Connected Television: Understanding and Fighting Back on Advertising Fraud’s New Frontier
The United Kingdom is now ranked 14th in the world for countries targeted by bad actors looking to defraud marketers. Despite the UK coming in 20th in the list of the world’s most populous countries, a substantial amount of UK campaign advertising traffic is driven by sophisticated bots.
Connected Televisions are Now Prime Advertising Real Estate
It’s estimated that smart or connected televisions (CTVs) are now owned by 49% of consumers in the UK,[1] with 19% of Brits spending more than 16 hours each week watching streaming services.[2] Naturally, that’s a key audience for advertisers. And with so many seeking escapism online, it’s no wonder that the CTV advertising space has become so incredibly sought after during the last year.
But what if I told you that rather than reaching your target audience, your ad might not have been shown at all? What if I told you that some people had figured out how to fake it, so it looked like your ad was shown, but never appeared on a screen anywhere?
The New Wild West in Advertising
Let’s start from the beginning: advertising fraud occurs when bad actors figure out ways to make it look like an ad was viewed or clicked, and how to cash in on pretending to be the owner of the space the ad buy covered. The most sophisticated bots look and act just like humans when they click on ads, visit websites, fill out forms etc. to commit fraud and abuse.
In a recent global survey carried out with the Enterprise Strategy Group, we discovered that an incredible 37% of those we asked confirmed that they’d been victimised by sophisticated bots in the past twelve months, whilst another 30% believed they had but couldn’t confirm.
And CTVs, have become a top target for fraudsters.
So Why are CTVs so Susceptible to Ad Fraud?
CTV as an industry and advertising medium sprung up quickly. With older, more established mediums, such as laptops, phones and tablets, it’s much, much easier to see whether the person viewing an ad is a real human, because the technologies needed to make those assessments developed at the same time as the technologies that show the ads in the first place.
The demand to reach this new audience has been such that the supporting structures to measure a campaign’s success hasn’t quite caught up.
The majority of fraud in CTV environments is carried out by only a small number of bad actors. It’s the fact that CTV provides so many opportunities for streaming services and brands that makes it so attractive to bad actors. This is an unrivalled medium for streaming services and brands to engage with consumers through compelling content and advertising.
The Fraudsters are Here to Stay
All the advertising fraud schemes we have seen recently have been months or years in the making. These are incredibly sophisticated botnets which are enormously complex, and which hint at deep understandings of how advertising technology works.
Fraudsters are definitely cranking up the scale of their attacks, hoping they can hide amidst the increased traffic with so many people spending so much time online. But we’re not talking about a problem which will go away as life returns to normal. Advertising fraud is here to stay and newer technologies, such as CTVs, are among the most in need of protection.
CTV Ad Fraud in Action
The scale of any individual operation, let alone ad fraud on the whole, can be colossal. Our very own research team recently discovered a botnet, we named PARETO, which exploited nearly a million infected Android phones pretending to be millions of people watching adverts on connected televisions.
PARETO-associated traffic accounted for an average of 650 million daily bid requests, the result of 29 Android apps spoofing more than 6,000 Connected TV (CTV) apps. The Android apps were downloaded by unwitting consumers, often on third party marketplaces.
For example, Any Light claimed to be ad-free, and while it didn’t show ads, we discovered the app actually faked ad impressions (an important distinction).
Not only was the operation big, but it was also seriously clever. For each spoofing cycle, PARETO launched a new disguise for their fake traffic. PARETO created realistic pingbacks, verifying that the phone was a “real” CTV streaming product in order to evade detection.
They were dynamically configurable, so a single infected Android phone could rotate, selling traffic to many different buyers while assuming many different identities.
PARETO was the most sophisticated botnet ad fraud scheme for CTVs ever uncovered, but it’s just the tip of the iceberg in a multi-million criminal industry.
That’s not the only CTV botnet we’ve discovered. Last summer, our threat intelligence team discovered an even larger connected TV operation. That scheme, which we named ICEBUCKET, was scamming more than 300 publishers, impersonating more than two million people across 30 countries stealing millions of dollars in ad spend.
So, How can you Prevent Bad Actors Stealing your Spend?
Sadly, there’s no easy fix. The only way the advertising ecosystem can stop ad fraud in its tracks is for the industry to band together to establish a system of collective protection which makes ad fraud so tricky and so unprofitable that fraudsters simply have to move on.
Fraudsters rely on any lack of cohesion to infiltrate real threats. Without a coordinated effort, we inadvertently leave too many gaps for them to take advantage of.
We’ve launched something called the Human Collective where we’re teaming up with The Trade Desk, Omnicom Media Group, Magnite, Google and Roku to disrupt the functional components of PARETO, and many other botnets besides.
Ad fraud can be eliminated through protected channels where there are direct relationships, trust, and full transparency. Working together through a collectively protected supply chain will ensure the ecosystem realises the full benefits of creating a great CTV customer experience that is ad fraud free.
Dan Lowden, CMO at HUMAN (formerly White Ops), a cybersecurity company that protects enterprises from bot attacks to keep digital experiences human.
[1] GfK in partnership with TechUK.