Ad Fraud An Overview Ash Kalb CoFounder October

  • Slides: 33
Download presentation
Ad Fraud: An Overview Ash Kalb, Co-Founder October 22, 2021

Ad Fraud: An Overview Ash Kalb, Co-Founder October 22, 2021

Ad fraud is (at least) a $6 billion per year problem. 2

Ad fraud is (at least) a $6 billion per year problem. 2

Not all of that money goes to the bad guys. 3

Not all of that money goes to the bad guys. 3

But advertisers probably shouldn’t be sending a billion dollars a year to organized criminals.

But advertisers probably shouldn’t be sending a billion dollars a year to organized criminals. 4

And they don’t want to be. 5

And they don’t want to be. 5

This is the reason real people’s computers are being broken into. 6

This is the reason real people’s computers are being broken into. 6

Today, ad fraud is the most effective and profitable way to monetize a botnet.

Today, ad fraud is the most effective and profitable way to monetize a botnet. 7

It’s not a solved problem, and not part of the noise or priced in.

It’s not a solved problem, and not part of the noise or priced in. 8

52% BOTS WHAT WE FOUND BOT FRAUD IS NOT EVENLY DISTRIBUTED INCREASE BOT TRAFFIC

52% BOTS WHAT WE FOUND BOT FRAUD IS NOT EVENLY DISTRIBUTED INCREASE BOT TRAFFIC 23% 11% DISPLAY 17% PROGRAMMATIC INVENTORY The Bot Baseline: Fraud in Digital Advertising. White Ops and ANA, 2014. DECREASE EFFICACY VIDEO SOURCED TRAFFIC 9

WHAT WE FOUND “SOURCED TRAFFIC” IS MORE BOT THAN HUMAN AVERAGE BOT PERCENTAGE The

WHAT WE FOUND “SOURCED TRAFFIC” IS MORE BOT THAN HUMAN AVERAGE BOT PERCENTAGE The Bot Baseline: Fraud in Digital Advertising. White Ops and ANA, 2014. 10

Wait; what’s sourced traffic? 11

Wait; what’s sourced traffic? 11

Let’s put on our black hats and look at how the bad guys make

Let’s put on our black hats and look at how the bad guys make money

There are two ways the black hat hackers get paid

There are two ways the black hat hackers get paid

…with fake sites.

…with fake sites.

…with fake sites. & …when real sites need more traffic.

…with fake sites. & …when real sites need more traffic.

Sourced Traffic $ One site paying another to send more traffic

Sourced Traffic $ One site paying another to send more traffic

Sourced Traffic $ especially Sourced traffic is usually botty traffic (even for premium sites)

Sourced Traffic $ especially Sourced traffic is usually botty traffic (even for premium sites)

PREMIUM PUBLISHERS ARE UNDER TREMENDOUS PRESSURE TO: Hit revenue targets Deliver e. CPM growth

PREMIUM PUBLISHERS ARE UNDER TREMENDOUS PRESSURE TO: Hit revenue targets Deliver e. CPM growth Maintain com. Score audience growth 19

WHEN SECURING AN IO FOR A BUY, PUBLISHERS RARELY GO BACK TO THE AGENCY

WHEN SECURING AN IO FOR A BUY, PUBLISHERS RARELY GO BACK TO THE AGENCY AND SAY “SORRY, I CAN’T FILL YOUR WHOLE ORDER. ” 20

INSTEAD, THE PUBLISHER AGREES TO THE IO, THEN TURNS TO 3 RD PARTY TRAFFIC

INSTEAD, THE PUBLISHER AGREES TO THE IO, THEN TURNS TO 3 RD PARTY TRAFFIC SUPPLIERS TO BUY TRAFFIC. 21

THESE PUBLISHERS DO NOT KNOW THEY ARE BUYING FAKE TRAFFIC; THEY ARE DOING SO

THESE PUBLISHERS DO NOT KNOW THEY ARE BUYING FAKE TRAFFIC; THEY ARE DOING SO INADVERTENTLY. 22

BOTS DISGUISE THEMSELVES AS REAL PEOPLE WHAT WE FOUND Bot source by IP Address

BOTS DISGUISE THEMSELVES AS REAL PEOPLE WHAT WE FOUND Bot source by IP Address The Bot Baseline: Fraud in Digital Advertising. White Ops and ANA, 2014. 23

? WHAT WE HEAR A LOT… 24

? WHAT WE HEAR A LOT… 24

1. “But I only buy direct via premium publisher relationships; they don’t have bots”

1. “But I only buy direct via premium publisher relationships; they don’t have bots” 25

2. “The bots are priced in and get optimized out like any other waste

2. “The bots are priced in and get optimized out like any other waste gets optimized out” 26

3. “But I only buy on actions via attribution. Bots can’t fake attribution. ”

3. “But I only buy on actions via attribution. Bots can’t fake attribution. ” 27

4. “But I’m already protected from bots – we’re running ACME Audience Verification” 28

4. “But I’m already protected from bots – we’re running ACME Audience Verification” 28

