A digital marketer knows online advertising is critical to a company's strategy to attract new customers. Finding the right audience, whether through Google ads, a Facebook campaign, or an industry-relevant blog, can make the difference. Online advertising is growing by leaps and bounds: $378B was spent in 2020 alone, and spend is expected to reach $646B by 2024.
In years past, much of digital advertising was reliant on information derived from third-party cookies, which capture user-level browsing data. But now, the Internet is moving toward a cookie-less future. And that affects how companies can advertise.
Marketers must be vigilant about where their spending is going. Campaign success goalposts move continually, so ad spend dollars can be misused––so much so that up to 74% of total media spend is wasted. Dollars lost specifically to ad fraud are set to exceed $50B globally by 2025, according to the World Federation of Advertisers.
Ad Fraud Isn't Always Obvious
The most immediate consequence of fraud is wasted advertising budgets with no results. But there could be unseen implications as well: If reporting data is riddled with inflated numbers as a result of false clicks or impressions, it can skew performance metrics and give marketers a false sense of what works in their advertising.
Fraud can also negatively affect future campaign planning. If marketers make future ad spend decisions based on skewed campaign metrics, they could end up investing in campaigns that aren't set up for success, potentially leading to more wasted ad spend down the line.
But the issue goes beyond recouping losses caused by bad actors. Where fraud can really hurt a company is in wasted workforce hours. If a cybercriminal injects clicks or engages in pixel-stuffing, there's a good chance someone on the sales team spent time chasing poor quality leads instead of closing active deals.
The more businesses spend on digital advertising, the more they can lose. Compounding the problem of the bad actors themselves is that some popular advertising players have been accused of knowingly misrepresenting the potential reach that ads on their platforms deliver, either because of duplicate accounts, bots, or problems with various measurement tools.
Smarter criminals and more sophisticated schemes mean that companies need to know how bad actors take advantage of media platforms and third-party vendors to find any possible loophole.
Five Tactics Used in Digital Advertising Fraud
Marketers and business leaders must stay vigilant in the fight against ad fraud, including the following five common fraudulent tactics.
1. Cookie-stuffing
Cookie-stuffing is effectively "cramming" a browser with multiple affiliate tracking cookies, so if a visitor goes to a website with an affiliate code, the metadata will carry over. Hence, a merchant affiliate marketing program gives credit to the bad actor, creating misattribution that can consume ad spend and hurt affiliates because the entity committing fraud is stealing leads and sales.
Cybercriminals can hijack a site and transform it into their own pirated pop-up–– or infect an existing pop-up with malware that floods affiliate partners with ghost clicks when the site opens.
Another common way to cookie stuff is through JavaScript: A window pops informing users that their "JavaScript isn't up to date" and prompts them to download a new version. It's easy to push malicious code between the redirects.
2. Domain-spoofing
Domain-spoofing is the creation of a website that looks like another renowned—and more valuable—site. By creating a false version of a site, cybercriminals trick advertisers into paying a premium based on the name, despite ad traffic not matching the domain's credibility.
Two red flags to look for if a third-party vendor offers an ad rate that's too good to be true:
- Cost per mile (CPM) is too low for a top tier site
- The domain owner isn't selling ad space in a real-time (RTB) auction
A spoofed top-tier domain can place display inventories in multiple ad exchanges, as well as video ads on other exchanges—even if the spoofed vendor doesn't sell programmatic video ads. That lets fraudsters make large sums of money by claiming they're an institution they're not, whereas companies are none the wiser.
3. Click injection
Cybercriminals put malware on user devices, which generate clicks on ads across channels such as Google or Facebook that inflate spending. An infected device is known as a "botnet"; a developer makes a junk app that facilitates background downloads. The app continuously clicks third-party affiliate ads, which earn the app money, but cost businesses.
Click injections come in many forms such as auto-change wallpapers or flashlights. The app seems harmless and is usually available in an app store for free. Android users are especially at risk for this kind of fraud as a consequence of their "install broadcasts," which are signals sent by apps that automatically update.
The malicious app will keep installing and reinstalling if the model is Cost Per Installation, which sees the advertiser spending a lot of money on banner ads that were supposed to be in-app for users to see holistically. Instead, the app is running over and over, costing them big money while no actual users are clicking.
4. Pixel-stuffing
Pixel-stuffing takes a 1x1 area on a site and buries multiple ads in the background. That takes advantage of impression-based marketing programs by users' unknowingly interacting with the website, earning the cybercriminal the impression credit.
Pixel-stuffing happens on mobile pages where the ad is so small most users don't even see it, but it still counts as a viewed impression. Because of that "in plain sight" strategy, the fraud can be repeated more than once on the webpage.
5. Geo-masking
Depending on the site and continental location, campaigns have varying budgets. What people might be willing to spend in Southern California, they might not be ready to spend in Sacramento. Geo-masking hides the generated lead location by spoofing an IP address that drives up the price, making a lead look more valuable so the criminal can charge advertisers more.
A cybercriminal can break down even more affluent areas of a city and base ad rates on that demographic with location swapping. Although the company thinks it's getting a high-dollar end user, it could be getting someone with less disposable income who's not the right target for its product's price point.
Companies Can Fight Fraught by Using Media Intelligence
How can companies keep up with digital ad fraud and the many other challenges in the media advertising landscape?
Media Intelligence, PwC's programmatic media analytics platform, consolidates media transactions and analyzes them within a single platform, so you can react faster to campaign dynamics and identify areas of waste and fraud. You can see a breakdown of where clicks are coming from and how campaigns are performing at a granular level.
Media Intelligence offers powerful visibility into the disparate parts of digital and programmatic media investments.
If you'd like to learn more about how Media Intelligence can help your company fight ad fraud, click here to schedule a demo.