Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/19/2016
03:30 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Bots Will Inflict $7.2 Billion In Fraud On Digital Advertisers In 2016

Fraudsters see a gold mine in online ad ecosystem.

Despite heightened awareness about digital ad fraud, criminals operating massive botnets continue to completely game the online advertising marketplace. A new report today by WhiteOps and the Association of National Advertisers (ANA) shows the bot masters are making billions of dollars by tricking advertisers into thinking more people viewed and clicked their ads than actually did.

In its second year running, the 2015 Bot Baseline study examined over 10 billion online advertising impressions from dozens of brands across hundreds of campaigns for two months. The study showed that the average brand suffered $10 million in damages. By extrapolating the rate of fraud across the industry, WhiteOps estimates that bots will inflict $7.2 billion in damages to digital advertisers in the coming year.

That's higher than in 2014, when advertisers worldwide lost $5 billion, and within the range of the predicted rate of loss for 2015 concluded in the first report conducted by WhiteOps and the ANA.

The criminals use these bots against advertisers by infiltrating systems at numerous points in the digital advertising ecosystem. With much of today's advertising world run by automated systems and complicated advertising platforms, the fraudsters have figured out how to either use bogus sites that serve up ads to phony "viewers" that are actually just bots, or through unethical traffic sourcing or audience extension services used by publishers who need to boost traffic in order to fulfill inventory requirements promised to advertisers. In the second case, that relationship could be engaged knowingly or ignorant of that third-party's links to shady bot practices.

"Advertising fraud has the curious status of almost seeming legitimate; you couldn’t expect to get away with raiding a bank account or accessing someone else’s Gmail account, but defrauding advertisers, even by using the host user’s identifying cookies, doesn’t seem nearly as criminal," says Dan Kaminsky, co-founder and chief scientist for WhiteOps, explaining that end users see little impact from the fraud while bot operates rake in the cash.

"Many do not even operate their own infrastructure. So this sort of fraud has a surprising number of  'legitimate' participants," Kaminsky says. "We’ve found companies where not everyone at the company knew they were fraudulent operations."

Some bots afflicting advertisers are not necessarily technically sophisticated, but most ad fraudsters operate with a high degree of sophistication in their knowledge of the way digital ads are bought and sold. For example, bots target programmatic advertising 73% more than average. Most specifically, the more expensive programmatic video ads that reap more profitable gains from bot operators saw a 273% higher bot rate than average.

Similarly, bot operators home in on targeted campaigns based on demographic or geographic quotas because advertisers pay more for impressions in these cases. Some targeted campaigns saw a prevalence of twice as many more bots than others. 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Ilya Geller
50%
50%
Ilya Geller,
User Rank: Apprentice
1/19/2016 | 6:28:53 PM
Bots (children of the passed away Internet) may spam as much as they want ads shall not ever reach people.
Being structured advertisements search for people themselves, based on the people's profiles of structured data.

In the Cyberspace (which already replaces Internet) no way advertisements, spam can reach people who don't want, need them: patterns of ads and personal profiles won't match each other.

Why 'replaces Internet'? Oracle: 'Term weights represent an extremely powerful feature, and care should be taken when using them... terms in an index are automatically weighted based on their distribution in the indexed content.'

The only distinction between Google (No)SQL and Oracle technologies was into statistics, the above weights - which Google obtains from Internet, so called 'popularity', while Oracle (before ATG) had either none or manually assigned. Now Oracle ATG gets the statistics internally, from inside data itself.

Internet is gone and bots (children of the passed away Internet) may spam as much as they want – ads shall not ever reach people.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
1/23/2016 | 12:41:00 PM
Blocking
Digital advertisers whine and complain about consumers and users using ad blockers -- but this is why.  It's their own fault.  They need to clean up their own security acts to even begin to reinstill confidence, because one of the biggest reasons why people prefer to block ads is online ads' association with security risks.  (Java and Adobe Flash, anyone?)
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
1/25/2016 | 10:56:08 PM
Ad Earning Analysis Programs
One aspect of this is the depressing nature of businesses that "don't know" or "don't realize" a particular aspect of their business has either gone awry, hijacked by malicious players, or is actually illegal but being managed by staff who are not aware of it.

Companies who have large amounts of money tied up in adverts should have intelligent applications monitoring, data mining and analyzing what ads are being farmed, what activity surrounds those ads and how much income is ultimately associated with it.  Intelligent programs will highlight when actual earnings do not match up with the actual activity.

Of course, this assumes a real company having their ads hijacked.  The same software could be used with some modifications to anticipate expected activity and feedback false information to meet expectation.

A fascinating area of cybercrime that demands more attention.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Active Directory Needs an Update: Here's Why
Raz Rafaeli, CEO and Co-Founder at Secret Double Octopus,  1/16/2020
New Attack Campaigns Suggest Emotet Threat Is Far From Over
Jai Vijayan, Contributing Writer,  1/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
How Enterprises are Attacking the Cybersecurity Problem
How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-20391
PUBLISHED: 2020-01-22
An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse untrusted input yang files may crash.
CVE-2019-20392
PUBLISHED: 2020-01-22
An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used is not defined. Applications that use libyang to parse untrusted input yang files may crash.
CVE-2019-20393
PUBLISHED: 2020-01-22
A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.
CVE-2019-20394
PUBLISHED: 2020-01-22
A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input yang files may be vulnerable to this flaw, which would cause a crash or potentially code execution.
CVE-2019-20395
PUBLISHED: 2020-01-22
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash.