Scammers have accelerated their attacks on connected TV and OTT devices, marking a whole new front for advertisers and publishers to combat ad fraud


hulu handmaid's tale

  • Marketers have a whole new avenue to worry about when it comes to battling ad fraud.
  • The accelerated growth of connected TV and over-the-top streaming has made the space a hotbed for ad fraud.
  • Verification company DoubleVerify recently uncovered a new fraud scheme, where a bot network specifically targeted connected TV (CTV) devices.

Marketers and publishers have been battling ad fraud on the web and mobile for years. Now, they may need to start worrying about getting ripped off by scammers on over-the-top (OTT) and connected TV devices too.

The accelerated growth of connected TV and over-the-top streaming has made the space a hotbed for ad fraud, according to verification company DoubleVerify, which just uncovered a new bot network specifically targeting connected TV (CTV) devices.


The fraud scheme was discovered after DoubleVerify saw a 40% spike in traffic from connected TV devices, all driven by a new bot network. Bot networks are created when fraudsters essentially infect armies of devices with sophisticated malware to impersonate internet users that marketers pay their ad dollars to reach with online ads.

The CTV botnet specifically unmasked by DoubleVerify generated fraudulent ad impressions by spoofing real publisher URLs, sending false signals to ad servers that it is a CTV device — thereby making the impressions land up on fraudulent sites instead of legitimate ones and fooling advertisers into believing that their ad is served on a CTV device. 

According to the company, approximately one-third of the fraud signals originated from gaming consoles, and the remaining two-thirds originated from smart TVs, as they are the most generic and thus easy to pretend to be.

“Networks of ad servers have ben acting like legitimate sources of advertising but diverting revenues over from content publishers for a while,” said Wayne Gattinella, CEO of DoubleVerify. “The news here is not the method, but the channel —  which is connected TV devices.”

Ad fraud has started creeping into the connected TV and OTT space

This CTV botnet marks the first direct, scaled botnet attack that the company has identified in the environment, according to Roy Rosenfeld, head of DoubleVerify’s Fraud Lab, who called it “the first concentrated attack of this kind that specifically targets the CTV ecosystem.” DoubleVerify’s Fraud Lab is dedicated to continually analyzing ad fraud trends across devices.

But the discovery of intensifying fraud activity in the CTV space isn’t surprising, said Gattinella, given the explosive growth of video at large and OTT streaming and the connected TV space in specific.

50% of all internet users access an online video subscription service at least once a week, and almost as many (49%) access a network TV app at least once a week, according to the Video Advertising Bureau. Plus, streaming accounts for 11% of all TV viewing hours for people aged 18 to 49 — more than doubling since 2015.

“Fraud tends to follow the money, and money tends to follow the eyeballs,” said Gattinella. “CTV ad volumes and the opportunity for CTV ad fraud have grown with user adoption.”

Ad fraud remains a perennial problem in digital advertising

To be sure, ad fraud has been perennial problem in digital advertising, with advertisers expected to lose $51 million per day and a whopping $19 billion through the year on ad fraud in 2018, according to Juniper Research. But the connected TV space that includes outfits such as Hulu, Dish and other premier players, marks a whole new front where advertisers and publishers now must look to combat ad fraud.

DoubleVerify is not the only fraud prevention company at the frontlines either. Others, including Adobe, White Ops, and Pixalate have warned against increasing fraud in the connected TV environment, with more than 20% of programmatically-sold connected TV video ads being measured as invalid by Pixalate during October 2017.

Once the scheme was identified, DoubleVerify immediately extended coverage to its clients, including various demand-side platforms (DSPs) and supply-side platforms (SSPs), shielding them from the attack. 

“OTT environments pose some challenges that don’t exist in other environments today,” said Nick Frizzell, senior director of brand safety and inventory operations at SpotX, an SSP and a DoubleVerify partner that remained unaffected by the attack. “Due to the ‘Wild West’ nature of the space, the doors are open for bad actors to capitalize if purchasing isn’t done with some due diligence.”

While several initiatives to clean up digital advertising — such as the industry and Google-backed ads.txt — have cropped up in recent year, the industry still has its work cut out for it. 

Read more: Google says its ads.txt initiative to clean up digital advertising is seeing strong adoption, but new data suggests otherwise

Ads.txt, for instance, doesn’t work for streaming apps and smart TVs. That’s where individual players like DoubleVerify and Adobe are stepping in. 

SEE ALSO: Facebook reportedly had its Republican-linked PR firm try to blame George Soros for the anti-Facebook movement

Join the conversation about this story »

NOW WATCH: The science of why human breasts are so big


Leave a Reply

Your email address will not be published. Required fields are marked *