Ad fraud poses a major threat to online advertising space. Tools called ad injectors insert ads, on the sly, into webpages without rightfully purchasing ad space from publishers. This is done either by inserting the ads on top of already existing ads, making the original ads impossible to see, or by making ads appear on pages that weren’t supposed to include ads at all. In both of these cases, injected ads defraud the publisher of revenues, defraud the brand that loses out on a valid impression, and defraud the consumer of a positive website experience.
Ad injection starts when a user downloads and installs a browser extension or app that is bundled with software that quietly injects unwanted ads into users’ browsers. Software like PDF converters or browser toolbars, for example, are often offered for free to the consumer but are monetized through deals with ad injectors on the basis of pay per install of their software or pay per click on their injected ads.
A recent study by Google concluded that 5.5 percent of unique IP addresses that accessed Google sites showed some form of ad injection, and over 50,000 browser extensions are guilty of injecting ads.
Another study by Namogoo, a company that developed technology for sites to block injected adware, shows 10-30 percent of internet users are affected by injected adware on their browsers.
Companies like DoubleVerify and Google are tackling ad injection on a large scale. For instance, DoubleVerify is working on solutions to identify the infected browsers and their signatures - a unique address of the machine. Once identified, the threats are shared with all stakeholders that are bidding on impressions on a real-time basis or placing media impressions as part of a general campaign. On the other hand, Google identified and removed 192 deceptive Chrome extensions from its Chrome web store. It has also started displaying red flags for deceptive software. Google also reaches out to advertisers who are affected by ad injectors to alert them of the occurrence of fraud and the ad network involved in it.
A major challenge to fixing the ad injection problem is lack of awareness that it is occurring. This is mainly due to the complex nature of programmatic buying coupled with the lack of transparency. However, recent advancements in domain detection technology can detect the domain on which an ad actually ran. This can help publishers to limit the use of sourced traffic, continuously monitor sourced traffic, and require suppliers (including DSPs) to demonstrate that their traffic does not include injected ads. This can drastically improve a publisher’s ability to tackle this crippling menace.