The creativity of ad fraud

The creativity of ad fraud

As we inch closer to an all-digital reality, the term ‘digital advertising’ feels all the more redundant. Sure, print ads still have a pulse. I doubt we’ll witness the extinction of buses, Metro stations or billboards any time soon. Maybe the last one…
Regardless of what’s going extinct or not, my point is that the word ‘advertising’ has become so closely associated with its digital counterpart, it has become the de facto mental image when you think: Advertising.

What’s both impressive and indicative about this form of advertising isn’t the current worldwide spend amount. It’s the trajectory these numbers are taking. Digital advertising has seen exponential growth since the dawn of the internet and you can bet that we haven’t even seen the tip of the iceberg yet. With this sudden influx in Ad Spend over the last decade or so, it’s no wonder that well, first off, criminals, being so 1990s and all, had to go and re-brand themselves as ‘Cyber’ criminals. Because I’m a ‘Cyber’-writer, yeah?

Come to think about it, Ad Fraud may be the single, greatest ‘get-rich-quick’ scheme of our generation, with about 10 - 20% of Ad Spend lost per year, roughly translating to tens of Billion of Dollars.

Ad Fraud can range from difficult to near-impossible to spot but fret not, my avid readers. Following this sentence lie 5 different types of ad fraud that you should most definitely be aware of.

Domain Spoofing
Domain Spoofing is the method in which cybercriminals use to disguise a website as a different, more valuable, (usually) high-traffic website.
By disguising their own fraudulent websites as higher-traffic websites, cybercriminals can trick advertisers into paying a much larger amount for the ad space on the spoofed website compared to what the ad space would be worth on their own domain.

Click Injection
You may have stumbled upon an earlier blog post; ‘The Rise of the Botnets’ , where we touched upon this exact practice. Click injections are generally ways in which hackers will ‘inject’ some sort of malware or malicious program on user devices.

Also known as botnets, click injections (contrary to the Co-Vid vaccines) are not so great.

The Malware in these infected devices can be accessed remotely – and at any one time and instruct the affected devices to generate hundreds & thousands of clicks on the targeted ads in order to falsely inflate the advertisers ad spend.

For a full run-down of how botnets operate, check out… 

Pixel Stuffing – Yup, you heard right. No, you’re not alone.

If there’s one thing I’ve come to realise when it comes to matters of the Cyber variety, it’s that the nomenclature of pretty much everything is both nonsensical, yet a little whimsical.
For example, here are some very real, very serious definitions.

Click Farms – Where mommy and daddy send the clicks when they get older.

Bot Herder – A dog that failed herding school.

Web Crawlers – Spiders. Duh.

As much as I’d love to continue defining these gems, I wouldn’t want to further detract from the sheer scope and scale of Ad Fraud, with Pixel Stuffing being one of the most creative ways yet.

You could call Pixel Stuffing the magician of the Ad Fraud business.
And honestly, the way it works is quite ingenious. Listen to this:

The cybercriminal will typically create a 1×1 Ad Space which is so tiny, that it’s practically invisible to the human eye. Poof!

This strategy allows cybercriminals to display hundreds of (1×1 size) ads on a single web-page, allowing these tiny ads to gather a massive number of impressions. While circumstantial, certain marketing programs base their Ad Spend on impressions (rather than clicks), meaning that their Ad Spend budget is at risk of being drained at an abnormally fast pace.

This method for example, could be used to drain your competitors’ ad spend or hinder the performance of other targeted Ad Campaigns. On top of that, the data & analytics of the campaigns affected can no longer be trusted, which costs both time and money!

Ad Stacking

Ad Stacking works in a very similar manner to Pixel stuffing. Instead of creating countless 1×1 pixel ‘invisible’ ad spaces and placing them in as many places as possible, with ad stacking, the ads are literally stacked on top of one another.

While you may only see the ‘Top’ Ad, in reality, it’s only the top layer of countless ads layered below that same ad space. In essence it works exactly the same way – and within the same criteria parameters – as Pixel Stuffing.


Ad injection

Finally, we have yet another jab of pure, unadulterated Ad!

Through plugins, malware, even browser extensions, the cybercriminal is able to ‘inject’  their own Ads onto a website where they don’t belong.

This could go as far as replacing a website’s genuine Ads completely & inserting their own fraudulent ads which will now be generating Ad Revenue for the cybercriminal rather than the legitimate owners.

By replacing real ads with their own fraudulent ones, the cybercriminal will get credit for any clicks – claiming any generated revenue.
The overall objective of fraudulent advertising is the same, regardless of method or strategy. It’s all about tricking or diverting the system into thinking that fake is real – and real gets paid.

It also may be worth looking into an Ad Fraud protection solution such as AdClickProtect. Prevent click fraud on your ads, stop wasting your budget and advertise only to your desired customers with our state of the art protection!

AdClickProtect – From Click, To You.

Latest in our blog

Do you like tech and business news but with a more personal touch? Then you will love our blog! These are our latest posts: