Comments on: Using Ads for Impression Fraud

By: fix zip

fix zip — Wed, 07 Mar 2012 06:27:00 +0000

This is a really useful application, thank you for posting it.

By: ws

ws — Tue, 07 Jul 2009 18:26:56 +0000

Holy crap. This make me look at bad traffic from media buys in a whole new light.

By: Sandi Hardmeier

Sandi Hardmeier — Mon, 30 Mar 2009 06:11:06 +0000

Hi Mike,

I’ve certainly seen this carry-on before, but never such an extreme example!

Sandi &c.

By: Ad Network Vizi Catches Publisher’s Ad Serving Fraud on Video

Ad Network Vizi Catches Publisher’s Ad Serving Fraud on Video — Sat, 28 Mar 2009 15:41:25 +0000

[...] posted the video (which is below) and commenters, as well as Mike(OnAds) Nolet, noted that this could potentially prove difficult to catch with a bit of misdirection: “… it’s [...]

By: Michael

Michael — Thu, 26 Mar 2009 09:50:49 +0000

Mike,

I came accross this tow days ago on a pretty big filehosting website with two ad networks showing ads
while my charlesproxy showed 200+ rows of urls in less than 2 minutes. Nice scam.

Michael

By: Johann

Johann — Thu, 26 Mar 2009 08:48:23 +0000

Awesome, the ads just don’t stop loading

By: Greg

Greg — Wed, 25 Mar 2009 20:26:16 +0000

Hmmm. There’s a whole lot of ad networks out there, over a couple of minutes I bet someone could load about three tags from *each*. Hell, one tag from a dozen is relatively easy, and that’s still a ton of extra money.

Awesome! I love the creativity of scumbags. I suppose this could be caught by measuring clickthrough rates and detecting abnormalities, but those clicks could be faked too, I bet. (It’d be ironic if every company had to eventually measure CPA just to make sure their CPM ads weren’t fraudulent…)

By the way, why is your test ad spot running a ton of dating ads?

By: Justin

Justin — Wed, 25 Mar 2009 18:36:29 +0000

I would think the variance in ad tag would be irrelevant. The telling factor isn’t that the ad request is always the same (although that could be one additional factor to take into consideration), it’s the high number of sequential requests from the same IP address in a very short amount of time. 60, 100, or how many ever ad calls in less than 2 minutes is pretty suspect.

By: Mike

Mike — Wed, 25 Mar 2009 18:06:29 +0000

Sure, if it loads the samet ag over and over again. But it’s not hard to get a little smarter here — but what if my javascript randomly loaded from one of 200 ad tags? Now you generate 1-3 views per tag on a single 300×250. Would your adserver be able to identify these 3 requests as fraud?

I have to say — this almost makes me miss the days of ‘inqwire.com’ when at least the fraud was blatant and obviously visible in a pop-under.

By: Justin

Justin — Wed, 25 Mar 2009 17:22:33 +0000

If the adserver serving up the creative is worth a damn this traffic will probably get flagged as either spider or bot activity and the metrics adjusted accordingly. X number of sequential requests from the same IP within a predetermined time span will generally trigger this, at least that was how we adjusted for this kind of stuff when I worked at my previous gig AdShuffle.