As if the global disruption of 2020 wasn’t enough, it seems that this year has also seen the biggest growth of click fraud. Analysts were predicting an increase in fraud on paid search, in line with trends, however it seems that it truly has been a bumper year.
This alarming jump has been underlined by the exposure of a number of high profile ad fraud bots, malware manipulations and click fraud court cases. Maybe we’ve seen more activity because the technology to expose these fraudulent practices is improving, or perhaps it really has been a big year for click fraud.
Click fraud and ad fraud trends throughout 2020
It’s well known of course that fraudsters are a resourceful bunch and often take advantage of global disruption. But it also seems that many of the click fraud campaigns that have been exposed have been running for a while.
As an example 404Bot, which has been operating since at least 2018 has had a busy year. 404 Bot works by defrauding advertisers using outdated ads.txt lists. By spoofing sites in a similar manner to the famous HyphBot, this botnet generates fake impressions on video and display ads. A report in February 2020 from IAB Labs found that 1.5 billion video ad impressions had been generated by 404 Bot since its inception.
This year has also seen Tekya, a mobile app malware – part of the Haken malware family- targeting children games, which has made a sizable impact.
And, in August 2020, it was revealed that the iOS platform had been compromised by malware within the Mintegral SDK. It’s alleged that the SourMint malware generated false clicks on ads and stole user data through over 1200 apps. Apple denied that there had been a breach and has, so far, not removed any apps from their store or issued any other warnings to users.
For any business spending money on paid search or social ads, surely this continuing fraudulent traffic is cause for concern.
The problem with paid search
Paid search remains one of the most popular means of promotion for businesses, large and small. The problem though is that the industry still remains woefully under protected, with the ads.txt initiative one of the few in place to tackle the rampant ad fraud.
However, ads.txt isn’t, and was never going to be, a magic bullet to defeat fraud. And, adding to it’s woes, most publishers and advertisers aren’t even using it correctly. Advertisers not checking lists, publishers not updating them and even the alleged issue of fraudulent sites hiring ads.txt lists to host ads are all contributing to a dwindling reputation for ads.txt.
As Dr Agustine Fou, an independent ad fraud investigator notes, it’s possible that ads.txt has been causing more problems than it’s solved. In fact IAB, the lab that created ads.txt, has even stated that it was only meant to help advertisers identify authentic ad platforms.
The recent US elections have also highlighted a huge flaw in political ad campaigns which it turns out are ripe for ad fraud. In 2020, $2.9 billion was spent on digital ads by the Trump and Biden campaigns, and it’s estimated that $377 million of that was siphoned off to fraud.
With little in the way of verifiable KPIs, political ad campaigns are easy pickings for fraudsters. A simple search for ‘buy USA traffic’ highlights just how easy it is to hire an army of click farms and bots to click on whatever paid ads you want.
