The Ultimate Guide to Video Ad Fraud
Marketing | July 22, 2020
Remember TV ads? Yeah, they’re still out there but with the rise of online advertising and Netflix, TV ad revenue has been steadily declining for years. On the other side of the coin, online video advertising is booming, with an estimated $29.24 billion spent in the USA alone in 2019.
From YouTube, Instagram, and Facebook to native advertising platforms, video ads reach the parts of the consumer base that text ads just can’t touch.
The history of video ad fraud
Video advertising goes back to the 1940s, with ads extolling the health benefits of cigarettes. Of course, a lot has changed since then.
Fast forward more than half a century.
With the launch of YouTube in 2005, on demand video was born. Just over a year later, in 2006, Google bought YouTube for the princely sum of $1.5 billion.
Today, Google makes that much roughly every two weeks, and YouTube makes Google around $15 billion a year. So that pocket money investment by the search behemoths has certainly paid off.
It actually wasn’t until 2009 that YouTube started showing ads in video, with pre-roll (video ads before the main event) and text banners overlaid.
Meanwhile, in another corner of Silicon Valley, the team at Facebook were busy wondering how they could make money from their huge user base. In 2007, Facebook introduced advertising on their platform. However, it’s not until 2013 that Facebook unveiled video ads on their platform.
Of course, wherever money goes, fraud is sure to follow.
There are many cases of video ad fraud. In one example, a large fraud scheme drained users’ batteries and data by running hidden video ads in Android apps, reported in Buzzfeed in 2019. In another case, Buzzfeed uncovered a site owner who had 12 sites that earned revenue from fraudulent video views. Another key player was a former employee of a large ad network who ran a group of eight sites that were part of the fraud. This saw more than 100 brands have their ads fraudulently displayed on the sites, and roughly 50 brands appeared multiple times. The sites showed a constant stream of video ads barely interrupted by actual editorial content. In some cases, the sites showed more than one video ad at the same time in order to increase revenue, forcing brands to block the sites from their ad buys.
Anti-PPC fraud software started popping up in the early 2010’s, as marketers became aware that there was a real problem with fraud in their video ads.
To understand how video ad fraud affects marketers, you need to understand how this type of PPC fraud works.
How video ad fraud works
Today you can run video ads on a multitude of PPC networks. Google Ads is by far the biggest platform, with 96% of marketers planning to use the platform in 2020. What makes video advertising so powerful is the opportunity to present a video ad in feed on some of the world’s biggest websites.
You might be reading the news, or looking up the showtimes at your nearest cinema, and right there in your eye line is a video ad that plays automatically. Again Google offers the biggest choice of placements for video advertising.
But it’s not just Google offering video ad placement on the world’s most visited websites. Microsoft Advertising (aka Bing Ads), Verizon Media Native (aka Yahoo Gemini) and the native ad platforms.
The way these can be defrauded is usually by websites offering placement. These publishers might look like genuine websites, but are in fact designed solely with the intention of hosting as many video ads as possible with the intention of fraudulently collecting payouts on impressions.
Even if a human visitor did chance upon the website in question, they would most likely be unable to see any ads due to the presentation formats. These include:
Multiple videos are stacked in the same viewer window. The publisher collects a payout on all of the video impressions, even if only one video is visible. For those really unscrupulous publishers, they can have multiple windows all packed full of videos.
Also known as iFrame stuffing, the video ad is played in a display that isn’t visible to the human eye, normally 1×1 pixel.
Below the fold auto-play
The advertiser pays for impressions based on the amount of times the ad is played. Fraudulent publishers can do sneaky things like stack video displays at the bottom of their site, or below the initially viewable area (below the fold) and make them play automatically. They collect a payout, yet the video is most likely not viewed by the visitor.
A growing threat is apps that are designed to perform ad fraud. A good example is the DrainerBot malware which found its way into 10 million devices around the world and was used to watch video ads without the users knowledge.
Probably the easiest way for any publisher to collect a payout is to inflate the traffic on their website. It’s shockingly easy to buy fake traffic, with websites online offering things like “10,000 Genuine USA visitors for ONLY $10”.
The “genuine” and “USA” are almost definitely not true. Traffic will most likely come from a sophisticated botnet designed to perform what looks like genuine human activity on websites such as scrolling and mouse clicks. It will also probably be routed through a VPN to make it seem as if it is coming from the USA (or any other specific country).
And yes, it is easy to find this traffic for that low price. Just search online for ‘buy website traffic’.
Traffic or impression fraud
OK, yes impression fraud is another name for video ad fraud. You may also hear terms such as CPM fraud (cost per mille/thousand views) or CPV fraud (cost per view).
I recently stumbled upon a quite interesting practice when speaking to an online traffic reseller. Some marketing agencies will offer to get a certain volume of clicks or views on paid ads for advertisers, but if there is a shortfall they will make it up with fake traffic.
Is this practice widespread? It’s hard to say as it was only in conversation with one traffic reseller, but it definitely isn’t a one off.
What PPC networks do to prevent ad fraud
Well, you’ll be pleased to hear that all of the PPC ad platforms are aware of the threat of ad fraud and do have processes in place to prevent it.
The bad news? Them sneaky fraudsters quickly find a way to get around those processes.
Specific examples of the processes that are used are:
This simple text list of approved publishers is added to any website running pay per click (PPC) ads. The theory is that every advertiser adds websites that they are happy for their ads to appear on, and fraudulent publishers won’t get added.
The problem? Not everyone uses ads.txt, so fraudulent publishers can still create spoofed websites to host ads.
Another problem? Ads.txt has already been breached by the 404bot, which actually takes domains from an advertisers list and creates a composite domain name that fools the system.
Google Play Protect
With the growth of malware on the Google App store, the big boys had to do something to stem the flow. Play Protect is Google’s way of verifying apps aren’t full of malware, which has been, mostly, fairly successful.
The problem? Programmers have found a way of loading malware into apps by ‘sideloading’, or adding some additional code via an update.
This has resulted in ad fraud malware such as Tekya and the aforementioned DrainerBot. So, although the Google Play store is harder to infiltrate by dodgy developers, it’s not impossible for those who are determined.
Every PPC platform with a publisher network usually needs sites to be approved before they can host ads. There is little consistency between platforms, so one might run some tight checks whereas another might have a small team run a cursory analysis and leave it at that.
This does filter out the obvious fraudulent sites, but the problem now isn’t the obvious sites. Often there is a complex process of site spoofing, re-routing traffic through servers, and remixing URLs to confuse the filters.
Violation of terms
PPC platforms know that ad fraud is a big problem and, generally speaking, take a pretty hard line against publishers who violate the terms and conditions. Advertisers can report sites that they think are providing suspicious traffic or violating terms in other ways.
It’s worth bearing in mind that a burst of fake traffic from one website doesn’t necessarily mean that site is fraudulent. They themselves could have fallen victim to some sort of fraud or have been hit by bots.
Keep an eye out for regular suspect activity, such as high bounce rates and massive peaks and troughs in activity.
How can you avoid fraud in your video ads?
There is no denying that video ads are an effective advertising medium, and their popularity is increasing. Paying per thousand impressions can quickly add up, especially if you’re seeing a high volume of impression fraud on your videos.
What can you, as an advertiser, do to minimize your exposure to video ad impression fraud?
The first thing is to use ads.txt and keep your list updated. Make sure to remove outdated websites and keep track of those that perform badly or seem to channel high volumes of fraudulent traffic.
Anti-PPC fraud software is the only surefire way to avoid clocking up fraudulent impressions on your video ads.
How does it work?
CHEQ For PPC is a click fraud solution that analyses over a thousand user and network parameters in real-time, to determine if traffic is fraudulent. Common fraud practices like ad stacking and non-viewable ads are quickly filtered out, and bot traffic filtration is best in class. It works to block invalid clicks and fraud, including for YouTube campaigns.
If you need to be assured that you’re getting the best protection, CHEQ offers an award-winning and comprehensive ad fraud protection package.
Want to protect your sites and ads? Click here to Request a Demo.