Ad Fraud Moves to Video Streaming, with Dangerous Implications
Since the dawn of the internet, fraud has been an ever-present threat. However, it is only in the past couple of years that the cost of fraud has become truly catastrophic. In terms of stolen data and stolen cash, the impact of online fraud has risen exponentially since 2020, with tens of billions of pounds being stolen from consumers and companies globally.
One of the most pervasive forms of fraud is ad fraud, which is when criminals hijack ads to siphon off revenue or to direct unsuspecting users to malicious sites. While defences have evolved to combat traditional banner ad fraud, a new type of threat has emerged.
The new arena for this fraud is over-the-top (OTT) video streaming, which grew 40-fold in 2020 alone. Read on to find out exactly what you need to know about video streaming ad fraud, and what users are doing to protect themselves.
What is ad fraud in video streaming?
First, let’s break down exactly what advertising fraud in video streaming actually is. In the broadest terms, it describes any kind of malicious ad spoofing or hijacking that targets video streaming advertising networks and audiences.
A common example of this type of ad fraud is when criminals spoof thousands or even millions of connected TV (CTV) devices, in order to siphon off ad revenues that are based on impressions (rather than clicks).
Others might create completely fake streaming platforms that can be accessed via networks such as the Roku ecosystem, in the same way that a criminal might create a malicious smartphone app on the Google store to steal consumer data.
Others might commit server-side ad insertion or (SSAI) fraud, in which they hack streaming servers and insert their own malicious ads over legitimate ads, either to steal revenues or to manipulate viewers into clicking a malicious link.
All of these various forms of ad fraud are taking over video streaming at a record pace, meaning that now is the time to take action to protect yourself, whether you’re a viewer or an advertiser.
How can you defend against it?
While watchdogs are doing their bit to sound the alarm and crack down on this new type of fraud, there are also things that consumers can do to protect themselves. This guide by the cybersecurity experts over at SEON describes how to protect yourself against account takeovers, which is one of the leading ad fraud strategies used by criminals.
With an account takeover attack, a user will access your personal accounts, which they can then use to inflate ad revenues or as a staging ground to hack the streaming platforms themselves. Simply using secure passwords, VPNs, and double-checking links before clicking can eliminate most of the vulnerabilities that ad fraud hackers will exploit.
If you work for a marketing firm, there are some more robust measures that you should be taking to ringfence your revenues against fraud. For one, you can use an IP analysis tool to verify your traffic, as this will notify you if there are suspicious VPN proxies or TOR accounts interacting with your network.
You can also monitor the websites in your advertising network more closely to see if there are suspiciously large or atypical amounts of traffic coming from any specific publishers.
You can also make use of accredited anti-fraud tools that will work on your behalf to filter out suspicious traffic and ensure airtight server security. As a brand, you can also ensure brand safety by partnering with certified advertisers that have valid trust certificates.
Video streaming ad fraud is on the rise. However, there are already robust tools and tactics that you can use to secure yourself against this criminal activity in order to keep users, platforms, and revenues safe. By taking a proactive approach, you can avoid becoming a victim of fraud.
Why do criminals do it?
There are many reasons why a criminal might spy on an opportunity in video streaming ad fraud. As mentioned, the most common reason is to siphon ad revenues by effectively tricking advertisers with fake clicks and impressions produced by bots and spoofed/hacked devices. They are taking automatic income for displaying ads to users that do not exist.
They might also want to make money off their own ad campaigns, spoofing fake views for their own ads to boost their numbers. Sometimes, ad fraud has more targeted motives, with numerous examples of people doing this in order to target a specific advertiser that they believe has wronged them somehow.
Other times, ad fraud criminals are after data, rather than money. They can insert malicious ads onto legitimate platforms via server and account hacking, which might contain links to malware or spyware. With this, they can gain valuable user data such as passwords, online banking credentials, and personal information, to do with as they please.
No matter the motive, ad fraud is always illegal, and should always be guarded against.
What are the implications?
If ad fraud is left unchecked, the implications can be severe. For marketers and advertisers, ad fraud can easily put you out of business. Ad fraud drains revenues via false impressions and clicks, meaning that marketers are spending huge amounts of money on literally nothing.
This can also have long-term implications since companies who are not aware that they are being defrauded will make inaccurate decisions for future campaigns based on this fabricated audience data.
In a wider sense, ad fraud undermines trust between advertisers, platforms, and users, making it much more difficult for legitimate actors to derive revenues from advertising.
For viewers of video streaming content, this new type of ad fraud represents a significant danger. Few people streaming their favourite show on a major platform that shows ads would suspect that any of those ads would be dangerous.
However, clicking on an inserted ad could make you the victim of a devastating cyberattack, as we have discussed. If ad fraud is left unchecked, online video streaming as a whole becomes a risky enterprise, one that becomes less sustainable with each passing day.
