Back in 2019 we ran a talk for Leeds Digital Festival – The Bots Are Coming. It’s 2024 and the bots are here and they’re wreaking havoc. 

Digital ad fraud is a persistent and costly problem, siphoning billions in lost revenue spend away from legitimate advertising efforts each year.  

The exact figures can vary depending on the study and methodology, but IAB Tech Lab estimates that global ad fraud probably cost advertisers a staggering $68.2 billion in 2023, representing 13.3% of all ad spending.  

On the other hand, Juniper Research predicts that digital ad fraud will cost the global economy $150 billion by 2026, highlighting the rising scale of the issue now that malicious bots are here and they’re getting smarter. 

Juniper’s Digital Advertising Fraud: Key Trends, Competitor Landscape & Market Forecasts 2022-2026, also identified the top five countries most affected by advertising fraud, which account for 60 per cent of all global losses: 

1. US 
2. Japan 
3. China 
4. South Korea 
5. UK 

Ad fraud is both varied and consistently evolving 

Digital ad fraud happens constantly, with new schemes emerging all the time. Some of the more damaging types in recent years include the following: 

• Methbot: This sophisticated botnet, discovered in February 2023, generated over 42 million fraudulent clicks per day. It targeted high-value industries like finance and e-commerce, using real mobile devices through compromised apps to mimic genuine user behaviour. 
• Supply chain attack: This evolving tactic targets the ad supply chain itself. Fraudsters infiltrate legitimate ad networks or exchanges, inserting their own ads into campaigns meant for real advertisers. This results in wasted budgets and potentially damaging ads appearing on unrelated websites. 
• Chatbots: The National Cyber Security Centre (NCSC) has said there are growing cybersecurity risks of individuals manipulating the prompts through “prompt injection” attacks. 
• Ransomware: Criminals compromised data on potentially more than 5.3 million people from more than 700 organisations according to the Data security incident trends report released by the ICO, covering the period up to Q3 2023.   

Criminal gangs are behind many of the latest bot ad fraud techniques and their intention is for financial benefit, whether that is through direct methods as follows: 

1. Fake users, including fake clicks & click farms; 
2. Invisible and hidden ad; 
3. Fake installs; 
4. Impression laundering; 
5. Hijacking ads; 
6. Hijacking clicks; 
7. Popunders; 
8. Bot Traffic; 
9. Attribution manipulation. 

Or through scraping and stealing data, which can then be used to either blackmail companies into ransomware payments or through selling it on the black market for unscrupulous companies to pick up and use for marketing or identity fraud. 

The bots are here and they’re gaining momentum 

In January last year Royal Mail was hit with a ransomware attack believed to be linked to Russian criminals, which prevented people from sending mail or parcels abroad and in April 2023, hackers stole data from charities and community organisations in a cyber-attack on a Londonderry-based IT company. 

At the end of October 2023, the UK’s national library, the British Library, took to social media to inform users that it was experiencing disruption to its services following an IT outage. It subsequently transpired this was a ransomware attack by the Russian hacker group Rhysida which demanded a ransom of 20 bitcoin (equivalent to £600,000 at the time).   

The Financial Times reported that the British Library would have to burn through nearly half its reserves to cover the costs of restoring and securing the affected services which, at an estimated £6m-£7m, were some ten times the demanded ransom.   

What can we do about the bots? 

Blocking on its own, without sampling bad traffic and finding the source of fraud, won’t work. A simple black-and-white binary system is too predictable and can be spoofed. 

Blocking systems can actually become a testing ground for fraudsters by showing them how to make their bot software invisible. It’s fairly easy for a fraudster to modify the IP address of a traffic source or manipulate when the interactions occurred to avoid suspicion. 

Ensuring that backups are created and tested frequently is one way that organisations can make themselves more resilient to cyber-attack. Another is to avoid reliance on a single type of prevention. 

Just one reason that antivirus software fails, according to Kimberly Goody, the head of cyber-crime analysis at Mandiant, is because “today there is a whole underground marketplace” where criminals can cheaply test out malware samples against different antivirus programmes.  

If they see that their malware isn’t detected by a particular antivirus product, they can target an organisation with those weak defences. Shoring up defences would include investing in cyber-security staff and tools.  

Ms Goody also offers some advice to organisations overwhelmed by the array of cyber-security products on the market. “The only way to know how effective they are for you, and how relevant they’re going to be for you and your team, is to test that in your own environment,” she added. 

Multi-layered solutions are key 

No single method is going to prevent ad fraud, or bots, from accessing your data and affecting your business. 

Criminals are constantly adapting their technology to find ways around the defences being put in place. Having a multi-layered approach combining different technologies, verification methods and data protection is key to offering up the best protection against cyber-crime. 

Anyone looking at cyber security for their business should be considering a number of options within any type of protection: 

• Bot Detection: Identifying and filtering out suspicious traffic generated by bots and bot farms through analysing behaviour patterns, device fingerprinting, and interaction analysis; 
• Geo-fencing: restricting ad delivery to specific geographic areas to prevent fake impressions from distant locations; 
• Anomaly Detection: Analysing ad data for statistically significant deviations from normal patterns, indicating potential fraudulent activity; 
• Traffic Quality Scoring: Assigning scores to websites and publishers based on factors like traffic sources, engagement metrics, and historical activity to flag high-risk environments; 
• Real-time Fraud Prevention: Employing machine learning algorithms that analyse ad activity in real-time to identify and block fraudulent attempts as they occur. 

Our technology began life as a tool to intelligently detect click fraud and save money for businesses using online advertising.  

Once it became clear that our artificial intelligence-powered detection engine could do even more, and protect people from legitimately dangerous bot attacks and compromised data, we’ve been evolving with new methodology and using machine learning to adapt within the ever-evolving digital landscape. 

Now that the bots are here, the threat is constantly changing, and so does our technology. It’s patented and AI-powered to detect bots and to mitigate everything from data theft attempts to advertising click fraud. Our engine solves problems for multiple business functions. 

From security to finance, marketing to data analysis, customer experience and reputation management, Veracity Trust Network’s Ad Fraud Prevention and Web Threat Protection offer an easy to deploy solution. 

See what we’re doing to mitigate the effects now that the bots are here, as well as discovering how we can help your business protect itself from these non-human interactions: 

https://botprotect.veracitytrustnetwork.com/why-veracity  

22nd Mar 2024