Risk

1/19/2016
03:30 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Bots Will Inflict $7.2 Billion In Fraud On Digital Advertisers In 2016

Fraudsters see a gold mine in online ad ecosystem.

Despite heightened awareness about digital ad fraud, criminals operating massive botnets continue to completely game the online advertising marketplace. A new report today by WhiteOps and the Association of National Advertisers (ANA) shows the bot masters are making billions of dollars by tricking advertisers into thinking more people viewed and clicked their ads than actually did.

In its second year running, the 2015 Bot Baseline study examined over 10 billion online advertising impressions from dozens of brands across hundreds of campaigns for two months. The study showed that the average brand suffered $10 million in damages. By extrapolating the rate of fraud across the industry, WhiteOps estimates that bots will inflict $7.2 billion in damages to digital advertisers in the coming year.

That's higher than in 2014, when advertisers worldwide lost $5 billion, and within the range of the predicted rate of loss for 2015 concluded in the first report conducted by WhiteOps and the ANA.

The criminals use these bots against advertisers by infiltrating systems at numerous points in the digital advertising ecosystem. With much of today's advertising world run by automated systems and complicated advertising platforms, the fraudsters have figured out how to either use bogus sites that serve up ads to phony "viewers" that are actually just bots, or through unethical traffic sourcing or audience extension services used by publishers who need to boost traffic in order to fulfill inventory requirements promised to advertisers. In the second case, that relationship could be engaged knowingly or ignorant of that third-party's links to shady bot practices.

"Advertising fraud has the curious status of almost seeming legitimate; you couldn’t expect to get away with raiding a bank account or accessing someone else’s Gmail account, but defrauding advertisers, even by using the host user’s identifying cookies, doesn’t seem nearly as criminal," says Dan Kaminsky, co-founder and chief scientist for WhiteOps, explaining that end users see little impact from the fraud while bot operates rake in the cash.

"Many do not even operate their own infrastructure. So this sort of fraud has a surprising number of  'legitimate' participants," Kaminsky says. "We’ve found companies where not everyone at the company knew they were fraudulent operations."

Some bots afflicting advertisers are not necessarily technically sophisticated, but most ad fraudsters operate with a high degree of sophistication in their knowledge of the way digital ads are bought and sold. For example, bots target programmatic advertising 73% more than average. Most specifically, the more expensive programmatic video ads that reap more profitable gains from bot operators saw a 273% higher bot rate than average.

Similarly, bot operators home in on targeted campaigns based on demographic or geographic quotas because advertisers pay more for impressions in these cases. Some targeted campaigns saw a prevalence of twice as many more bots than others. 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
No SOPA
50%
50%
No SOPA,
User Rank: Ninja
1/25/2016 | 10:56:08 PM
Ad Earning Analysis Programs
One aspect of this is the depressing nature of businesses that "don't know" or "don't realize" a particular aspect of their business has either gone awry, hijacked by malicious players, or is actually illegal but being managed by staff who are not aware of it.

Companies who have large amounts of money tied up in adverts should have intelligent applications monitoring, data mining and analyzing what ads are being farmed, what activity surrounds those ads and how much income is ultimately associated with it.  Intelligent programs will highlight when actual earnings do not match up with the actual activity.

Of course, this assumes a real company having their ads hijacked.  The same software could be used with some modifications to anticipate expected activity and feedback false information to meet expectation.

A fascinating area of cybercrime that demands more attention.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
1/23/2016 | 12:41:00 PM
Blocking
Digital advertisers whine and complain about consumers and users using ad blockers -- but this is why.  It's their own fault.  They need to clean up their own security acts to even begin to reinstill confidence, because one of the biggest reasons why people prefer to block ads is online ads' association with security risks.  (Java and Adobe Flash, anyone?)
Ilya Geller
50%
50%
Ilya Geller,
User Rank: Apprentice
1/19/2016 | 6:28:53 PM
Bots (children of the passed away Internet) may spam as much as they want ads shall not ever reach people.
Being structured advertisements search for people themselves, based on the people's profiles of structured data.

In the Cyberspace (which already replaces Internet) no way advertisements, spam can reach people who don't want, need them: patterns of ads and personal profiles won't match each other.

Why 'replaces Internet'? Oracle: 'Term weights represent an extremely powerful feature, and care should be taken when using them... terms in an index are automatically weighted based on their distribution in the indexed content.'

The only distinction between Google (No)SQL and Oracle technologies was into statistics, the above weights - which Google obtains from Internet, so called 'popularity', while Oracle (before ATG) had either none or manually assigned. Now Oracle ATG gets the statistics internally, from inside data itself.

Internet is gone and bots (children of the passed away Internet) may spam as much as they want – ads shall not ever reach people.
6 Security Trends for 2018/2019
Curtis Franklin Jr., Senior Editor at Dark Reading,  10/15/2018
6 Reasons Why Employees Violate Security Policies
Ericka Chickowski, Contributing Writer, Dark Reading,  10/16/2018
Getting Up to Speed with "Always-On SSL"
Tim Callan, Senior Fellow, Comodo CA,  10/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Too funny!
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399
PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381
PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382
PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374
PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.