3 common types of advertising fraud with sophisticated bots

Thảo Vũ

In the rapidly digitized era, marketers are gradually shifting from traditional media to digital platforms. However, this dynamic digital space is home to countless hidden actors who silently impede brand development. Despite the many benefits of digital advertising, marketers are unaware of who is actually viewing their ads.

To clarify this, solution providers have discovered and prevented fraudulent advertising to identify the amount of invalid traffic accessing campaigns. However, even when marketers are ready to deal with advertising fraud, cybercriminals have expanded the “fraudulent area” with sophisticated bots. Unlike regular bots, sophisticated bots can simulate human behavior and easily hide in legitimate traffic, leading to manipulated data. As a result, the advertising campaign falls into fraud again.

Sophisticated digital marketing fraud

When sophisticated bots infiltrate, advertising campaigns are not only affected by KPIs but also manipulated across all sales channels and data.

For example, in an impressions campaign, the number of impressions will first increase due to the traffic of sophisticated bots, then affect other important KPIs such as visits, conversions, or installations.

As a result, the brand not only wastes advertising spending on invalid traffic but also creates opportunities for the army of sophisticated bots to attack and destroy brand assets. Therefore, it is important to use a comprehensive advertising fraud detection solution, rather than focusing on a single KPI.

Website cheating tricks

Zero-sized pixel window

To improve the click-through rate (CTR) of a website, scammers often open the advertiser’s landing page in a zero-sized pixel window. However, end-users are unaware of this and when they access the website, their action is counted as a click on Google Ads. As a result, advertisers have to pay for clicks/views that users don’t even see.

For instance, in the following scenario, the user did not click on the ad, but it was still counted as a view. Due to the window size being too small to be noticed by the naked eye, users are also unaware of such cases. In general, it is difficult to detect anomalies without the help of advanced data analysis tools.

Cookie Stuffing

Cookie stuffing is a form of “stealing” natural traffic where a malicious website intentionally drops a third-party cookie into a user’s browser without their consent or even knowledge. Scammers do this through an Iframe (a type of super-small window with a size of only 0x0 pixels on the website) – which is not visible or recognizable by the naked eye – to attribute natural user traffic – legitimate activities on the web – to fraudulent affiliate partners.

For example, mFilterIt has integrated a tool called mFilterIt pixel into an advertising website to create a random cookie for each new user. When users return, the website identifies them through this cookie. Even when bots try to change their IP, the bot device still returns the same cookie within a few minutes, indicating that it is an abnormal behavior.

Bot User

When users are impersonated by bots, they are often programmed to have no movement or interaction with the advertiser’s landing page.

In this case, machine learning algorithms analyze values such as configuration, plugins, device settings, and canvas fingerprints of the user to determine whether they are a bot or not. This is also the basis for analyzing bot models and cases that are likely to be click bots.

With the support of AI, machine learning, and data science, mFilterlt detected approximately 32,000 cases of bot impersonation during the testing phase.

Cheating techniques via app

Click Spam

Click spam is type of click fraud that occurs when fake clicks are generated on an ad to artificially inflate click-through rates (CTR). It can harm online advertisers by wasting their advertising budget and providing inaccurate data on the performance of their ad campaigns. Click spamming can be carried out in various way. such as using bots, scripts, or click farms. These methods are used to generate clicks on ads without any genuine intent to engage with the advertiser.

For instance, “Click Spam” can occur when a users downloads or accesses an app or website that has been infected with a virus (not available on Google Play/App Store) via their phone. The app then automatically clicks on ads or allows the device to click on ads in the background of the app, without the user’s knowledge or consent.

The click-through rate is unusually high, but the direct conversion rate is extremely low. For instance, the Click to Install Time (CTIT) chart shows high click and install rates, but the conversion rate is only 0.01% – a sign of click spam. These clicks were generated over a period of 9 days, but are equivalent to the population of Thailand.

Therefore, the way to detect click spam is to track clicks by device ID.

Event Spoofing

Event Spoofing is a behavior that uses bots to fake clicks to trigger events (booking, shopping, registration, login, etc.) that do not actually exist in order to deceive advertisers.

The chart above shows that the Click to Install Time (CTIT) is allocated only within a few minutes – a very unusual sign. Meanwhile, the normal traffic model is evenly distributed over time, as conversion time is usually not under the control of the advertising unit.

Therefore, marketers need to closely monitor click and event patterns to detect fraud in a timely manner.

In conclusion

The article listed 3 common forms of advertising fraud with sophisticated bots (web, app, event spoofing). This shows that the digital advertising world is full of fraudsters who always lurk around, taking advantage of both simple and sophisticated bots (which account for up to 25% of Internet traffic) to steal advertising money. Therefore, protect your campaign with a comprehensive solution to prevent both types of bots, bringing clean and effective traffic.

Leave a Comment