INside Performance Marketing
JOIN THE PERFORMANCEIN Top 50 Industry Players from 2017
Content packages include articles, roundtables, product discounts, and more…
JOIN TODAY
Domain Spoofing and How Advertisers Can Avoid It

Domain Spoofing and How Advertisers Can Avoid It

PerformanceIN

John Murphy of OpenX runs through some best practices committed to ad quality and fighting fraud to protect both buyers and sellers.

The Wall Street Journal shined an important light into the pervasive issue of counterfeit advertising defrauding the industry - Financial Times Finds Counterfeit Ad Space Was Offered by at Least Six Companies. The story highlights the arms race being waged today by companies that are truly committed to high quality, fraud free marketplaces, to rid the ecosystem of bad actors, fraudsters and low quality adtech providers that have failed to appropriately invest in quality.   

The opportunity for fraudsters to counterfeit inventory occurs when a non-premium website masquerades as a premium website to fraudulently attract ad spend. The practice has plagued the digital ecosystem for years, although increased use of server-to-server connections – which complicate domain validation at the time of the bid request – has made it a more visible challenge in recent months.  

The impact of domain spoofing is most obvious for advertisers as they believe they are buying high quality inventory, and thus audiences, when they are in fact failing to reach and engage their target audience. Adding insult to the injury of wasted ad spend, the ads running on the counterfeit sites could unwittingly be running alongside inappropriate, offensive content potentially damaging a brand’s reputation.

Importantly, domain spoofing is not a single victim crime. It has real and negative implications for publishers as well - and not just because it diverts valuable revenue that rightfully should be theirs into the hands of criminals. Spoofing artificially inflates the volume of premium programmatic inventory available for advertisers to bid on, and generates low quality traffic, both of which reduce demand for genuine impressions and diminish publisher CPMs. This has a negative impact on relationships with buyers who don’t realize they have been victims of fraud but conclude the ads they think they are running on the publisher’s site are performing poorly. Not only is publisher revenue being siphoned off, but the buyer assigns blame for the poor ROI from the counterfeit inventory to the actual publisher.  

While the issue may seem complicated, the good news is that there are a set of best practices that exchanges who are truly committed to ad quality and fighting fraud can put in place to protect both buyers and sellers.  

Adopt ads.txt

Inventory arbitrage is a common practice in programmatic, leading to complex payment chains where an impression is bought and sold many times over, frequently without the knowledge or authorization of the publisher. Misrepresentation is rife, with vendors claiming to have direct relationships with premium publishers when in fact they are just buying and repackaging inventory. In this environment it is easy for domain spoofing to thrive, and a single compromised source can spread spoofed impressions across the ecosystem.

To mitigate the problem of spoofed and arbitraged inventory, the IAB Tech Lab launched the ads.txt initiative – a text file standard that allows buyers to check whether a supply source has been authorised by the domain owner to sell its inventory. As a relatively simple way to signpost those authorized to sell their inventory, all publishers should embrace ads.txt.

Run programmatic buying tests

Testing its own website was certainly a wake-up call for the FT and is something publishers should be doing on a regular basis. By setting up programmatic buying tests against their own domains, publishers can gain a demand-eye view of how their inventory is being presented, and can pick up any anomalies. The FT discovered 15 exchanges were supposedly selling video impressions on its site, despite the fact it doesn’t sell its video inventory programmatically. As part of these tests publishers should use third-party verification for domain validation, as well as non-human or invalid traffic.       

Work with certified exchanges

Careful selection of monetization partners is a key part of fraud prevention, and publishers should work with technology partners who have made the required investments in quality. In particular, look for exchanges that have certifications from third-party organisations such as the Trustworthy Accountability Group (TAG).

Publishers must also delve into their partner’s quality policies and safeguards. Do they allow resale of ad impressions by DSPs (demand side platforms)? Are networks obliged to prove they are authorized to sell inventory? Do they use post-impression validation to detect mismatched domain and identify domain spoofing?  

Publishers should also look for partners that allow them to form and maintain direct relationships with advertisers through private marketplaces or programmatic guaranteed, reducing the complexity of the ecosystem and limiting the opportunity for fraud to thrive.  

In any growth market bad actors will seek to take advantage of change.  This is clearly what is happening today with domain spoofing. Only by acting together can we weed out the bad actors and rebuild trust by ensuring our ecosystem is led forward by those with a proven track record of investing heavily and consistently to stay ahead of the quality and fraud arms race.

Continue the conversation

Got a question or comment – post on Twitter, Facebook or LinkedIN.

John Murphy

John Murphy

John Murphy, VP of Marketplace Quality at OpenX, has been in the industry almost 17 years going back to goto.com, which became Overture (acquired by Yahoo). His role is to manage ad quality and traffic quality teams to make sure they provide a fair, transparent marketplace where buyers and sellers can transact with confidence.

Read more from John

You may also like…