Ad fraud has been a long-standing challenge in the programmatic advertising industry—but it’s one we can’t just ignore. Here we look at the scale and context of the problem and outline the different types of fraud, along with some viable solutions.
A recent report from Statista predicted that global programmatic advertising spend would be $725 billion by 2026, with this expected to reach $779 billion by 2028.
Unfortunately, the success of the industry and the sums of money involved also make it a honeypot for criminals, all keen to divert dollars to their own pockets.
It’s hard to put an exact figure on how much this impacts the sector, but turning to Statista again, it’s estimated that costs relating to digital ad fraud worldwide will increase from $88 billion to $172 billion between 2023 and 2028. And with estimates that in 2024 82.21% of all digital advertising will be programmatic, it’s not hard to see the damage inflicted on automated trading.
More than money
At the risk of stating the obvious, that's a lot of money. It’s also a lot of wasted advertising in terms of funds, effectiveness, resources, creatives, technology, and more.
Financial losses are critical, but they’re not the only concern.
Brand reputation is also a major worry, not least because of its long-term impact on revenues. Ensuring ads reach real people—not bots—and are genuinely viewable, not hidden or stacked, is crucial. Only then can brands connect with the right audience in the right place and maximize their impact.
Another issue is that both ads shown on fake sites and fake clicks all lead to inaccurate data when marketers are analyzing campaigns to devise, plan, and refine marketing strategies. Future targeting is therefore less effective, leaving yet more money on the table.
Sustainability is another factor on the agenda, and one that’s only going to grow in significance. Fraudulent traffic still uses processing power, whether or not the ad is deployed as intended—and high-energy consumption equals a bigger carbon footprint.
The different types of ad fraud
Programmatic ad fraud comes in several guises, with the specific strategy and tactics depending on the type of campaign, and the level of protection the programmatic ad platform in question has in place. Here we outline the biggest offenders.
- Ad injection. Malicious software places an ad where it shouldn’t appear on a publisher’s website, even if the site doesn’t run ads. New creatives can be inserted over existing ones, or replace them altogether, while the user is online. Publisher revenue is diverted to the fraudster while the browsing experience is potentially impaired due to slow page loading speeds. Advertisers also lose out because the ad they paid for isn’t seen.
- Ad stacking. Ads are literally ‘stacked’ on top of each other within a single slot. The number of impressions is maximized to increase revenue, but only the first ad in the stack can actually be seen, meaning advertisers are paying for fake clicks and impressions.
- Click fraud. Bots or human click-farms are used to repeatedly click on an ad. Fraudsters generate revenues while advertisers running a pay-per-click campaign waste budgets on activity that won’t drive the required result.
- Cookie stuffing. Particularly prevalent in affiliate marketing, third-party cookies are dropped onto users’ devices without their consent to enable wrongful attribution. Websites are tricked into paying for traffic generated by fraudsters, believing it has been sent from a legitimate source.
- Device spoofing. Fraudulent devices have their identity altered to mimic legitimate ones. This allows them to bypass device fingerprinting, which ad platforms use to verify and identify website visitors and block ads from being displayed on specific browsers, device types, or geographic locations. Common tactics include bots posing as real people to expand the geographic areas where ads are displayed and masking their identity as CTV devices, which typically command higher inventory prices.
- Domain spoofing. Domain spoofing occurs when a website is disguised as a higher-value site to inflate the price of ad inventory. This means advertisers may end up paying more than they should for lower-quality placements. Beyond the inflated costs, there’s also a reputational risk—users who click on these ads might find themselves on harmful sites filled with malware or spam, which could damage the advertiser’s image by association.
- Geo-masking. Also known as location masking, low-quality traffic generated in certain geographical areas is disguised and passed off to advertisers as being from a country or region where it commands more value.
- Pixel stuffing. Ads are reduced to nearly invisible sizes, often as small as a single pixel. This means fraudsters are free to sell even more impressions but provides no real value to advertisers because their ads are too small to actually be seen.
- Retargeting fraud. Human behavior, such as online browsing and shopping, is mimicked by bots so that retargeted ads are delivered to a fake lead rather than a real person.
Fighting fraud
Underpinned by a vast array of highly sophisticated individuals and networks, ad fraud is an ever-evolving global business and tackling it can feel like a daunting task.
However, straightforward actions help to ensure due diligence, enabling players throughout the programmatic supply chain to be vigilant about protecting their budget and brand. This approach is also important to maintain the credibility of the industry as a whole.
For example, carefully checking websites where ads appear can provide key clues: A mismatch between information provided (such as the publisher’s precise name) and the details that appear on authorized sources should ring alarm bells, while anything that doesn’t quite add up can indicate the site is not what it purports to be.
Working with DSPs and networks that are trusted is another safety net, while Ads.txt provides a list of authorized and trustworthy sellers. In addition, the RTB platform deployed should use anti-fraud measures that are certified by an industry body such as the Trustworthy Accountability Group (TAG).
Ad metrics can also provide signs of a problem. A high number of purchased impressions should generate an equivalently high number of clicks, for example. Equally, lots of clicks should generate at least some leads and customers. If these measures aren’t correlating, it’s a red flag that warrants further investigation.
Advanced technology is becoming increasingly essential. Ad fraud protection and prevention tools, along with bot detection software, play a key role in safeguarding campaigns. At the same time, ad verification tools ensure that ads appear alongside relevant content and are viewed by real people.
How BidSwitch protects you against fraud
BidSwitch is one of a handful of companies that has achieved TAG Platinum Status, having undergone a rigorous application and review process to receive three TAG seals—Brand Safety Certified (BSC), Certified Against Malware (CAM) and Certified Against Fraud (CAF).
This requires an ongoing commitment to tackling ad fraud.
We address the issue from two perspectives: invalid traffic (IVT) and creative. Our team monitors spikes in traffic to ensure that both supply and demand partners comply with our standards for each one.
Activity includes scanning creatives for malware and filtering pre-bid and post-bid impressions for IVT. We have clear policies and protocols for how to deal with fraudulent activity when it’s identified. We also provide our own tool that enables clients to create block lists.
1. Invalid traffic
To identify IVT and Sophisticated Invalid Traffic (SIVT), we work with DoubleVerify to identify general IVT based on Media Ratings Council (MRC) definitions, which include:
- Traffic known to originate from a datacenter. This is a consistent source of non-human traffic.
- Bots and spiders or other crawlers.
- Activity-based red flags. This includes transactions that are too fast or too repetitive to be real, for example.
- User-agent headers. These reveal the browser or application used to access content. They can include non-traditional or unknown browsers, which are often not linked to genuine human activity.
- Pre-fetch or browser pre-rendered traffic. This is content that’s pre-loaded to improve the user experience, but then not accessed by that user.
SIVT is more difficult to detect and usually requires advanced analytics, multi-point corroboration, human intervention, etc., to identify situations such as:
- The differentiation of human and IVT traffic when it originates from the same or a similar source.
- Bots and spiders or other crawlers masquerading as legitimate users.
- Devices, user sessions, ad tags, and ad creatives that have been hijacked.
- Ad serving that is hidden, stacked, covered, or otherwise intentionally obfuscated.
- Proxy traffic that is fraudulent rather than legitimate.
- Adware and malware (malicious software).
- Incentivized manipulation of measurements, such as over-reporting site visitors to attract advertisers.
- Falsified viewable impression decisions, such as ads that fake compliance but are out-of-view to the user.
- Falsely represented sites created to deceive viewers into believing that they are on another site.
- Cookie stuffing, recycling, or harvesting.
- The manipulation or falsification of location data.
2. Creatives
On the creative side, we work with Ad Lightning (now Boltive), which scans creatives every six hours to identify sensitive content and low-quality assets.
Sensitive content is defined as anything that is illegal, pornographic or adult, and violent. It also includes material that has been hacked, as well as ads for illicit and recreational drugs, tobacco and related products, prescription drugs, and weapons and ammunition.
Concessions are made for alcohol, gambling, tobacco and CBD—but only via deals (open and private), and only when the client explicitly confirms it wants to trade in these categories.
Low-quality creatives include adult content, auto redirects (when the user is taken away from a web page without requesting it, potentially to a malicious site), autoplay and in-banner video ads, phishing scams, content that contains malware or is malicious, and pop-up and pop-under ads flagged in worldwide traffic scanner alerts.
Partners who violate our creative policies risk suspension—or even removal—from the BidSwitch platform.
For example, if a DSP bids on a sensitive category, the bid request will be blocked and invalidated, ensuring it doesn’t go through. Depending on the percentage of its low-quality creatives, a DSP will get a warning, a strike, or a red flag, with the latter potentially resulting in temporary or permanent suspension.
Similarly, SSPs can be suspended or have their account terminated, depending on the percentage of their IVT impressions and how quickly the issue is resolved—or not.
Put simply, BidSwitch has your back when it comes to preventing ad fraud impacting your trading. To find out more or get specific advice, contact your BidSwitch account manager, or get in touch with the BidSwitch team today.