Thursday, January 19, 2017

Defrauding Digital Advertisers

 I have been following the recent news of Russian hackers making several million dollars a day by faking video ad views.  The news can be found here, here and here. What sets this fraud apart from other frauds is the amount of time and money hackers spent to create the infrastructure needed.

Hackers took advantage of the weakest link in the online advertising chain: automated auction system that matches media companies with advertisers. The hackers, dubbed Methbot group, introduced fake advertising inventory into the system and then generated fake views of ads using bots. This is how the fraud worked:
  •         The hackers spoofed the domain and URLs of several thousand news and content publishers including big names such as CNN, ESPN and Vogue. (I find it amazing that they were able to claim URLs belonging to such big names).
  •         They introduced the spoofed URLs to the auction system.
  •         They then created a bot net with software designed to “act” like a human by clicking, moving mouse etc.
Using the bots, hackers “watched” millions of video ads on their sites generating $3-5 million in revenue per day.

The fraud was discovered last year in October and has been widely reported since. However, it is not clear whether the fraud is still happening or not.

No comments: