Digital ad fraud in Australia: The $400m question?

By (incomplete) | 11 September 2014

Digital ad fraud in Australia is anywhere between 6% and 14% of the total market. Inventory that is known to be 100% fraud is still being traded. Even the most premium sites are infected by bots and an ad fraud business is one of the easiest rackets to set up and get away with.

That's according to a group of ad tech companies speaking in Sydney yesterday.

Even if fraud sits at the bottom end of that range, it's a nine figure sum. In the middle range, it's a $400 million question.

“The size of the prize is huge,” said Integral Ad Science Asia Pacific boss Stephen Dolan. “If you were thinking about a business to get into with a low cost base that needed a couple of engineers and fairly low overheads, ad fraud would rank highly on the list. That has been reflected in the last three or four years.”

Matthew Schmidt, director of operations, Asia Pacific at SpotXchange said that the botnet issue was vast.

“I don't think people realise how much bot traffic roams the internet.” He said the bots touch pretty much everything. “Even the most premium sites have a small percentage of bot traffic.”

Sam Smith, boss of TubeMogul Australia said there “is definitely inventory that we know is 100% fraud that is traded in this market through some technologies and platforms.” Smith said that represented the biggest threat to the health of the online advertising industry.

“For me that's the biggest issue,” said Smith, “clients that do know traffic is fraudulent and continue to trade that traffic. We need to get more clients to investigate. We have to get better as an industry at getting inventory out of the system when we know it is fraudulent."

AdapTV boss Mitch Waters said syndication of iframes was the “scariest” thing he'd seen because of the frequency that dodgy URLs hiding under other URLs were making there way into exchanges and DSPs - and not immediately being turfed.

“That can happen every day without people really taking any notice, because it is not this 'big thing' that gets blown out of the water,” he said, “but it is my biggest fear.”

SpotXchange's Schmidt agreed. Masked URLs are “a huge problem and it's hard to detect.”

Types of fraud and what's the scale?
The four were speaking at an Ad Tech meet-up organised by RadiumOne's Evgeny Popov and SpotXchange's Christopher Blok. Popov, a former News Corp man, outlined the three main types of fraud: Bots, ad stacking and using tiny pixel-wide players, and URL masking, which allows fraudsters to daisy chain traffic from one site to another by masking it and masquerading as a different URL.

Popov asked the panel to quantify the scale of ad fraud affecting the Australian digital advertising market. Integral's Dolan answered.

“It changes from market to market. The IAB's Brand Safety Council is trying to answer that question, but doesn't have an answer yet. As a company, we have seen levels of fraud between 6% and upwards of 12, 13, 14%. It really changes [market to market]. But it is certainly up at that level.”

Bot traffic is the hardest type of fraud to fight, according to Popov. He cited the Chameleon botnet which last year was found to have creamed off $6.2m a month in ad spend. It was serving 9 billion fake impressions a month via a network of 120,000 infected computers. The average impression paid was $0.69CPM, the average click through rate was 0.02%.

“It was a massive infection. Zombieland. There were 120,000 machines infected with code that mimics human behaviour,” said Popov. “Botnets are sophisticated and smart.”

Which is usually the opposite of the machines they infect, according to Integral's Dolan. But they can be detected, cookied and negatively targeted, because they send out warning signals, he claimed.

“Usually these botnets affect machines with fairly low capacity. The botnet is sitting on your granny's machine running Windows 95 with a 10-year-old version of Internet Explorer and they use it for 20 minutes a day to check their email. But from 11 at night to six in the morning the botnet fires up and is creating a lot of money for its owner.”

The warning sign was that if a botnet was operating at a particular point in time “and so you have 120,000 browsers dumping cookies at 9am in the morning, that is a sure sign that it is suspicious. Because they operate at significant scale, there are signals that can be picked up that make clear that they are not human activity.”

Dolan added that publishers had colluded with fraudsters in the past, and cited a $5.5 million campaign “for one of the world's largest advertisers” operating in Asia.

While the Asian market has many variables, and the market participants operate very differently to their Australian counterparts, the example was interesting because it was the client that rumbled the scam, before going after its money from those placing it.

“The mechanism of the campaign was there was an ad, you jumped to a page where you see a bunch of products, and a conversion was someone selecting two products and comparing them.”

“Eventually it was found out that there was a botnet operator in collusion with the publisher and they had written a script. Ninety five per cent of the traffic was bots. And it was the client that figured it out and bought in the investigators and auditors - and went after the agencies first.”

Sign up to the AdNews newsletter, like us on Facebook or follow us on Twitter for breaking stories and campaigns throughout the day.

Need a job? Visit

Have something to say? Send us your comments using the form below or contact the writer at

Have something to say on this? Share your views in the comments section below. Or if you have a news story or tip-off, drop us a line at

Sign up to the AdNews newsletter, like us on Facebook or follow us on Twitter for breaking stories and campaigns throughout the day.

comments powered by Disqus