In early June 2022 the American Association of National Advertisers (ANA) released a report about the problem of ad fraud. This report stated that by their estimates, ad fraud is going to cost the digital marketing industry $120 billion by the end of 2022.
This huge figure exceeds the average GDP figures for most of the countries on the planet. In fact, if ad fraud was a nation, this would put it somewhere between Angola and Kuwait for GDP.
However, this figure isn’t one that is widely agreed on – with estimates ranging from $20 billion to $68 billion, depending on who you ask. In fact, ad fraud expert Augustine Fou pointed out that this figure was reached by ANA using the wrong chart (one covering all forms of fraud, not just ad fraud), and that $120 billion would represent 63% of the total ad spend within the US.
Research from ClickCease shows that the industry lost around $42 billion in 2021. And, considering that both digital ad spend and ad fraud are growing year on year, assuming that the cost of ad fraud is likely to hit $60 billion or more by the end of 2022 is not a wild shot in the dark.
It’s worth pointing out that the ANA did retract their report after it became clear that their figures were wrong. Or more likely, as Dr Fou points out, that the report contradicted the ANA’s own stance that ad fraud was under control…
But the question remains…
If the industry knows there is a big problem with ad fraud, why can’t they agree on how much it’s costing advertisers?
And, perhaps more importantly, why can’t they fix it?
Measuring ad fraud
If you asked Google or Facebook about how much ad fraud impacts their sites, their figures often look more manageable. Google’s stats show that between 1% to 8% of clicks on Google Ad campaigns are from invalid traffic (otherwise known as click fraud or ad fraud).
And yes, they do filter out bad clicks from obvious bots and web scrapers, repetitive clicks and other forms of junk web traffic.
At ClickCease, we see on average 14% of clicks on paid ads as coming from non-genuine sources. And these are fraud clicks picked up after Google (and also Facebook/Bing Ads) have run their anti-fraud filters. However, for some campaigns, this can run up as high as over 60%.
So why such a huge discrepancy between Google data and our analysis at ClickCease?
The methods used to identify fraud traffic are one big reason.
Although Google doesn’t release details about how they track, block and monitor fraudulent traffic, it does seem that they mostly focus on the IP address.
If an IP address is flagged up as suspicious, it is added to your Google Ads exclusion list, and that location will no longer see your ads. However, changing your IP address is child’s play to most developers.
By using VPNs, user agent switching extensions, and even simply using a mobile device in airplane mode, the IP address of a device is changed. So blocking based on IP address isn’t always the most effective way to stop ad fraud – especially not organized ad fraud campaigns.
And although many ad fraud campaigns run by creating faked bid requests, a large number of fake traffic still comes from fraudulent impressions, click spam, clickjacking and other bot related fakery.
What has the marketing industry tried to stop ad fraud?
There have been a number of initiatives aimed at eliminating or managing ad fraud. Most have, so far, had minimal impact.
The introduction of ads.txt was supposed to let publishers tell advertisers that they were an authorized publisher and to prevent spoofed inventory. And although it changed the way that ad fraud operates, it didn’t really stop anything.
In fact some campaigns have even leveraged the outdated ads.txt lists of some publishers to generate falsified ad campaigns. One of the best known of these is Methbot, although other campaigns such as 404bot and Sportsbot also used ads.txt lists to falsify impressions.
One interesting point to make is that some of these campaigns weren’t actually bots at all. For some companies, making the discovery about these fraud campaigns is a great PR opportunity. To say you’re the company who discovered X bot does mean you’ll forever have your company name associated with a fraud takedown.
Fake account prevention
Beyond ads.txt, the most common ad fraud news usually focuses on the ad platform’s efforts to eliminate fake accounts or remove low quality inventory.
There are regular reports from Facebook, Instagram and Twitter about how bots and fake accounts have been purged. But no sooner than one set of fake accounts are cleared out, more appear.
And although the social media platforms including Facebook have made it harder to sign up anonymously, often needing a phone number and email for the purposes of 2FA, it is still easy to create fake profiles.
Google have also tightened the verification process for sites hosted on Adsense, the publisher monetisation platform. A new site now needs to meet higher standards for content quality, user experience on the site and more.
Google introduced Play Protect to the Google Play App store. The proliferation of fake and malware apps on the Android app store was a well known problem, and one that continues to cause problems today. With Play Protect, the theory was that apps were scanned for malware or other ad fraud elements before being made available.
And although this has stopped some of the more obvious and damaging forms of app based fraud, malware can still be ‘side loaded’ into Android apps.
In fact in recent years there have been a number of cases of ad fraud based apps in both the Google Android app store, and Apple’s App Store too.
Proof of view
One of the main issues with impression based ad fraud is verifying that it has been seen by a genuine (human) audience. Some form of proof of view is the obvious solution, and one that is being tackled with blockchain technology.
One such company, Verasity, are hoping that their patented proof of view technology will solve this problem. How?
The theory is that they will use algorithms to determine whether a viewer is genuine or a bot. Although this is how all ad fraud technology works, it remains to be seen how effective Verasity’s VeraViews product will be.
Although the Federated Learning of Cohorts was binned by Google, the idea was to protect user privacy online while at the same time blocking ad fraud. How?
Google’s original press release for the Privacy Sandbox detailed that they would use the Trust Token API to verify the integrity of mobile devices in particular. The Trust Token would use other people’s profiles to verify that a particular user was genuine.
However the entire FLoC approach attracted quite a bit of controversy, including concerns around privacy.
Despite opening to Beta, the privacy sandbox, FLoC and Trust Token have been mothballed for now.
What is the problem with stopping ad fraud?
It might seem like a simple problem. Stop bots, stop ad fraud. However it isn’t as simple as that, as we’ve seen.
First of all, how you identify traffic as fraudulent might depend on your position within the advertising infrastructure.
For example, the ad platforms might let through more less than ideal traffic in the name of increasing statistics. More impressions look good, right?
But a third party ad fraud prevention service isn’t influenced by the demand for more traffic, or bigger ad reach. With the demand for cleaner traffic, services such as ClickCease have grown in popularity exactly because we stand apart from the main ad platforms.
Being able to look at ad traffic objectively, with our only interest to improve the ad performance for our clients, is one of the main reasons why click fraud and ad fraud prevention tools have grown massively in recent years.
ClickCease is the click fraud prevention tool of choice of more professional marketers than any other solution.
Run a traffic audit for free with our 7 day trial and see for yourself who or what clicks your ads.
Read more about ad fraud on our blog