

How to Defraud Display Advertisers with Zeus - blahpro
http://spider.io/zeus

======
jmngomes
Advertisers are actually more aware of this than the author writes, I think
he's just being politically correct. They're also aware of how inneficient
offline media (TV, billboards) are.

I think this is just another case of "no one ever got fired for buying IBM",
e.g. "no one ever got fired for advertising on TV or buying Google Ads or
doing what the agency told them to do".

Solving this problem is not yet, unfortunately, a priority for advertisers. I
wonder for how long.

~~~
nobody_nowhere
When he says "unsuspecting advertisers", I don't think he means it in the
sense of "unaware", as this problem has been broadly covered in the trade
press over the past year. It's more that they have trouble doing anything
about it.

The problem is that cleansing the display ad supply chain is complex, and some
suppliers (notably "supply side platforms", or SSPs) are complicit in the
fraud, knowingly signing up and profiting from publishers who pay for this
fraudulent traffic. The article cited as footnote #1 gives some detail there.

Buyers have limited options to combat the problem. Spider.io does absolutely
oustanding work, but they're a small company and can't deliver at scale.
Larger, more widely adopted suppliers have solutions that (arguably) aren't
work paying for.

Because display is a tonnage game and ad rates are so cheap (well under
$1/thousand impressions wholesale), you can just bake the cost of fraud (and
viewability, and other issues) into the cost of your buying. Assuming you can
reliably measure your ad ROI, which only a fraction of advertisers can do.

~~~
schenecstasy
Outstanding comment. Spider.io is solving a problem that doesn't exist. In the
purest white hat view of the world combating ad fraud is richly complex
technical challenge and a huge untapped vein of potential revenue.
Unfortunately it's the former and not the latter. Ad fraud is a mild foot
fungus on the world of online display and no actors are incentivized to fight
it.

~~~
jmngomes
When you're selling an advertising medium, virtually all advertisers will ask
how can they "measure ROI". What really seems to me is that most of this is
just talk.
([http://kariobrien.files.wordpress.com/2013/07/marketing_roi_...](http://kariobrien.files.wordpress.com/2013/07/marketing_roi_cartoon.jpg))

I'd argue that fraud is a big problem because it affects ROI.

Especially, it affects 40% of mobile ads, which means that you just wasted 40%
of your campaign's budget.

It's estimated to be between 2% and 19% on online ads, with those 2% being
acknowledged by Google, who is probably one of the few providers that actually
does something to prevent it.

I think this is a challenging topic. There's an economical problem in plain
view. Why are advertisers ignoring it? Lack of alternatives?

------
taf2
It would be interesting to try and build a signature of the malware invisible
windows. When loading an IE browser are there any signs that the page is not
visible... would something like
[https://github.com/Valve/fingerprintjs](https://github.com/Valve/fingerprintjs)
uniquely detect the hidden IE windows?

[EDIT] another thing that could be helpful in building a signature is:
[http://stackoverflow.com/questions/1060008/is-there-a-way-
to...](http://stackoverflow.com/questions/1060008/is-there-a-way-to-detect-if-
a-browser-window-is-not-currently-active)

~~~
gcb1
but how does the browser interpret a hidden window like the one shown? maybe
it even sends out that the page is in view... and even if not... how long
until the malware coerce it to say so?

and you are the only one here in the right track. the ad ecosystem IS moving
to a bill per viewability model. though for the wrong reasons (drive
advertiser expending down, like they did artificially with paying for click
instead of display)

------
ta_goomast
It seems to me that defrauding online advertisers has been a global sport
since advertising started polluting the web.

If only this could get so massively out of hands that advertisers gave up
altogether on polluting the web and wasting internet bandwidth and computer
resources. Then maybe google would become a search engine again and provide
relevant search results, at the very least the internet would be less a global
surveillance tool it has become people don't care enough or are too clueless.

~~~
shanemhansen
Google is an advertising company. They would go out of business with the rest
of their competition. It would be fantastic if the worlds brightest engineers
worked on something who's goal was not to drive impressions and clickthrough.
But solving the worlds real problems doesn't pay as well.

------
shobhitverma
Very interesting read. Is it even possible to solve the problem if the
publisher itself is fraudulent? Since they are the layer of communication and
they will provide parameters to run your code, there is only so much you can
do. It seems like once of those problems in which the damage is limited to a
small percentage and the advertisers are kind of OK with it deploying too many
resources to find a solution.

