2021 was a scorching year for the ad fraud and verification category – and 2022 is keeping up the pace.
Last year, both Integral Ad Science and DoubleVerify IPO’d and went on to acquire multiple startups apiece off the back of their multibillion-dollar market caps. Human, formerly White Ops, meanwhile, was acquired by three investment firms: Goldman Sachs Merchant Banking, ClearSky Security and NightDragon.
On Tuesday, Human announced that it raised $100 million and will add another investment firm, WestCap, to its ownership group.
Also on Tuesday, Integral Ad Science announced that it has bought Context, a French contextual advertising startup. This marks IAS’s third acquisition in the past 12 months, following the purchase of programmatic payments auditing service Amino Payments in January 2021 and CTV ad server Publica over the summer.
At this point, the lowest-hanging fruit is gone when it comes to online ad fraud, said Tamer Hassan, CEO and co-founder of Human. Industry products like Ads.txt and transparency initiatives by agencies and marketers have made the most blatant click fraud relatively easy to spot.
But that hasn’t necessarily made the fraud problem easier to solve, Hassan said, because the fraud that remains happens via more sophisticated operations.
Fraud outfits are also organized. When Human identified a botnet of Android smartphones last year being used by an online fraud group, the organization had two-week product update sprint cycles and engineering comments on new code releases that could easily have been from top software developers.
Human’s new $100 million round is planned for the company’s big expansion into new arenas, both in terms of product and international expansion. Today, more than 90% of Human’s clients are based in North America.
Clearly adding international offices is a priority across the category.
DoubleVerify bought the Swiss verification company Meetrics in August of last year, and IAS just acquired its slice of the international pie with Paris-based Context.
Human is also growing into new categories, namely, ecommerce and finance. While IAS and DoubleVerify focus on ad industry use cases, Human aims to counter bot fraud more broadly.
Hassan said that expanding from just programmatic is necessary, because the same botnets that defraud online advertisers and publishers are also used for other tactics, like financial account takeover scams or ecommerce scraping. In the case of ecommerce scraping, automated bots snipe special release items, such as the new PlayStation or limited-edition sneakers, that bad actors know will resell, especially after removing limited products from the market.
“The better you can see across all the market segments, the better you can protect against it,” Hassan said.
Still, digital marketing remains the most alluring form of fraud, and one of the largest vectors right now is in growth marketing, according to Hassan.
During the pandemic, for instance, car companies and dealerships started offering higher and higher rates for leads on in-market customers. (Many people bought cars during the pandemic, but few were visiting lots, so online forms to test drive a car became valuable.) That’s an enticing system for fraud, Hassan said, because a botnet can become a huge queue of deduplicated users who fill out a form to test a car and then are sold to auto companies as leads.
“Anywhere where there’s a form or click-through to sign up, we’re seeing botnets used to game lead generation,” he said.
But fraud and bot protection companies haven’t been sitting idly.
In November of last year, the Department of Justice (finally) succeeded in convicting Aleksandr Zhukov, an architect of the Methbot ad fraud operation, which Human helped expose in 2016. It was the first time a person was actually apprehended and sentenced to jail for online ad fraud.
But Hassan said that companies, even some purported ad fraud protection services, are “playing to lose” against fraudsters by merely trying to minimize losses in their own campaigns rather than changing their approach to root out and overcome fraudsters.
“We still need to fundamentally change the dynamics of the internet, so that the cost of bot attacks is higher than the cost of defense,” he said.