Ad-Fraud Blocking

Ensuring our clients are not paying for Fraud is a top Priority at Adtheory. Competitors that offer Ad Fraud abilities generally do so after the product is delivered and have to be adjusted after each month. Our company uses internal and 3rd party software to block all Fraud from being billed to our clients, this allows us to reach all monthly goals without having to deal with returns.

Bot Traffic

Bot traffic is the part of online traffic and activities artificially generated by automated bots and spiders. It is estimated that between 10 and 20% of all online traffic consists of bot traffic. However, there are good bots and bad bots. The bad bots are in action when bot traffic is generated to create artificial ad impressions with the purpose of fraudulent ad revenues.

Good vs Bad Bot Traffic

Good bots are useful for providing numerous Internet services. Thus, “good bots” are search engine spider bots, bots used for availability and response time measurement, e-reputation spider bots, and advertising measurement bots. Bad bots are used for email address harvesting, automated account sign-up (to create multiple email accounts), content spinning, blogs and comments spam, and click and impression fraud.

Automated botnets make up a large segment of Web traffic. Thousands of infected computers are the result of fake traffic that is generated from a botnet, usually via malware, with a goal of generating false ad revenue by creating fake clicks and impressions.

Most botnets originate in countries where labor is cheap, such as Estonia, Singapore and China. The largest cybercrime takedown by the federal government involved a group from Estonia, who used a botnet to make $14 million, with fake ads that appeared on and

Bot traffic wastes Internet infrastructure resources and may affect Web analytics and advertising. Advertisers don’t want paid ads to be seen by bots. Captchas are a good way to prevent bot traffic but they are also an annoyance for website visitors.

Use of Web Crawlers

Non-human traffic, in the form of Web crawlers, are useful to the Internet. Web crawlers are legal bots that systematically browse the Web for indexing and data collection. Because they do not pose as human, they are not served ads, and so they do not impact advertising campaigns. Googlebot is an example of this type of automated surfer. The Alexa crawler, which surfs the Web from Amazon EC2 IP addresses, is another. Both Googlebot and the Alexa crawler are well-behaved in that they announce themselves as automated agents when they visit websites.

Googlebot and the Alexa crawler may behave themselves by announcing their presence, but this is not the case for all robotic surfers. In some cases, there are user-agent headers that improperly suggest there is a human component to their communications. However, even those are easy to identify because they typically use a finite set of IP addresses.

The other way to surf the Web without the use of humans is to deploy your automated surfer across an illegal botnet. Botnets are collections of illegitimately hijacked PCs. Criminals use these PCs to perform various tasks on your computer without your knowledge.

The online advertising system is quite broken, and many publishers knowingly buy traffic that comes from bots. You can buy traffic for less than a penny per visit from a vendor of dubious quality, because you know you have essentially an unlimited standing offer from advertisers that value those impressions at a penny plus. The advertisers have no idea that a significant amount of those views never actually happened, despite what the server log indicates.

A publisher may buy botnet traffic knowingly or unknowingly from ad networks, but what it gets is extremely cheap traffic, often for a penny or less. Often if questioned about activity that has occurred on the web, the ad network would explain the anomalies provided by this inexpensive, unreliable traffic as being from an unknown quality. However, many publishers know what they are getting and choose to ignore it. They know that not all of the traffic they just paid for is legitimate, but it looks good to the bosses, who may not fully understand the area of Internet marketing.

Spoofed URL

Spoofing is a type of scam where an intruder attempts to gain unauthorized access to a user’s system or information by pretending to be the user. The main purpose is to trick the user into releasing sensitive information in order to gain access to one’s bank account, computer system or to steal personal information, such as passwords.

A Spoofed URL is a website that poses as another website. It usually happens when a bug in a Web browser is exploited, allowing a malicious computer attack. Such attacks are most effective against computers that lack recent security patches. During such an attack, a computer user innocently visits a website and sees a familiar URL in the address bar such as but is, in reality, sending information to an entirely different location that would typically be monitored by an information thief.

In another variation, a website may look like the original, but is in fact an imitation of it. These are mostly harmless, and are more noticeably different from the original, as they usually do not exploit bugs in Web browser technology. For instance, targets might be directed to a site that looks similar to their credit card company and they will be asked to log in. If one falls for it and actually logs in, the scammer could then log onto the real site and create hardship by using the account information the victim used to log in.

