Methbot: The Beginning of the End for Digital Ad Fraud
Jan 26, 2018
An ad fraud scandal to hit the digital advertising world has been exposed, and its name is Methbot.
A Russia-based botnet with data centers in the Netherlands and the United States, this digital-age criminal network deploys sophisticated tricks to defraud advertisers, brands and media companies.
Now that security firm White Ops has penetrated the operation and made its methods public, measures can be taken to prevent Methbot quietly siphoning off advertising dollars. But how did the fraudulent operation become so profitable, and what does its discovery mean for the digital advertising industry?
Methbot was extraordinarily successful because it appeared to provide something that is scarce within the digital ecosystem: large volumes of low-cost premium video inventory. Over 6,000 domains and 250,000 specific URLs were spoofed to trick advertisers into thinking they were buying video placements on premium publisher sites. Fake ad impressions were then generated on these domains using over 500,000 IP addresses.
With an estimated 200 to 300 million fraudulent impressions per day and average CPMs of $13.04, White Ops describes Methbot as “the single most profitable ad fraud operation to strike digital advertising to date.” Sophisticated measures used by the fraudsters to avoid detection include manipulation of geolocation data, countermeasures against code used by specific ad tech providers to filter out fraud, and exceptional bot imitation of human behavior such as social media logins and cursor movements.
The impact of Methbot varies across the industry, and the scam should act as a wake-up call to the industry as a whole. In addition to immediate actions that must be taken following the discovery — such as blocking impressions from the IP addresses identified by the operation — there are other more general steps the industry should take to protect itself from future threats.
Understand fraud impacts all channels
Ad fraud is often associated with display ads — but given that fraudulent activity follows advertising dollars, it’s no surprise its perpetrators are increasingly turning their attention to lucrative channels which offer higher returns, such as premium video.
Methbot also impacted inventory sold through private marketplaces (PMPs), which are widely thought to be less susceptible to fraud. One lesson to be learned from Methbot is that fraud exists across the entire ecosystem.
Employ robust anti-fraud measures
Using advanced anti-fraud technologies to detect and filter out fraudulent traffic before it becomes an issue should now be standard practice across the digital advertising industry. However, providers need to understand not just their own fraud prevention methods but also those of any partners they work with.
To learn from this episode and move forward, it’s vital to have a frank discussion with all partners over the impact of Methbot and to put safeguards in place to ensure such an operation can never be repeated.
Expect to pay for quality impressions
Methbot was so successful because buyers didn’t question the availability of cheap premium-video ad placements. When something seems too good to be true, it usually is, and “you get what you pay for” is a lesson many advertisers learned the hard way.
If advertisers want high-quality video ads to run on premium websites, they must be prepared to pay a fair price for each impression.
Increase industry transparency
The digital advertising ecosystem is plagued by complexity and opaque practices, with a multitude of tech providers acting as middlemen between advertisers and publishers. Companies across the entire industry often have no idea who they are actually working with, providing ample opportunity for fraudulent activity to go unnoticed.
A unified drive toward industry transparency, and more direct relationships between advertisers and the websites they advertise on, will limit future opportunities for digital ad fraud.
It might resemble a fictional plot line, but the discovery of Methbot sent shockwaves through the industry. Hopefully, its legacy will be to drive action against ad fraud, with the industry adopting robust solutions, understanding the value of quality impressions and increasing transparency.
(As published on MarTech Today)Go back