Since 2017, digital ad spending has increased while fraud losses have declined, according to the fourth annual Bot Baseline Report, published by White Ops and the Association of National Advertisers (ANA).
The report found that for the first time more fraud will be stopped than will succeed, suggesting that defenders are gaining ground in the battle against fraudsters, potentially because it has become increasingly more costly for criminals to purchase realistic bot traffic.
According to the report, 2019 saw an improvement in monetary losses. While the 2017 study reported $6.5 billion in losses, this year’s report reflects an 11% decline over the past two years despite digital ad spending having increased by 25.4% between 2017 and 2019.
Only 8% of display advertising impressions were fraudulent, which was a decrease of 9% from 2017, and only 14% of video ads were fake, down from 22% in 2017, the report found.
The report also noted that the majority of fraudulent impressions are actually invalidated by demand-side platforms (DSPs) or supply-side platforms (SSPs), filtered as SIVT before being paid for or invalidated later via clawbacks (the recovery of ad spend after a campaign has run). These measures are estimated to have mitigated nearly $14 billion in fraud losses annually.
“What appears to be a decline in digital ad fraud could be a temporary lull as bad actors sharpen their saws while avoiding detection. Recently, there’s been a spate of malware attacks on online retailers and publishers, where the malware are agnostic to platform and can change characteristics in order to escape detection by pattern- or signature-based defenses,” said Usman Rahim, digital security and operations manager for The Media Trust.
“Make no mistake, today’s malware are engineering feats that require a great deal of skill and collaboration. The economics of attacks is encouraging criminals to band together. Battling these attacks demands the same. This means aligning brands, technology partners and premium publishers with consumers’ needs – in the post-GDPR world, that includes their privacy and safety. More important, it means working together on keeping out bad actors and changing our practices before the regulators force us to.”
Source: Infosecurity Magazine