We tend to see this quite often in the advertising industry. In 2014, digital ad spend topped $50 billion, as reported in The Wall Street Journal, but $6 to $18 billion of that was lost to click fraud. It's no wonder illicit publishers are looking to get a cut of this lucrative industry. Every day, these fraudsters create nefarious schemes to steal from advertisers.
From incredibly creative to deeply disturbing, here are some of the sneakiest publisher tricks the internet has to offer.
1. Hijacked mail servers
It's not uncommon to run software on our personal devices to keep malware, spyware, bots, etc., off our machines. Most of us do a good job of it, but some don't, increasing the chances of their device becoming part of a bot network. One commonly overlooked resource is your internal mail server.
Mail servers typically do not see routine check-ups unless there is an issue with increased spam, slower processing speeds, or down email systems. This creates the ideal breeding ground for fraudulent activity. Recently, government agencies, colleges, and local small businesses were found to be infected with botnets. Fraudulent activity sees no boundaries and will attach itself to any size network with an exposed loophole.
2. Commandeering big brand URLs
Plugins are an attractive solution to help manage daily tasks succinctly and efficiently. However, they're also particularly attractive to fraudsters. Many big brands' efforts were thwarted with the introduction of plugins designed to swap the click URL on the returning search page.
These brands offer affiliate programs that anyone can sign up for. Their affiliate programs drive traffic to their specific affiliate URL, and the affiliate makes money off of purchases made from their unique URL. Amazon offers one such affiliate program that gives you a unique code to track users, and a commission payout as high as 10 percent.
How does it work? Say you do a search on Google and an Amazon listing shows up. These plugins can read the source code of the page, find the Amazon links, and alter them to contain the affiliate code. Now, a user won't see anything different, but if they click on that Amazon link, the plugin owner will get credit for that visitor instead of Amazon crediting their own marketing efforts. This version of fraud has the potential to line pockets with millions of dollars in revenue across several affiliate programs.
Big brands took note of failing search engine marketing efforts, noting larger than ever affiliate checks, leading to the discovery of these plugins. Today, they're easier to spot and aren't as prevalent, albeit they historically attract spammers and fraudsters.
3. You'll communicate with the dead
Catfish is a term popularized by an MTV series of the same name. It's a clever way to describe a person pretending to be someone they're not. Popular with online romances, catfishing has started to cross over into the ad fraud space. We recently saw this firsthand with a young lady named Rebecca Astley. She was looking to provide a Yahoo shopping feed to our business development team.
After a few Skype conversations, something seemed off. The spelling of Astley's last name on LinkedIn changed slightly, and she repeatedly asked the same questions. Sure enough, suspicions were confirmed with a reverse lookup of the image provided on the Skype and LinkedIn profiles. Astley was using an image of someone else: Allison Owens, a young lady who had passed away several years ago.
In order for publishers to communicate with ad networks and their advertisers, they have to prove their identity. Publishers create user profiles to talk to networks about account creation, support, and payments. It's typical of both legitimate and illegitimate publishers.
But if you're an unlawful publisher, that won't work. So how else do you connect with businesses? By hiding your reputation. Fake profiles aren't new, and identity theft is not uncommon. Be that as it may, many do not stoop as low as using images of the deceased.
4. Turn up the volume and it will click-click
Approximately 36 percent of all web traffic is considered to be bot-traffic. Ad fraud protection companies know to look for certain metrics, including mouse movements, and sneaky publishers know to make their fraud look natural.
Years ago, I discovered a publisher that had no conversion value, but had traffic results that showed normal human movement until it clicked -- literally. While navigating through their website I heard "click-click" whenever I clicked my mouse. I surely wasn't double clicking, so unless my ears were deceiving me, I was certain some foul play was involved. I prompted my team to help me take a closer look at the publisher's site, and to no surprise, the publisher was fraudulent.
Hidden under the mouse cursor was a 1x1 pixel iFrame invisible to the naked eye. Each time a user clicked on a webpage, it was intelligent enough also to click on links hidden under this iFrame. The hidden webpage would have zero conversion value since it couldn't be seen, but still had all the characteristics of natural user movement.
It's imperative to practice due diligence when advertising online. It's the internet, so be cognizant that not everyone's being honest or has honest intentions. The internet is a dark and scary place. If advertisers aren't careful, they'll find themselves constantly getting ripped off by these sneaky tricks.
On Twitter? Follow iMedia Connection at @iMediaTweet.
"Suspicious Young Man" image via Shutterstock.