<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=151457&amp;fmt=gif">

Articles and Research

Fraudlogix interview: Identifying, detecting, and terminating ad fraud

Posted by Fraudlogix on Aug 10, 2016 3:18:30 PM

The below interview with Fraudlogix CEO, Hagai Shechter, first appeared on Thalamus.

For those of us that aren’t familiar with Fraudlogix, please tell us a little more about your company and offering.

Fraudlogix is an online advertising fraud detection company that builds custom solutions for the supply side (ad networks, exchanges and SSPs) and DSPs within the online advertising marketplace. Our solutions can be used within desktop, mobile, in-app and video environments. We monitor over 120 billion impressions monthly and are able to detect bots and malware, human generated fraud, domain masking, and can provide brand safety monitoring for the supply side and DSPs of the industry.

Ad fraud is a huge problem in our industry, as reported by eMarketer. From your internal data, can you share how large you think the problem is really in terms of ad spend wasted on fraudulent impressions?

We estimate 25 percent of ad spend is wasted on fraudulent impressions, but this doesn’t mean that 25 percent of all impressions bought are fraudulent. Ad fraud tends to be concentrated in certain areas across the web (e.g., 10 percent of all websites may serve up 80 percent of the fraudulent impressions).

Please explain to us how your technology works.

Our technology is pixel-based, where a pixel piggybacks on an ad tag or creative and then “touches” the end user and collects a host of data. We analyze two separate sets of data for evidence of fraud: a digital dataset and a behavioral dataset. The IP address, referring URL and the user agent are basic examples of digital data. Forged user agents, IP rotation and scripts are examples of behavior data. We typically identify from 15 to 25 behaviors per transaction. These behaviors can identify malware, Trojans, and bots. Before determining if an ad impression is possibly fraudulent, it must possess a combination of fraudulent characteristics. We compare data and behavior profiles across all of our clients, which adds up to over 120 billion impressions a month, a large portion of the online ecosystem. This is important when it comes to fraud detection – the more traffic you see, the easier it is to detect fraudulent anomalies.

What is the process that most of these bad actors follow, and how do many end up serving impressions for such marquee, blue-chip brands?

A lot of fraudsters operate by creating fake websites and then sourcing or creating fake traffic to visit the site. They then sell their ad inventory through a network or exchange. A brand can fall prey to ad fraud by simply going to an exchange (even a reputable one) and programmatically buying impressions that target the same demographic that the fraudsters’ fake impressions look to be serving. There’s tens of thousands of websites on these exchanges and it can be very difficult to see which ones are fraudulent. If a brand does not actively monitor their buys for fraudulent activity, and many do not because they don’t have the tools to do it, they can easily be a victim of ad fraud.

How does domain masking by these fraudsters work?

Domain masking is when publishers claim to run ads on one site but really they’re placing them on different, less desirable ones (e.g., they may claim “premiumwebsite.com” but really the ad is being served on “fakewebsite.com”). A publisher has to pass along the domain name where an ad will be served and they can easily make it up or lie about it. We detect this by capturing the domain on which our pixel fires and then comparing that domain to the publisher declared domain (passed to us from our clients) to see whether they match.

How does ad fraud differ on mobile, as compared to desktop display or video?

Fraudsters need to operate a bit differently than they would in a desktop environment. Certain metrics, like user agents and IP addresses, aren’t as meaningful in the mobile environment and different logic and algorithms need to be used to both commit and detect mobile ad fraud. In the desktop environment, a fraudster may create fake websites to drive fake traffic to, while within the mobile environment, a fraudster now has to create fake apps to drive fake installs and/or ad impressions to.

Are there certain categories or publisher verticals where ad fraud is most rampant? (celebrity websites, gossip sites, entertainment, sports, etc.)

What we’ve found is that fraudsters want to spend the least amount of effort to try to make a website look legitimate, and the easiest way to do that is by having fresh content. The fastest and easiest way to have fresh content is by having lots of widgets and newsfeeds on the page, updating the content automatically. Websites, regardless of vertical, that have a lot of these widgets on them tend to have more fraud.

What are some quick tell-tale signs that a brand can use to discern whether or not a portion of their ads being served are fraudulent?

If there is a conversion event (e.g., a sale) associated with an ad, it can help to quickly identify fraudulent activity. If a brand sees high click-through rates or a large number of impressions with little to no conversions, it can be a sign of fraud. This gets a bit trickier when there is no conversion event, in which case a brand can look to see if an ad is being repeatedly served to the same IP address (a tell-tale sign of a bot) or they can look for abnormal spikes in clicks or impressions. Unfortunately for brands, fraudsters have become more sophisticated over the years and can forge IP addresses and make their bot behavior seem very human, making it difficult to simply look at impressions and pinpoint what’s real and what’s fake. Fortunately for the industry though, there are several reputable vendors out there that can detect and eliminate fraudulent traffic making it easier for brands to find one that fits their needs.

How do you typically work with Ad Networks, DSPs, and Publishers as well as Brands & Agencies?

We work almost exclusively with the supply side (ad networks, exchanges, and SSPs) and DSPs within the programmatic ecosystem, basically, the “wholesalers” of the industry. They have unique challenges — massive amounts of traffic to monitor and multiple partners to work with. One of the most important things that we offer to these “wholesalers” is flat-fee pricing, which allows them to monitor 100% of their traffic 24/7. There are other verification companies that provide solutions for the supply side and DSPs but per-CPM pricing structures are limiting and often forces these parties to pick and choose which campaigns or inventory to monitor in order to keep costs manageable (they have to monitor billions of impressions a month as opposed to an advertiser or brand that may only have to look at a few million). Often, only the most expensive traffic is monitored, leaving the rest open to fraud. We also believe that data is key in the fight against ad fraud and allow our clients full access to all of their data via API. This makes it possible for them to fully analyze and optimize their inventory and their supply and publisher partners. It also allows them to customize how they use their data in whatever way it works best for them.

What is your take on the ad fraud occurring for ads bought programmatically, and the fraud occurring for mobile app installs?

Regarding programmatic ad fraud and fraudulent mobile app installs, app installs are more difficult to do so it takes a more sophisticated, patient fraudster as the process takes longer, but it’s also more lucrative. And because there is more money to be made on each install, it tends to be scrutinized more. In terms of volume, programmatic is a bigger volume game with billions of impressions while app installs only number in the millions. Basically, programmatic fraud is a lot easier to do, any beginner can easily set up a fake website and drive fake traffic to it, but the payout is lower. App install fraud is more involved and meticulous but if they can pull it off, the payout is much greater.

Lastly, what do you see as the future of how the industry fights ad fraud?

What we would like to see is fraud filtered out from the supply side of the programmatic ecosystem, where it enters the system and before it makes its way down stream to the brands and advertisers. The industry has traditionally fought ad fraud from the demand side but that’s like playing whack-a-mole, and an advertiser will never win. If the industry is serious about eliminating fraud, we need to monitor 100 percent of traffic, not just the highest-paying CPMs, and we need to do it from the supply side.

Topics: Programmatic RTB