January 21, 2016 By Douglas Bonderud 2 min read

2016 will be a banner year for digital ad investment, with predictions calling for a 15 percent bump to advertising spend across the board. According to Threatpost, however, big money comes with a big problem: bot fraud.

A recent paper from the Association of National Advertisers (ANA) and fraud mitigation firm WhiteOps found that the number of ad fraud bots isn’t dropping; in fact , they’ll cost the industry more than $7 billion this year.

Bring Out the Bot Fraud

As noted by Ad Exchanger, ANA and WhiteOps ran a similar study last year and predicted 2015 losses of just over $6.3 billion. The new findings suggest bot activity is on the rise, but in reality, bot fraud is holding steady. Bigger spend from the industry just means more money up for grabs.

This is bad news for advertisers and marketers. Despite rallying cries and promises of better bot detection, there’s no significant change in the fake impressions industry. Simply put, companies were bad at detecting fraud last year, and they’re no better in 2016; on average, firms will spend $10 million this year for ads seen only by bots, the study found.

Other recent studies align with ANA’s findings. According to TechCrunch, the Interactive Advertising Bureau (IAB) predicted losses of more than $8 billion this year once malvertising and infringed content are considered. This shouldn’t come as a surprise since, as the TechCrunch piece also noted, almost half of all Internet traffic is bot traffic. In other words, they rule the digital roost.

Changing Impressions

Why are bots so good at duping ad companies and being counted as real impressions when no human actually viewed the content? Part of the problem stems from the definition: An impression is recorded whenever a Web browser requests a single advertisement from an online ad network.

Despite advancements in browser behavior monitoring and bot detection, malware-makers have gotten very good at mimicking human interactions online. When it comes to recording impressions, many advertisers aren’t particularly motivated to fund bot-finding initiatives that will inevitably lower their impression rate — especially if they’re hoping to prove the worth of a campaign.

The criminals behind bot fraud also understand the limited-time value of each nonhuman viewer. Profits are highest when they come from new IP addresses, and older machines that have black-flagged are simply retired from service. What’s more, bot creators are smart enough to send their requests from residential IP addresses, in turn lowering the chance of widespread blacklisting since legitimate users could get caught in the crossfire.

Right now there’s no quick fix for bot problems. According to ANA President and CEO Bob Liodice, “We’re still at the very beginning of making the industry aware of what the problem is and its root causes.” To really drive change, Liodice argued, “It’s time for moral outrage.”

He may have a point: Digital spending is up, bot rates are steady and advertising losses are rising by billions each year. Bottom line? Real progress comes from new metrics. CPM, KPI and impression-based measurements have been revealed as little more than smoke and mirrors. Advertisers need better ways to battle bots and track down real humans online.

More from

How will the Merck settlement affect the insurance industry?

3 min read - A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else?In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, the malware caused roughly $10 billion in damage.NotPetya malware exploited two Windows vulnerabilities: EternalBlue, a digital skeleton key leaked from the NSA, and Mimikatz, an exploit…

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

ICS CERT predictions for 2024: What you need to know

4 min read - As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure.Kaspersky just released their ICS CERT Predictions for this year, outlining the key cybersecurity challenges industrial enterprises will face in the year ahead. The forecasts emphasize the persistent nature of ransomware threats, the increasing prevalence of cosmopolitical hacktivism, insights…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today