Programmatic advertising is one of the fastest growing segments of digital marketing. However, nothing is perfect: the notorious “dark side” of online advertising industry is a digital ad fraud and nowadays it is becoming a serious problem.

First of all, it’s worth mentioning that fraud is a concern for all digital advertising, not only programmatic. However, in comparison to direct-sold inventory, programmatic inventory especially the one that is sold in open marketplaces generally sees more ad fraud. This happens because open marketplaces rely heavily on intermediaries, which makes it easier for cybercriminals to get into the transaction chain and RTB ecosystem.

Let’s have a closer look at what digital fraud actually is. In a nutshell, advertising fraud includes all kinds of illegal activity like creating fake domains, “ghost websites”, cookie stuffing, ad stacking, laundered ad impressions; using malicious bots to generate false impressions, pixel stuffing and so on. Fraudsters obtain billions of media dollars in revenue from these illegal dealings. And in many cases, these “bad actors” get away unnoticed.

Advertisers have been aware of fraud existence, but they started to acknowledge the scale of the problem just recently. Let’s look at the numbers:

  • Digital fraud takes $1 for each $3 spent on digital ads
  • Advertisers are to lose $8.2 billion globally due to malicious bots in 2016;
  • 37% of advertisers surveyed are ready to pay a premium 11% or even more for certified human traffic;
  • Bots account for 56% overall website traffic and 25% of publishers have no way to detect non-human traffic;
  • 72% of the loss associated with the web’s fraudulent traffic happens on desktops and 28% on mobile;
  • Bot fraud impacts up to 37% of ads in 2016, compared to 22% in 2014;

*Statistics by Invesp

What are the most common types of Advertising Fraud?

Non-Human Traffic: Bots and Botnets

- Bots and botnets stimulate the activity of a real user by browsing the internet or using an app. Bots are evolving and becoming more sophisticated and some of them are so smart, they can move the mouse cursor to imitate human behavior, click on links, from one website to another, watch videos, and even add items to the shopping cart! Malicious bots generate false impressions, serve as malware or spam and trigger retargeted ads.

- Ad Stacking and Impression Stacking basically hide ads in a way that there is almost no chance for a human eye to see it. It could be hiding the ad behind other ads so that only the top one is seen but others in a pile remain unseen.

- Pixel stuffing is very similar. The ad is technically presented on a page but it’s “stuffed” into a single pixel, which makes it impossible to spot for a human eye. Since end users are real people, it makes it more complicated for vendors to detect.

- Domain Spoofing might be even harder to identify. In RTB environment, fraudulent publishers change the URL of their site into the URL of a more trustworthy site -, for instance.In this situation, advertisers think that their ads would end up on a reputable site while, in reality, it might be displayed on more suspicious websites.

- Ad injection is another common type of fraud when cybercriminals insert the ad, but never pay for the advertising slot on that website or even get a permission of site owners. - Affiliate ad fraud or cookie stuffing is considered “blackhead marketing”. Fraudsters implant the cookie on the user computer mainly through a nasty script or plugin in the browser without the user acknowledging it. The placement of the cookie generates “forced clicks” via pop-unders, within an "iframe" or through corrupted software.

- Click farms is a type of click fraud when a group of low-paid workers click on paid advertising links to create an impression of online popularity. Commonly, click farms are sprouting in developing countries like India, Bangladesh, Venezuela, etc.

Here are few things you can do today to eliminate Ad Fraud:

  • Demand transparency from your publishers and continuously monitor sourced traffic;
  • Start using such services for bot detection and domain verification;
  • Keep an eye on ad injection and update blacklists on a daily basis;
  • Bear in mind that bots prefer websites related to family, food, finance and news & bots’ activity usually escalates at night between 11 pm and 5 am. Thus, consider adjusting your ad campaign to that information;
  • Block countries like with highest fraudulent scores;
  • Follow your intuition – if something looks suspicious and too good to be true, then apparently it is;
  • Invest in advanced “fraud watchdogs” like Telemetry, Forensiq, White Ops, and other third-party monitoring;
  • Reveal your anti-fraud policy to the public.

SmartyAds commits to deliver transparency and for this reason, we team up with Forensiq and Protected Media to offer 24/7 multilayer ad protection technology to our clients and their brands.

Written by
Irina Kovalenko, CMO of SmartyAds
February 2018