Russian ring spooks experts
IN A twist on the peddling of fake news to real people, researchers say that a Russian cyberforgery ring has created more than half a million fake internet users and 250,000 fake websites to trick advertisers into collectively paying as much as $5 million a day for video ads that are never watched.
The fraud, which began in September and is still going on, represents a new level of sophistication among criminals who seek to profit by using bots – computer programs that pretend to be people – to cheat advertisers.
“We think that nothing has approached this operation in terms of profitability,” said Michael Tiffany, a founder and the chief executive of White Ops, the ad-focused computer security firm that publicly disclosed the fraud in a report Tuesday. “Our adversaries are bringing whole new levels of innovation to ad fraud.”
The thieves impersonated more than 6,100 news and content publishers, stealing advertising revenue that marketers intended to run on those sites, White Ops said.
The scheme exploited known flaws in the system of digital advertising, including the lack of a consistent, reliable method for tracking ads and ensuring that they are shown to the promised audience.
The spoofed outlets include a who’s who of the web: video-laden sites like Fox News and CBS Sports, large news organisations like the New York Times and the Wall Street Journal, major content platforms like Facebook and Yahoo and niche sites like Allrecipes.com and AccuWeather. Although the main targets were in the United States, news organisations in other countries were also affected.
“It will be a big shock to all of these publishers that someone was selling inventory supposedly on their sites,” Tiffany said in an interview on Monday, before the report’s release. White Ops and an advertising industry organisation, the Trustworthy Accountability Group, held a conference call with about 170 advertisers, ad networks and content publishers on Tuesday morning to brief them on their findings.
Tiffany said White Ops had traced the fraud to Russia and believed that the organisation behind it was a criminal enterprise out to make money. There was no evidence of a connection between the fraud and the politically motivated hacking during the United States election that US intelligence agencies and President Barack Obama have linked to the Russian government.
The Methbot scheme – named after the word “meth”, which shows up in its software code – was carefully designed to evade the anti-fraud mechanisms the advertising industry has put in place in recent years. Digital ad fraud was projected to cost marketers more than $7 billion in 2016, according to a study by the Association of National Advertisers and White Ops.