What is Phishing?

When sensitive information is requested by a fraudulent website, it is called phishing. The act of phishing is a common practice that is necessary for a spoofed URL to be effective. In a phishing scam, an email is sent to an unsuspecting user that appears to be from a legitimate website that the customer has an established relationship. In the email, they are instructed to access the website and log in to address some fictional problem or update information. A link to the website is provided in the email. The user clicks on the link provided, which takes them to what appears to be a legitimate site. However, it is a bogus site set up for the sole purpose of stealing your information. As soon as you log in, you have provided this bogus company with your log in information from the actual site, where they can now access the site as you and have full access to your information.

Common Crimes Using Spoofed URLs

A major crime associated with spoofed URLs is identity theft. The thief will make a spoofed URL website that is similar to the site the user is trying to go to, and when taken to the Web page, it will look nearly identical. Then, if the user is shopping and enters all of their information to pay for the items, they inadvertently give the thief their credit card and identity information. The websites will post products at “too good to be true” prices, and lure those who are new to the Internet and looking for a good deal..

Another crime associated with spoofed URLs is setting up fake anti-malware software. An example of this would be Ransomware, a fake anti-malware software that locks up important files for the computer to run, and forces the user to pay a ransom to get the files back. If the user refuses to pay, after a certain period of time, the Ransomware will delete the files off of the computer, essentially causing the computer to crash. These programs usually come up in ads on the side of popular websites, such as dating websites and even social media like Twitter and Facebook. Also, these can come up as attachments in emails tied to phishing.

How to Stay Protected

Be extremely cautious whenever you receive a message asking for personal information and only download files from trusted sources. Install firewalls to block suspicious inquiries and keep antivirus software installed and up-to-date on any computer you use. If you get an inquiry seeking personal information, don’t provide it. Hang up (or log off). This is a crime that can be prevented in most cases, so be smart and safe and don’t get fooled.

Blind Inventory

Blind inventory is any ad impression that has no referring URL or occurs when the referrer points to an ad server, and not to the original content. These types of advertising buyers are apparently only interested in the getting a cookie implanted, regardless of what content the user is engaged in at the time the cookie is implanted.

A blind network is an ad network that doesn’t let advertisers know where their ads are displayed. This type of advertising network is appealing to advertisers due to the low rates offered by blind networks. These companies offer good pricing to direct marketers in exchange for those marketers relinquishing control over where their ads will run, though some networks offer a “site opt out” method. Blind networks achieve their low pricing through large bulk buys of typically remnant inventory combined with conversion optimization and ad targeting technology.

Blind ad networks can be a powerful tool, if used for the right type of campaign. They have their limitations but they are a great solution for a high volume, low price range alternative. However, blind ad networks should not be used in brand-centric campaigns that require contextual relevancy and brand protection. A politician promoting their run for office would not want to have their ad placed next to images of a drunken teenager. There isn’t a guarantee about where your ad will be placed, except the fact that it won’t be placed next to extremely inappropriate content. Content that would be offensive to most any advertiser would be protected, but there is no guarantee that the content won’t be offensive to your company.

Most of the advertisers that are willing to buy this blind inventory tend to be advertisers with very clear monetization strategies in the backend. This is why you often see ads from companies like:

And inversely, this is also why you don’t often see large brand advertisers or folks with very specific advertising goals (for example, if you did lawsuits for cancer caused by asbestos) advertising on blind inventory. Without control of the context, the dollars put into these campaigns can be wasted.

Media planners may want to include blind ad networks in their arsenal of tools but it should only be used for clients who are willing to forego the branding aspect of a display campaign. Aggressive direct response and click-per-action advertisers should find substantial value due to the high volume of categories and wide range of affordable cost-per-thousands offered.

Social network advertising is often remnant ad networks. Social networks often resort to ad networks to monetize their sites. Remnant ad networks are frequently the largest customers of these sites.

On a basic level, it’s hard to imagine any serious advertiser or agency still buying impressions without knowing where they will be placed. The days of publishers pushing inventory out the back door at a twentieth of the cost of their direct sales has nearly gone. In the coming year, advertisers will have greater visibility of where their ads are being placed and by whom they are seen.Increased transparency will lead to a greater understanding of how effective a media plan is, which is not a bad thing for the future of display.