Tools Of The (Ad Fraud) Trade – Forbes

https%3A%2F%2Fspecials ProxyEgg Tools Of The (Ad Fraud) Trade - Forbes

Over the years, many ad fraud deniers have come out of the woodwork to attack my research and me personally. They say I’m deliberately overblowing ad fraud for personal gain, and that ad fraud is low and going lower. National trade associations publish reports that claim ad fraud is 0.63% when using their “certifications.” What they don’t tell you is that most of those are certified through “self-attestation” where companies complete their own paperwork, pay the fees, and promise to follow the guidelines. Of course, it’s understandable that these trade organizations need to make their anti-fraud programs appear to be successful, so members keep paying dues. But those programs actually didn’t work and ad fraud is at all time highs, both in dollars and in rate). See Trade Associations Fought Ad Fraud, But Accidentally Helped It Get Bigger

But don’t take my word for it — that ad fraud is still rampant. How do I know? Let me show you some tools of the (ad fraud) trade that are so widely available that anyone can “get in on it” and make money from digital ad fraud today. See: A CNBC Reporter, Meg Graham, Set Up A Fake Site and Started Running Ads  

Sourced Traffic – Humans or Bots?

Let’s start with the easiest thing you can do — do a Google search for “buy quality traffic” or any variation thereof. Say you’re a site owner and you want to make more ad revenue, but your site gets very little actual traffic (i.e. from humans visiting). What do you need to drive more ad revenues? More traffic! When you search for places to “buy traffic” there are literally tens of thousands of vendors willing to sell you traffic.

Do you assume all this traffic is from real humans? I bet you did. But ponder this for a moment: are there a whole bunch of humans with nothing to do who will visit your specific site when some traffic vendor tells them too? (How would that vendor get word out to them anyway; and why would they visit your site, instead of millions of others?) Humans may not visit on command; but bots will. That’s what they are designed for. Bots are software programs that can be instructed to repeatedly load webpages – to the exact number of pageviews that were purchased. See the slide below. I’ve been saying for years that traffic vendors can sell you all kinds of “traffic” and you can even select the “quality” level. Higher “quality” means the bots work harder and fake more things (like mouse movements, page scrolling, and clicks), so they defeat fraud detection and get marked as “valid.” Keep in mind that “valid” does not mean “human” — it just means those bots were not detected to be “invalid” by the fraud detection tech companies. Even if you’re buying “valid” traffic; you’re still buying traffic created by bots.


Low Prices, Lots of Features

In addition to “quality,” note the prices, which range from $0.007 to $0.012 per click. These translate into $7 – $12 CPMs (cost per thousand). These are very expensive, but you have to pay more for the more advanced bots. Fraudsters are usually engaged in simple arbitrage – “buy low, sell high.” If they can buy traffic at a lower CPM than they can sell their ad impressions, they’ve pocketed the difference. They use the more expensive traffic when targeting high value advertisers like pharmaceutical companies and financial institutions willing to spend 10s of dollars on CPMs.   

Another traffic vendor has very detailed packages (see screen shot, right), which include things like unique IP addresses for each pageview, residential IPs to disguise the traffic and avoid being blocked, Google Analytics and Alexa ranking manipulation, night and day volume changes, page depth (number of pageviews per visit). All of these parameters can be tweaked to make the traffic appear to be real.

But we know the traffic is not from real humans, just made to appear to be that. Note the huge surge in traffic volume at the end of the month. This is called “end of month traffic fulfillment.” Some sites guaranteed buyers a specific amount of traffic and ad impressions; they’ve probably even sold it as such. If they are running behind on their quantity numbers, there is enormous pressure to fulfill the guarantee. If there aren’t enough humans to visit the site, they turn to ever-reliable bots to do the job – so they can “hit their number.” 

Bots in Disguise

Another tool that is widely used is “residential proxies.” These allow the bot makers to “bounce the traffic” through residential IP addresses to disguise it. If the traffic were obviously from Amazon data centers, it could easily be blocked by fraud detection. By making the traffic appear to come from millions of different residential IP addresses, the fraudsters avoid getting blocked, so they can continue making money from selling fake traffic and ad impressions. 

Here’s a guide that someone published that helps hackers/fraudsters disguise their headless chrome implementations. “Headless” means no screen. It’s a full Chrome browser that has all the functionality, but it is run in a data center like Amazon Web Services. Many copies of this can be remotely controlled to do exactly what the bot masters want them to do — from simply loading webpages, to doing more advanced things like scrolling the page, moving the mouse, clicking on ads, etc.

IntoliMaking Chrome Headless Undetectable

Software You Can Run At Home

In addition to bots from data centers, script kiddies can create wew traffic with software programs loaded on their own computers. Below is an example of such a program — called Vebsite Viewer. The “pro” version allows you to rotate among hundreds of referrers (sites that the traffic appears to have come from), browser agents (the type of browser), and the IP address (like residential proxies above). By disguising the traffic in this way, the traffic and thus the ad impressions appear to be valid, and sellable on the ad exchanges. The fraud detection reports will say fraud is low (because it was simply not detected).

How Much (Volume) Did you Say?

If the above still isn’t enough to convince you that ad fraud is rampant (but simply not detected by current fraud detection technologies), let’s look at an example of the volumes that traffic vendors are able to generate and sell. Because none of this traffic involves real humans, it is literally unconstrained by actual humans (7 billion on planet earth) or the actual time humans spend online and using devices. Below is a screen shot from a traffic vendor selling 94 billion monthly “pop” pageviews — pop-unders that users do not know about and didn’t activate themselves. Most of this kind of traffic occurs on porn and piracy sites.

