April 2017 / Page 1 marketing.science consulting group, inc. linkedin.com/in/ augustinefou Bad Guys Rip Off Studios -- TWICE April 2017 Augustine Fou, PhD. acfou [at] mktsci.com

Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

Embed Size (px)

Citation preview

Page 1: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 1marketing.scienceconsulting group, inc.


Bad Guys Rip Off Studios -- TWICE

April 2017Augustine Fou, PhD.acfou [at] mktsci.com

Page 2: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 2marketing.scienceconsulting group, inc.


Did “at-scale” piracy win?

Source: http://gizmodo.com/the-new-plan-to-stop-internet-piracy-is-just-the-old-on-1792795228

“Copyright Alert System was shutdown for good last month.”

Source: https://www.engadget.com/2017/01/28/internet-providers-stop-copyright-alerts/

“ISPs and media groups have dropped the alert system with an admission that it isn't up to the job.”

“CAS was optimistic: it assumed that most pirates didn't even realize they were violating copyright.”

Page 3: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 3marketing.scienceconsulting group, inc.


How are piracy and ad fraud related?

“Cybercriminals (not teens or moms) steal content at-scale and make money from it through digital ads …”

“ … the best way to reduce piracy at-scale is to cut off their money supply (from digital ads).”

How they’re related

How to fight it

Page 4: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 4marketing.scienceconsulting group, inc.


Bad Guys Steal from Movie Studios - Twice

Piracy Ad Fraud

They steal your content

They steal your ad dollars

• Display ads• Video ads• Mobile ads+

Page 5: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 5marketing.scienceconsulting group, inc.


Studio ads fund piracy sites. How? Digital Ads

• Known piracy sites are not accepted into mainstream ad networks like Doubleclick• Piracy sites make revenues by serving display/video ads; they do not charge users• Piracy sites are also paid for each successful malware install on real human users• They want to earn higher, premium CPMs


• Big brand advertisers still pay on CPM (cost per thousand) impressions basis• They just need to cause the ad impressions to load


• Iframe ads (or entire pages) from other sites that already belong to premium ad networks; side deal to get a revenue share on premium CPM for driving traffic/imps.


Piracy Site

• Iframe of an ad (or entire webpage) from another site that is already part of an ad network.

• May use additional laundering or obfuscation techniques to hide true origin of the ad load

Page 6: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 6marketing.scienceconsulting group, inc.


How piracy sites amplify their ad revenues

Piracy Site

Stack hundreds of ad iframes on top of each other so each pageload causes hundreds of ad impressions.

Ad Stacking

A single ad call can invoke hundreds or thousands of single-pixel ad impressions – e.g. 1x1 pixels or 0x0 (hidden).

Pixel Stuffing

By causing an entire webpage to load within an iframe (visible or hidden) bad guys create fake traffic for sites that carry ads.

iFraming Entire Webpages

Load hundreds of ads on a page, constantly refresh the page or ad calls; auto-refresh/auto-play

High Ad Load

Page 7: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 7marketing.scienceconsulting group, inc.


Why anti-fraud solutions haven’t detected this• Many big brands’ agencies still buy digital ads on “reach and frequency” basis

and want as many ad impressions as possible, for lower average costDidn’t Look

• Anti-fraud solutions that ride along with the ad (ad tag) cannot see outside its own iframe

Can’t See

• There are many services that help to obfuscate or “launder” the real origin of the ad impressions


• Bad guys don’t play by any rules so they stack hundreds of ads so all of them are “above the fold” and trick viewability measurement tools


• The ad impressions may even appear to be seen by a human because technologies that measure the user environment (e.g. browser version, screen resolution, OS) will detect actual human user



Page 8: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 8marketing.scienceconsulting group, inc.


Ad Fraud Background

Page 9: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 9marketing.scienceconsulting group, inc.


Digital ad fraud is profitable and scalable

Source: https://hbr.org/2015/10/why-fraudulent-ad-networks-continue-to-thrive

“the profit margin is 99% … [especially with pay-for-use cloud services ]…”

“highly lucrative, and profitable… with margins from 80% to 94%…”

“why stop at 10 ads on the page; why

not load 13,000 ads on the page”

131 ads on pageX

100 iframes=

13,100 ads /page

Source: Digital Citizens Alliance Study, Feb 2014

Page 10: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 10marketing.scienceconsulting group, inc.


Example – 92% of impressions cleaned

Increased CPM prices by 800%

Decreased impression volume by 92%

Source: http://adexchanger.com/ad-exchange-news/6-months-after-fraud-cleanup-appnexus-shares-effect-on-its-exchange/

260 billion

20 billion

> $1.60

< 20 cents

Page 11: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 11marketing.scienceconsulting group, inc.


Methbot stayed hidden for years

Source: Dec 2016 WhiteOps Discloses Methbot Research

“the largest ad fraud discovered to date, a single botnet, Methbot, steals $3 - $5 million per day, $2 billion annualized.”

1. Targets video ad inventory$13 average CPM, 10X higher than display ads

2. Disguised as good publishersPretending to be good publishers to cover tracks

3. Simulated human actionsActively faked clicks, mouse movements, page scrolling

4. Obfuscated data center originsData center bots pretended to be from residential IP addresses

Page 12: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 12marketing.scienceconsulting group, inc.


About the Author

Page 13: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 13marketing.scienceconsulting group, inc.


Dr. Augustine Fou – Independent Ad Fraud Researcher2013


Follow me on LinkedIn (click) and on Twitter @acfou (click)

Further reading:http://www.slideshare.net/augustinefou/presentationshttps://www.linkedin.com/today/author/augustinefou



Page 14: Piracy and Ad Fraud - Bad Guys Rip Off Studios Twice

April 2017 / Page 14marketing.scienceconsulting group, inc.


Harvard Business Review – October 2015


Hunting the Bots

Fou, a prodigy who earned a Ph.D. from MIT at 23, belongs to the generation that witnessed the rise of digital marketers, having crafted his trade at American Express, one of the most successful American consumer brands, and at Omnicom, one of the largest global advertising agencies. Eventually stepping away from corporate life, Fou started his own practice, focusing on digital marketing fraud investigation.

Fou’s experiment proved that fake traffic is unproductive traffic. The fake visitors inflated the traffic statistics but contributed nothing to conversions, which stayed steady even after the traffic plummeted (bottom chart). Fake traffic is generated by “bad-guy bots.” A bot is computer code that runs automated tasks.