Home Digital TV and Video DoubleVerify Uncovers Largest CTV Ad Fraud Scheme To Date

DoubleVerify Uncovers Largest CTV Ad Fraud Scheme To Date

SHARE:

Ad verification company DoubleVerify has uncovered a massive CTV ad fraud scheme that was on track to bilk advertisers and publishers out of $30 million to $50 million in ad spend.

The scam, dubbed “ParrotTerra,” used server-side ad insertion to generate fake CTV inventory across a large number of apps, IPs and devices, spoofing 3.7 million devices and 2.7 million IP addresses per day.

SSAI technology combines content and ads into a single video stream to enable seamless playback on OTT devices, such as Roku, Apple TV and Fire TV.

The ParrotTerra scheme essentially tricked advertisers into paying for ads that were never actually seen in households.

“The ads and video stream are stitched together before it’s delivered and there’s no opportunity to easily evaluate who’s on the other side of the ad request,” said Jack Smith, DoubleVerify’s chief product officer in charge of demand solutions.

DoubleVerify identified the scam about a month ago and has since blocked the fraudulent activity before any companies were compromised, Smith said.

It was, however, the largest SSAI scheme since “StreamScam” in December, which spoofed more than 28.8 million US household IP addresses, including approximately 3,600 apps and 3,400 unique CTV device models. Oracle’s Moat identified and shut down that particular scam, which cost advertisers and publishers $14.5 million.

ParrotTerra, by comparison, was three times the size of StreamScam.

Anatomy of a CTV scam

Smith said that CTV fraud has been on the rise as more ad dollars flow into streaming. CTV fraud impressions more than tripled in 2020, up by 220% from the year before. Because there is little transparency in CTV, where CPMs can be upwards of $20, according to eMarketer, the schemes are becoming increasingly sophisticated, Smith said, as fraudsters look to cash in.

According to DoubleVerify, CTV schemes usually take place in three phases. First, fraudsters gather IP addresses or app bundle IDs. Second, they copy these details to mask their activity from being detected. And third, they use the spoofed details of legitimate users to send fraudulent ad requests.

Most of the fraud consists of bots on servers and impacts a range of inventory, Smith said. The scams, for example, are not specific to older TV models running new software that the devices may not be able to support.

“It’s really siphoning money away from good publishers across the spectrum – it could be large-scale publishers or small-scale [or] very niche publishers,” Smith said. “It doesn’t matter to the fraudsters. They want to attack every point in the value chain and the supply chain. If you’re a fraudster you want to try and cast the widest net.”

The problem is real

Though some have said that reports of fraudulent activity in CTV are often skewed to make the problem appear larger than it actually is, DoubleVerify says that ParrotTerra demonstrated how fraudsters are evolving.

Traditionally, SSAI schemes have generated impressions at a relatively slow and steady pace, Smith said. ParrotTerra, however, began testing its manipulation on a smaller scale before shortly thereafter progressing into high volumes.

“With ParrotTerra, there’s a sandbox where the fraudsters are kind of testing the waters to figure out what can immediately be detected and what can’t,” Smith said. “What was unique about ParrotTerra was that they scaled it rapidly. What we’re trying to do is … detect it in a sandbox before it starts to scale and start blocking it and removing it from traffic.”

DoubleVerify identified its first big SSAI ad fraud scheme in 2018, dubbed “Colorius,” which involved more than 400 fake SSAI servers that generated millions of falsified impressions. Since then, DoubleVerify has uncovered at least eight different schemes, including “LeoTerra” in July 2020, which resurrected itself as “StreamScam” five months later when it was identified by Oracle.

LeoTerra went through multiple phases through 2020. It started out targeting CTV devices only before changing its underlying behavior to evade detection. Eventually, it shifted to mobile apps after being shut down twice by DoubleVerify across CTV environments. ParrotTerra was spoofing 35% more apps than LeoTerra at its peak.

“Fraudsters are learning how to evolve their technology much like you would as a regular technology company that licenses one product and releases a version two, three or four,” Smith said. “And as that product goes along it gets much more sophisticated – we’re seeing technology development and product management happen within fraud.”

Must Read

Why Media Mergers And Spin-Offs Don’t Always Keep Their Promises

With media megamergers, acquisitions and spin-offs left and right, the media landscape is changing at a pace that is difficult to keep up with.

TransUnion is partnering with Blockgraph so that advertisers can use its identity data to target, reach and measure TV households across channels.

How This Disaster Relief Nonprofit Tapped First-Party Data To Reach Donors Year-Round

Staying top of mind for potential donors is an ongoing challenge for Direct Relief. Nexxen’s audience curation helped it spread and sustain awareness.

Why Major UK Publishers Are Finally Joining Forces To Curate Ad Inventory

Atria’s collective approach is a response to growing monetization challenges and the need to protect the value of human journalism in the AI era.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
Toronto Canada pride parade includes a crowd waving pride flags

Ad Performance And Politics Steered Brand Dollars Away From LGBTQ+ Communities – But The Pendulum Will Swing Back

The current administration has discouraged many marketers and organizations from showing support for the LGBTQ+ community, including during Pride month.

How AI Can Enhance Content Without Generating It

As much as consumers complain about AI-generated content, advertising experts say AI still has an important place in video creation and production, including for ads. But using AI in content without turning off consumers is a tricky dance.

How Tovala Banks On Subscriptions And Incrementality – But Not Ads – To Profit From Its Oven

Smart TVs, refrigerators and other home appliances may pester you with marketing, but at least the hardware is cheap. Another startup taking a different approach to the same theory is Tovala, which was founded in 2015 and combines a standalone countertop oven with a weekly meal kit subscription.