As we inch closer to an all-digital reality, the term ‘digital advertising’ feels all the more redundant. My point being that the word ‘advertising’ has become so closely associated with its digital counterpart, it has become the de facto mental image when you think: Advertising.

What’s both impressive and indicative about this form of advertising isn’t the current worldwide spend amount. It’s the trajectory of these numbers. Digital advertising has seen exponential growth since the dawn of the internet and I’m certain that we haven’t even began to scratch the surface.

With this sudden influx in Ad Spend over the last decade or so, it’s no wonder that sooner or later individuals with certain skill sets would try to exploit this system for a quick buck – and what a buck, it is!

Come to think about it, Ad Fraud may be the single, greatest ‘get-rich-quick’ scheme of our generation, with about 10 - 20% of Ad Spend lost per year, roughly translating to tens of Billion of Dollars.

Now, Ad Fraud may be quite tricky to spot. A lot of the time it can even range from difficult to near-impossible; which is why we have compiled a few types of ad fraud strategies that you should definitely be aware of – especially if you’re running any campaigns yourselves.

Domain Spoofing

Domain Spoofing is the method in which cybercriminals use to disguise a website as a different, more valuable, (usually) high-traffic website.

By disguising their own fraudulent websites as higher-traffic websites, cybercriminals can trick advertisers into paying a much larger amount for the ad space on the spoofed website compared to what the ad space would be worth on their own domain.

This allows them to, for lack of better word, scam advertisers into paying google (and in turn, the cybercriminals who are hosting this spoof domain in paying a much higher amount than usual (because of the perceived higher traffic).

Click Injection

You may have stumbled upon an earlier blog post; ‘The Rise of the Botnets’ [], where we touched upon this exact practice. Click injections are generally ways in which hackers will ‘inject’ some sort of malware or malicious program on user devices.

These are also known as, botnets.

The Malware in these infected devices can be accessed remotely – and at any one time and instruct the affected devices to generate hundreds & thousands of clicks on the targeted ads in order to falsely inflate the advertisers ad spend.

Pixel Stuffing

Pixel Stuffing is one of the most creative & inventive ways yet. Here’s how it works:

The cybercriminal will typically create a 1×1 Ad Space which is so tiny, that it’s practically invisible to the human eye.

This strategy allows cybercriminals to display hundreds of (1×1 size) ads on a single web-page, allowing these tiny ads to gather a massive number of impressions. While circumstantial, certain marketing programs base their Ad Spend on impressions (rather than clicks), meaning that their Ad Spend budget is at risk of being drained at an abnormally fast pace.

This method for example, could be used to drain your competitors’ ad spend or hinder the performance of other targeted Ad Campaigns. On top of that, the data & analytics of the campaigns affected can no longer be trusted, which costs both time and money!

Ad Stacking

Ad Stacking works in a very similar manner to Pixel stuffing.

Instead of creating countless 1×1 pixel ‘invisible’ ad spaces and placing them in as many places as possible, with ad stacking, the ads are literally stacked on top of one another.

While you may only see the ‘Top’ Ad, in reality, it’s only the top layer of countless ads layered below that same ad space.

In essence it works exactly the same way – and within the same criteria parameters – as Pixel Stuffing.

Ad injection

Finally, Ad Injection.

Through plugins, malware, even browser extensions, the cybercriminal is able to ‘inject’ their own Ads onto a website where they don’t belong.

This could go as far as replacing a website’s genuine Ads completely & inserting their own fraudulent ads which will now be generating Ad Revenue for the cybercriminal rather than the legitimate owners.

By replacing real ads with their own fraudulent ones, the cybercriminal will get credit for any clicks – claiming any generated revenue.

The overall objective of fraudulent advertising is the same, regardless of method or strategy. It’s all about tricking or diverting the system into thinking that fake is real – and real gets paid.

It also may be worth looking into an Ad Fraud protection solution such as AdClickProtect. Prevent click fraud on your ads, stop wasting your budget and advertise only to your desired customers with our state-of-the-art protection!

AdClickProtect – From Click, To You.

Date: Friday, 26 November 2021