Domain spoofing in the spotlight

Advertising is big business, especially in the online sphere where ad space can be bought and sold across many different sites instantaneously. Programmatic advertising, an automated process which employs algorithms to place ads, is key to advertising online and has been found ripe for exploitation.

With technology controlling this process and so much money to be made, it’s hardly surprising that bad actors are taking advantage of the low level of human verification involved.

Domain spoofing is where bad actors trick advertisers into thinking they are buying advertising space on reputable websites, when in fact their adverts are being placed elsewhere. In the “Methbot” fraud which took place last year, a group of Russian criminals were found to be making millions of pounds every day by tricking algorithms into making bids for ad space on fraudulent sites. Since publishers create bid requests themselves, the “Methbot” spoofers were able to submit fraudulent URLs which appeared to belong to reputable publishers. In fact, spoofers can infiltrate various stages of the bidding process, including ad networks and exchanges.

Investigations reported by the Financial Times in September 2017 give an indication of scale of the problem. The investigations found that advertising purporting to be FT.com display inventory was available on 10 exchanges, and that advertising purporting to be FT.com video inventory appeared on 15. This was notwithstanding that the FT sells no FT.com video inventory through programmatic exchanges at all. The FT estimated that the equivalent of one month’s supply of genuine FT.com video inventory was fraudulently appearing in a single day in a fraud described by Anthony Hitchings, the FT’s digital advertising operations director, as “jaw-dropping”.

That domain spoofing puts money in the hands of criminals is worrying enough. For brands, the practice raises further significant concerns. Brands risk spending a substantial portion of their marketing budgets on adverts which end up somewhere entirely different to where it was intended. This loss of control is all the more concerning given the reputational damage and PR consequences that may be caused through association with a disreputable website. Furthermore, domain spoofing is drawing money away from legitimate publishers who have access to a smaller pool of advertising budgets once the fraudsters have taken their share.

In order to combat domain spoofing, publishers are starting to adopt tools such as ads.txt, created by the Interactive Advertising Bureau (IAB), a non-profit organisation which represents major publishers across the US and Europe. However, given the interlinking consequences of domain spoofing described above, a much wider take-up of this sort of protection is necessary to protect the industry as a whole.

If your business has been affected by fraudulent online activities, Wiggin may be able to help. Click here to read our tips for tackling fraudulent websites more generally.