Notice: This blog is no longer updated. You may find a broken link or two

You can follow my new adventures @mikeonwine

Using Ads for Impression Fraud

March 25th, 2009

Watch this video:

How does it work? Pretty easy –> just traffic an ad with some JS that keeps writing out IFRAMES with ad tags. User never sees an ad and as long as the page is opening you are generating what appear to be valid ad requests from valid users!

Hopefully Right Media’s fraud filters are catching this!

Related Posts:


Posted by Mike Filed in Fraud
10 Comments »

  • Justin

    If the adserver serving up the creative is worth a damn this traffic will probably get flagged as either spider or bot activity and the metrics adjusted accordingly. X number of sequential requests from the same IP within a predetermined time span will generally trigger this, at least that was how we adjusted for this kind of stuff when I worked at my previous gig AdShuffle.

  • Mike

    Sure, if it loads the samet ag over and over again. But it’s not hard to get a little smarter here — but what if my javascript randomly loaded from one of 200 ad tags? Now you generate 1-3 views per tag on a single 300×250. Would your adserver be able to identify these 3 requests as fraud?

    I have to say — this almost makes me miss the days of ‘inqwire.com’ when at least the fraud was blatant and obviously visible in a pop-under.

  • Justin

    I would think the variance in ad tag would be irrelevant. The telling factor isn’t that the ad request is always the same (although that could be one additional factor to take into consideration), it’s the high number of sequential requests from the same IP address in a very short amount of time. 60, 100, or how many ever ad calls in less than 2 minutes is pretty suspect.

  • http://www.yardley.ca/ Greg

    Hmmm. There’s a whole lot of ad networks out there, over a couple of minutes I bet someone could load about three tags from *each*. Hell, one tag from a dozen is relatively easy, and that’s still a ton of extra money.

    Awesome! I love the creativity of scumbags. I suppose this could be caught by measuring clickthrough rates and detecting abnormalities, but those clicks could be faked too, I bet. (It’d be ironic if every company had to eventually measure CPA just to make sure their CPM ads weren’t fraudulent…)

    By the way, why is your test ad spot running a ton of dating ads?

  • http://johannburkard.de Johann

    Awesome, the ads just don’t stop loading :D

  • Michael

    Mike,

    I came accross this tow days ago on a pretty big filehosting website with two ad networks showing ads
    while my charlesproxy showed 200+ rows of urls in less than 2 minutes. Nice scam.

    Michael

  • http://www.adexchanger.com/ad-networks/vizi-ad-network-ad-serving-fraud-video/ Ad Network Vizi Catches Publisher’s Ad Serving Fraud on Video

    [...] posted the video (which is below) and commenters, as well as Mike(OnAds) Nolet, noted that this could potentially prove difficult to catch with a bit of misdirection: “… it’s [...]

  • http://www.msmvps.com/spywaresucks Sandi Hardmeier

    Hi Mike,

    I’ve certainly seen this carry-on before, but never such an extreme example!

    Sandi &c.

  • ws

    Holy crap. This make me look at bad traffic from media buys in a whole new light.

  • http://www.zip-repair.org/ fix zip

    This is a really useful application, thank you for posting it.