Home Data-Driven Thinking Ad Fraud And Systematic Ad Tech Flaws: The Battle Is Not Over Yet

Ad Fraud And Systematic Ad Tech Flaws: The Battle Is Not Over Yet


Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.

Today’s column is written by Nico Neumann, assistant professor and fellow, Centre for Business Analytics at Melbourne Business School.

Two weeks ago, a multimillion dollar ad fraud scheme was publicly revealed and eight people were charged by the FBI for operating the botnet 3ve. This news should be an important wake-up call for everyone in ad land that the battle against ad fraud is not over yet.

While the accused perpetrators now serve as the poster children for rogue overseas hackers trying to steal big brands’ money, we must ask some critical questions too: Why do we still have such big scandals happening after there has been so much press coverage on ad fraud over the years?

And what is the responsibility of marketers, agencies and tech partners to help minimize ad fraud? Are we doing as much as possible?

Misperception: Ad fraud has been solved

After some reports that ad fraud seemed to decline or stagnate, many people may have felt a false sense of security. Indeed, we have made some good progress. Industrywide initiatives, such as certifications by the Trustworthy Accountability Group or the introduction of Ads.txt, have increased the barrier for some fraudulent practices. And nearly every agency and tech provider now has some ad fraud solution in place.

However, this year Adobe reported that it noticed around 28% of its website traffic showed strong “nonhuman signals.” Fraud also appears to be growing in mobile apps and is moving into new digital channels, such as over-the-top video.

Most importantly, we should keep in mind that just because most fraud vendors may not measure a certain level of activity does not necessarily mean there is no fraud. Similar to viruses and antimalware programs, automated solutions can only report what is known, and the most sophisticated schemes may be exposed only after years of successful operation or never at all.

As long as ad fraud is lucrative and there are systematic flaws, bad actors have an incentive to keep trying to outsmart the system.

Flaw 1: Convenience and PR matter more than true best practices


AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

Given the many challenges CMOs must navigate, it is tempting to see ad fraud as just another issue where one needs to tick a box of standard practices to avoid negative PR; ad fraud solution bought – check. Unfortunately, ad fraud is a topic where the devil is in the details.

For example, marketers should enquire whether their agency or verification vendor takes a traffic sample or examines every impression and shares log level files for suspicious activity. Many only sample, and marketers need to ask themselves: How efficient would a firewall be that only checks and potentially blocks 10% of the traffic coming to their PC?

Likewise, it is astonishing to see that initially only 10% of the top 5,000 programmatic domains – and still only 73% after a year – adopted Ads.txt. Why are so many suppliers reluctant to support such an easy implementable solution?

We also need to ask why more brands and media buyers don’t enforce Ads.txt-only buys? If all marketers imposed this rule, ad trading without Ads.txt should largely have vanished.

Flaw 2: Outdated vanity metrics and poor attribution practices

One of the reasons many ad buyers were reluctant to immediately accept Ads.txt-only buying was apparently a concern that reach and price could be compromised. Is reporting a low CPM and large reach – despite a risk of being fake and a waste of money – more important than having an actual ad effect?

Clearly, many organizations are still stuck with outdated vanity metrics: Reach and CPMs should not be used as KPIs in a digital world because they are fakable and thus meaningless when assessed alone and without being tied to proper business outcomes.

With regard to outcome measurement, it is also crucial to use proper attribution methods, such as well-designed experiments.


Having a fraud solution in place is a hygiene factor nowadays, but to be protected against fraud that is unknown, one needs accurate attribution. If two publishers can, in theory, provide the same ad effect but differ only in exposure to fraudulent traffic, then an attribution solution should pick this up. And marketers can divert money to the publisher with lower ad fraud traffic, rewarding best practices.

Flaw 3: Wrong financial incentives hinder hunger for more actions

All human behavior can eventually be explained by the incentives in a system. As long as vendors are paid on a volume basis and not by outcome or quality, they still benefit from allowing ad fraud to happen and may take minimal action to avoid negative PR. The ecosystem needs to learn to move more toward value-based buying and fixed-pricing models to really de-incentivize indirect fraud support.

As opposed to financial fraud, ad fraud can appear as a victimless crime, where we may not feel the impact of poor actions immediately. Thus, ad fraud works like crowdfunding – the real damage is done at the macro level, where the total money that is lost in an industry is likely to flow to bad actors. Economists refer to this as a negative externality – a cost to society.

Fortunately, we can learn here from the economics playbook chapter on air pollution, which is also a problem everyone should contribute to, but is often regarded as someone’s else problem: We need to set the right policies to fully incentivize all actors in advertising to take action against ad fraud as determinedly as possible.

For example, governments could introduce extra taxes for companies that do not support relevant initiatives or provide financial rewards to those companies that use best practices.

Beating ad fraud at all levels

It took many large companies and the FBI two years to take down botnet 3ve. However, smaller schemes that are less aggressive – and may never attract the attention of lawmakers and watchdogs – can still do significant damage as a whole.

Fortunately, we have the right tools and methods available to counteract ad fraud, and there are new exciting solutions, such as blockchain, emerging. It’s just a matter of education and providing the right incentives to get everyone to actually make use of all available means.

Follow Melbourne Business School (@MelbBSchool) and AdExchanger (@adexchanger) on Twitter.

Must Read

shopping cart

Moloco Invests In Its Competitor Topsort As The Retail Media Stakes Go Up

Topsort can lean into Moloco’s algorithmic personalization, while Moloco benefits from Topsort’s footprint with local retailers in the US and in Latin America.

CDP BlueConic Acquires First-Party Data Collection Startup Jebbit

On Wednesday, customer data platform BlueConic bought Jebbit, which creates quizzes, surveys and other interactive online plugs for collecting data from customers.

Comic: The Showdown (Google vs. DOJ)

The DOJ’s Witness List For The Google Antitrust Trial Is A Who’s Who Of Advertising

The DOJ published the witness list for its upcoming antitrust trial against Google, and it reads like the online advertising industry’s answer to the Social Register.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Why Vodafone Is Giving Out Grades For Its Creative

One way to get a handle on your brand creative is to, well, grade your homework, according to Anne Stilling, Vodafone’s global director of brands and media.

Inside The Fall Of Oracle’s Advertising Business

By now, the industry is well aware that Oracle, once the most prominent advertising data seller in market, will shut down its advertising division. What’s behind the ignominious end of Oracle Advertising?

Forget about asking for permission to collect cookies. Google will have to ask for permission to not collect them.

Criteo: The Privacy Sandbox Is NOT Ready Yet, But Could Be If Google Makes Certain Changes Soon

If Google were to shut off third-party cookies today and implement the current version of the Privacy Sandbox, publishers would see their ad revenue on Chrome tank by around 60% on average.