OLD DEFENSES ARE NOT SOLVING THE FRAUD PROBLEM Predictive defenses do not catch the

OLD DEFENSES ARE NOT SOLVING THE FRAUD PROBLEM Predictive defenses do not catch the newest bots Statistical, big data analytics do not catch the most sophisticated bots Auditing and spot checks do not expose evasive tactics Making assumptions about traffic quality leads to preventable losses 29

New attacks easily defeat NEW ATTACKS EASILY DEFEAT defenses traditional TRADITIONAL DEFENSES Evolving Threats

New attacks easily defeat NEW ATTACKS EASILY DEFEAT defenses traditional TRADITIONAL DEFENSES Evolving Threats Bot-cloaking mechanics Advertising malware Ad injection Ongoing 0 -day attacks Old Defenses Prediction Statistics-based analytics Auditing Assumptions Cyber security agnostic approaches 30

EVOLVING ATTACKS THREATEN THE DIGITAL AD ECOSYSTEM Cloaked bots use incentivized traffic to fool

EVOLVING ATTACKS THREATEN THE DIGITAL AD ECOSYSTEM Cloaked bots use incentivized traffic to fool stakeholders Malicious Toolbars consume inventory behind the scene Injected Ads harm everyday computer users and publishers Browser 0 -Day Attacks cause unanticipated fraud in campaigns 31

3 REALLY IMPORTANT THINGS TO REMEMBER Bot fraud is the #1 monetization engine of

3 REALLY IMPORTANT THINGS TO REMEMBER Bot fraud is the #1 monetization engine of botnets worldwide Bot fraud is the most scalable form of ad fraud, ever, and always will be Not all bot detection is created equal 32

Thank you! www. whiteops. com 33

Thank you! www. whiteops. com 33

Fraud Discharge Remedies fraud Fraud omnia vitiate fraudFraud Discharge Remedies fraud Fraud omnia vitiate fraud
Viej kalb rys Viej kalb rys Informacins ApeliacinsViej kalb rys Viej kalb rys Informacins Apeliacins
INDOEUROPIEI KALB EIMA Indoeuropiei kalb eim sudaro 11INDOEUROPIEI KALB EIMA Indoeuropiei kalb eim sudaro 11
Europos kalb mozaika 2018 m birelis Europos kalbEuropos kalb mozaika 2018 m birelis Europos kalb
FRAUD FRAUD REPORTING SFIO COMPOUNDING GP Madaan CoFounderFRAUD FRAUD REPORTING SFIO COMPOUNDING GP Madaan CoFounder
FRAUD FRAUD REPORTING SFIO COMPOUNDING GP Madaan CoFounderFRAUD FRAUD REPORTING SFIO COMPOUNDING GP Madaan CoFounder
Steve Jobs Cofounder of Apple Bill Gates CofounderSteve Jobs Cofounder of Apple Bill Gates Cofounder
Cofounders Perry Chen CEO Cofounder Charles Adler CofounderCofounders Perry Chen CEO Cofounder Charles Adler Cofounder
Fraud Got Fraud The Prevention of Business FraudFraud Got Fraud The Prevention of Business Fraud
FRAUD COMPUTER FRAUD Fraud Penipuan Deception Pencurian penggelapanFRAUD COMPUTER FRAUD Fraud Penipuan Deception Pencurian penggelapan
Fraud The Environment of Fraud Preventing Internal FraudFraud The Environment of Fraud Preventing Internal Fraud
Fraud Investigation Fraud Examination Early Fraud Detection ThreeFraud Investigation Fraud Examination Early Fraud Detection Three
RISIKO FRAUD KULIAH 9 DEFINISI FRAUD Fraud kecuranganRISIKO FRAUD KULIAH 9 DEFINISI FRAUD Fraud kecurangan
FRAUD MATTERS FRAUD AWARENESS FOR SCHOOLS Counter FraudFRAUD MATTERS FRAUD AWARENESS FOR SCHOOLS Counter Fraud
HYSPLIT Volcanic Ash Who cares about volcanic ashHYSPLIT Volcanic Ash Who cares about volcanic ash
M L FLY ASH Power Fly Ash forM L FLY ASH Power Fly Ash for
Ash Seed Collection and Emerald Ash Borer EABAsh Seed Collection and Emerald Ash Borer EAB
Dr Ash Alizadeh Stanford School of Medicine AshDr Ash Alizadeh Stanford School of Medicine Ash
Emerald Ash Borer in New Jersey Emerald AshEmerald Ash Borer in New Jersey Emerald Ash
ASH Masters ASH SQL Query Repository Kyle HaileyASH Masters ASH SQL Query Repository Kyle Hailey
ASH Cotonou octobre 2017 1 ASH Adaptation scolaireASH Cotonou octobre 2017 1 ASH Adaptation scolaire
ASH ANALYSIS v Definition Ash refers to 1ASH ANALYSIS v Definition Ash refers to 1
Projet ASH 25 Herv PROJET ASH 25 EchProjet ASH 25 Herv PROJET ASH 25 Ech
Ash Demon The Ash Demon is one ofAsh Demon The Ash Demon is one of