But just like above, the vendors disguise the traffic (e.g. by declaring the referring website) so the porn sites don’t show up in the placement reports advertisers get at the end of the month. This traffic may even be marked as “valid” since it may have occurred on a real user’s device. The volumes are also easily “juiced” by using bots and other techniques.

Further, code examples from below and companion video show how some of the traffic laundering is done. “This [disinfo] site takes advantage of hidden pop-unders, which are triggered when you click any link on their site. Clicking any link will send you to the brand safe site, which has PLENTY of advertisements for high paying brands. In just one visit, we saw ads for Fortnite, BMW, Dasani, Petco, and more; check out the video below to see the whole user journey.”

Hopefully, by seeing some of the actual tools and techniques used by fraudsters to generate enormous quantities of ad impressions and disguise them to appear to be “valid” you will realize that ad fraud is still alive and well. Ad fraud deniers are free to continue sticking their heads in the sand; but real marketers should look more closely at whether their digital ad budgets are truly driving more business outcomes. If you’re thus inclined, here are a few more articles to continue reading.

Further Reading:

Common Sense Approach to Auditing for Ad Fraud

Can You Optimize Digital Ads With A Pinch Of Common Sense?


Source of this news:

Related posts:

Form 424B3 Nuvve Holding Corp. -
News and research before you hear about it on CNBC and others. Claim your 1-week free trial to StreetInsider Premium here. Filed Pursuant to Rule 424(b)(3) Registration No. 333-254718 PROSPECTUS SU...
10 of the best Best (and Worst) Browsers for Privacy - WRCB-TV
Larger-than-life is a unique, secure web browser that streets ads, trackers, fingerprinting, cryptomining, and more. Epic routes every one of the web traffic through a proxy host that automatic...
Replacement AdLoad malware variant bypasses Apple’s XProtect defenses - Illinoisnewstoday. com
A new AdLoad virus attack variant has slipped throughout Apple’s YARA-signed-based XProtect built/in antivirus to infect Apple computers as part of multiple campaigns encountered by cybersecurity fi...
Benchmarking Broadband ISP Speed Testers On a 10Gbps Line -
At one point or another, most UK people will have probably attempted to run a web-based speed test on their broadband connection, but have you ever wondered how well some of the most popular speed te...
Alta Turismo 7 Appears from Nvidia GeForce Now Outflow (Updated) - GTPlanet
Algorithm change: Nvidia contains responded to the leak, exclaiming that the list of titles to your platform is “used just for internal tracking and testing”, and that the inclusion of a lot ...
How to Rotate the Screen on Windows 10 - Windows Report
by Andrew Wafer Author Andrew is not just trying to bring you closer to Windows, but he's truly interested in this platform. He just happens to be passionate about sharing that knowledge...
Private Proxy: Expectations vs. Reality - The Future of Things
A proxy server is an essential part of how we use the Internet and a very useful tool for accessing unauthorized content. It is an intermediary between the user and the website that facilitates web s...
What Is A Proxy Server: Everything You Have To Know -
Business is good because anyone can start their own business from scratch. People can design and build their products to suit their liking. Then connect with suppliers, manufacturers, and dis...
Best Proxies and Proxy Server Providers 2021 - Android Central
Online security is a hot issue for an important reason — who wants to be tracked while they're browsing online? It's reassuring to know that your online activity is protected and kept private for sev...
Blackmagic Design Announces DaVinci Resolve 18 - Business Wire
FREMONT, Calif.--(BUSINESS WIRE)--Blackmagic Design today announced DaVinci Resolve 18, a major new cloud collaboration update which allows multiple editors, colorists, VFX artists and audio engineer...
Waikato cyberattack: Servers in question not culprit, DHB says - RNZ
A set of Waikato District Health Board servers were at end-of-life and unpatched when hackers struck in the early hours of 18 May, a source claims. A sign at Waikato Hospital in May. Photo: RNZ /...
US Government Blames China For Microsoft Exchange Hack - CRN
The Biden administration has formally accused hackers affiliated with China’s Ministry of State Security (MSS) of exploiting Microsoft Exchange Server vulnerabilities in a massive cyberattack. The U...
PolarProxy 0.9 Released - Security Boulevard
PolarProxy was previously designed to only run as a transparent TLS proxy.But due to popular demand we’ve now extended PolarProxy to also include a SOCKS proxy and a HTTP CONNECT proxy.PolarProxy a...
Inflation Nightmare Keeps Getting Worse: Producer Prices Break Out. Inflationary Mindset Rules - WOL...
Services PPI and Core PPI spike. By Wolf Richter for WOLF STREET. The Producer Price Index for Final Demand spiked by 1.4% in March from February, and by 11.2% from a year ago, both t...
What Happened on Day 36 of Russia’s Invasion of Ukraine - The New York Times
KRAKOW, Poland — Facing deeper isolation by the day over the Ukraine war, Russia seemed to slightly recalibrate its stance Thursday, allowing greater humanitarian access to the devastated port city o...
Network Server Management: LogicMonitor vs. ManageEngine OpManager | ENP - EnterpriseNetworkingPlane...
A server is a computer or system that is designed to behave as a repository and provide computing resources, services, data and programs to other computers (clients) connected to the network. Technic...
Virus Concerns Complicate Capitol Hill's Return-to-Office Plans | Bloomberg Government - Bloomberg G...
Warnings that lawmakers should again don masks in response to the Covid-19 delta variant’s threat threw another monkey wrench into attempts to resume normal operations on Capitol Hill and raised fres...
Proxy Chrome Extension – Installation Guide - Alpha News Call
A study conducted in 2018 revealed that approximately 26% of global internet users hide behind a virtual private network (VPN) or proxy while on the internet. While the percentage has grown signific...

IP Rotating Proxy Onsale


First month free with coupon code FREE30