Millions of dollars are spent every year on digital to market products and services to consumers. However, not all that is spent can be accounted for thanks to the rise in advertising fraud. And now with Generative AI gaining traction, the fraud seems to have only risen. “Generative AI is being used to create made-for-advertising (MFA) sites. MFA sites are websites primarily designed to display ads and generate revenue through advertising. These sites often have little or no original content and the ads are the main focus of the website,” Scott Pierce, senior director, Product Management, Fraud Protection at Integral Ad Science (IAS) told BrandWagon Online.
In 2022, the highest digital advertising fraud or sophisticated invalid traffic rate was reported in Latin America, with 1.5%, as per Statista, a market research firm. It was followed by the EMEA region (Europe, Middle East, and Africa), whose fraud rate stood at 1.2%.
An increased number of threats have started to come in from online ads and search engine marketing, as per threat discovery and cyber intelligence platform, Cyfirma. According to the research conducted by the platform, one area to pay attention is SEO poisoning – a technique used by threat actors to increase the visibility and credibility of their malicious websites in search engine results. Typosquatting, Blackhat SEO tactics, such as keyword stuffing, cloaking, search ranking manipulation, and the use of private link networks, are also used to manipulate search engine rankings.
As per market research, SEO poisoning can lead to various risks, including credential theft, malware infections, and financial losses. It is also believed that threat actors may use targetted forms of SEO poisoning such as spear-phishing to customise attacks for specific audiences. The research further stated that recent SEO poisoning campaigns involve the distribution of fake installers, through poisoned Google Ads, leading to the theft of sensitive information. According to Faisal Kawoosa, chief analyst and founder, Techarc, content is one biggest areas of concern. “This would surely push the infringement of content as well as ideas hampering creativity. Specifically for ad-fraud, since sophisticated BOTs which are used in such techniques, need data and other information. Generative AI could be misused by such parties resorting to ad fraud. For instance, to generate bogus leads, they could fetch data using generative AI and fill up the leads for a campaign for a client and others,” he explained.
Currently, it is believed that made-for-advertising sites are designed to avoid traditional detection methods used by ad verification companies. These can score high for viewability, contextual, and brand safety. This being said, MFA sites have several attributes in common, including many ads, ads which refresh frequently, and video ads that automatically play. By identifying these and other attributes, ad verification companies can detect MFA.
Detection of Ad Frauds Leaks
Industry experts opine that to detect advertising frauds such as domain spoofing, pixel stuffing, ad stacking and others, advertisers need to partner with ad verification companies which have developed sophisticated models for detecting fraudulent sites. According to experts, ad verification technology can measure and report the number of impressions on these sites and offer avoidance solutions such as block lists and pre-bid segments.“These tools can analyse data such as click-through rates, conversion rates, and engagement metrics to flag any unusual activity. We also recommend companies use tools with advanced machine-learning algorithms that can be used to identify and predict fraudulent behavior based on historical data and patterns. Regularly monitoring ad traffic, and implementing strict campaign targeting and ad placement rules is key,” Kumar Ritesh, founder and CEO, Cyfirma explained.
According to the latest TAM AdEx Report on Digital Advertising for January- March 2023 quarter, programmatic ranked on the top as preferred way to advertise on digital, thereby accounting for 63% of total ad impressions. “Programmatic advertising is an area that needs special attention because you would not have direct control over exactly where your ads will show up. The last thing you would want is for your ad to be hijacked, impersonated and show up on malicious websites”, Kumar added.
Preventive measures
Selection of reliable, reputable, and completely vetted demand-side-platforms (DSP) is one of the ways to protect campaigns against scams among other ways. As per Kevin Reed, chief information security officer (CISO), Acronis, a good combination of AI/ML automation is key to proactively combating the ever-increasing frequency of cyberattacks. “AI can be used for user behavior monitoring and detecting if a hijacked account is suddenly performing an action that it normally does not do. Detecting never before seen malware by using ML classification trees is nowadays a key element in cyber security, as every day hundreds of thousands of new malware samples get created,” he added.
Additionally, people need to be vigilant when installing applications, especially if they have been advertised in social media messages from unknown accounts. “Using strong, unique passwords, being vigilant about suspicious emails, messages, or links, especially those requesting personal information or login credentials, avoiding clicking on links from unknown sources and verify the legitimacy of the sender before providing any sensitive information are some of the preventive measures to fight ad frauds are some the human ways to prevent us from ad frauds,” Amit Relan, director and co-founder, mFilterIt concluded.