Google, for example, let 3ve’s counterfeit websites earn
revenue through its ad systems and later refunded its partners
for ads that ran. “We actually lose money in this process
because we do have to pay out,” Spencer said. (He declined to
say how much the company paid out in refunds to partners or
to the fraudsters directly.)
Partners, in this context, would refer to the advertisers. We also work with WhiteOps, standard operating procedure is to refund/rerun the traffic WhiteOps flags as fraudulent.
Advertisers assume a percentage of their money is going to be wasted on bots, networks (like Google) assume they will misidentify a percentage of impressions and have to reconciliate the numbers, but also that they'll miss some.
It's very easy to demonise Google and think they stand to benefit from this all, but in reality they are hurt by it as much as anyone else, and if there was guaranteed zero fraud in their network they could raise prices and increase profit.
It's impossible for Joe ads buyer to price in fraud, because he doesn't actually know how much fraud is happening. Only Google/the other big exchanges have information to get even close to knowing how much fraud is happening and they have a vested interest in letting fraud slip through and not detecting.
And yes, Google cooperated in this specific case, but only after the problem got really bad. It's really hard to take a charitable view when Google, a large player in the ads space, and a company known for technical excellence, allows stuff like this to happen:
> An agency or advertiser looking to place an ad would only see the name of TBS.com in the ad exchange and not know they were buying ad space on a counterfeit site. Then the bots would visit the fake site and view the ad to generate revenue. (This technique of masquerading as a legitimate publisher is called domain spoofing. It’s a long-running issue, though a new standard called ads.txt [1] is helping curb it.)
>It's very easy to demonise Google and think they stand to benefit from this all, but in reality they are hurt by it as much as anyone else
False if bot traffic > estimated bot traffic
For others like FB and Twitter, it's a fact their active user counts are inflated by bots and that they are disincentivized to accurately account for it.
This article and research is talking about third party advertising, where an ad network is used to serve ads on third party sites (greatly simplified, as in reality there could be lots of other players in the chain)
What you're talking about is a completely different scenario, where the publisher is also the ad network (FB, Twitter) so inflated user activity could be beneficial for them. That's also arguable as they provide excellent metrics and different pricing models (CPM, CPC, CPA) so if their numbers were as bad as you think more advertisers would just drop FAN.
In the case of 3ve, methbot and the like, the process for the fraudsters is different and has nothing to do with bots in social networks:
1. In online advertising, it's very difficult to know who is authorised to serve ads for a given domain. Some domains have hundreds of ad suppliers and they can change all the time. This is alleviated by ads.txt, an IAB initiative to list all your adtech partners in a machine-readable file on your web root.
2. Since it's hard to know what inventory a player in the middle of the chain really has access to. So you can make a deal with an ad player to serve ads on the new york times, but actually be delivering shit inventory. This happens a lot at a smaller scale with dodgy ad vendors that simply deliver lower quality inventory; and added to this, until recently there was no way of cryptographically signing bid requests on OpenRTB protocol (v3 adds this feature)
3. If you have access to lots of consumer IP addresses (3ve uses a large botnet) you can essentially create a hosts entry for publisher.com pointing to localhost, serve a site with fake content loaded with real ads, open a real browser to it and collect on the money from the partnerships and accounts you opened. The advertisers think they're buying real inventory and these users pass every check (browser, network...)
PS. I do understand the apprehension though, I spent 10 years in adtech and at times the ecosystem is a total clusterfuck, but it is slowly getting better.
"I have no sympathy for people who want to make a living by making things who then rent space in existing channels to tell users said things are for sale. At this point I'm rooting for anyone making bootstrapping and entrepreneurship less viable."
You're strawmanning. They were saying they have no sympathy for the ad and ad tech industry - not that they have no sympathy for people who want to advertise their businesses.
You can thank the adtech industry for making every other business model inviable, except for exploiting your users, disregarding their privacy and selling their eyeballs to be flooded with manipulative crap.
