ultimately associated with it.  Intelligent programs will highlight when actual earnings do not match up with the actual activity.

Of course, this assumes a real company having their ads hijacked.  The same software could be used with some modifications to anticipate expected activity and feedback false information to meet expectation.

A fascinating area of cybercrime that demands more attention.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
1/23/2016 | 12:41:00 PM
Blocking
Digital advertisers whine and complain about consumers and users using ad blockers -- but this is why.  It's their own fault.  They need to clean up their own security acts to even begin to reinstill confidence, because one of the biggest reasons why people prefer to block ads is online ads' association with security risks.  (Java and Adobe Flash, anyone?)
Ilya Geller
50%
50%
Ilya Geller,
User Rank: Apprentice
1/19/2016 | 6:28:53 PM
Bots (children of the passed away Internet) may spam as much as they want ads shall not ever reach people.
Being structured advertisements search for people themselves, based on the people's profiles of structured data.

In the Cyberspace (which already replaces Internet) no way advertisements, spam can reach people who don't want, need them: patterns of ads and personal profiles won't match each other.

Why 'replaces Internet'? Oracle: 'Term weights represent an extremely powerful feature, and care should be taken when using them... terms in an index are automatically weighted based on their distribution in the indexed content.'

The only distinction between Google (No)SQL and Oracle technologies was into statistics, the above weights - which Google obtains from Internet, so called 'popularity', while Oracle (before ATG) had either none or manually assigned. Now Oracle ATG gets the statistics internally, from inside data itself.

Internet is gone and bots (children of the passed away Internet) may spam as much as they want – ads shall not ever reach people.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Cybercrime has become a well-organized business, complete with job specialization, funding, and online customer service. Dark Reading editors speak to cybercrime experts on the evolution of the cybercrime economy and the nature of today's attackers.