Ad FraudWhy Don’t Advertisers Notice When Criminals Are Robbing Them Blind?

August 30, 2022 | 12 min read

Ad Fraud

In a Nutshell

Merchants love online advertising, but unfortunately, so do fraudsters. In this post, we’ll discuss different types of online ad fraud, the red flags to watch out for, and offer a few tips that advertisers can take to protect their marketing investment.

How Ad Fraud Is Killing Your Marketing Budget (& What You Can Do About It)

Wherever you find merchants making money, it’s a sure bet you’ll find fraudsters, too.

Case in point: online advertising. More and more merchants are reaping the benefits of doing their marketing on the web. Not surprisingly, cybercriminals have devised ways to hijack online ads and make money at those merchants’ expense.

The numbers are huge: according to recent estimates, US merchants will lose $23 billion to ad fraud this year. Fraudsters are cashing in, while advertisers often can’t figure out what’s going wrong. That raises the question: what can you do about it?

In this post, we’ll be talking about the different types of online ad fraud threats. We’ll give you some red flags to watch for, and offer some tips that can help you protect your marketing investment.

What is Ad Fraud?

Online Ad Fraud

[noun]/* än • līn • ad • frôd/

Ad fraud is the practice of fraudulently representing the traffic, clicks, impressions, conversions, or data events of digital advertising efforts. The goal of online ad fraud is to take advantage of advertisers to generate illicit revenue.

Before we look at the fraud issue, it helps to have a basic understanding of online advertising itself.

Basically, an advertiser is someone who wants to promote their business online. Publishers sell and publish digital ad space, typically measured either by views (“impressions”) or click-throughs, or some combination of the two. Often, a third party called an advertising network is involved, which acts as a broker. The network is essentially an online platform where businesses can buy ad space from third-party websites.

In simple terms, advertisers need places to advertise, and publishers have advertising space to sell. The ad network connects them, ideally in a way that benefits all parties. This becomes a problem, though, when bad actors get involved.

Digital ad fraud is any attempt to usurp online advertising and fraudulently siphon revenue from advertisers. Fraudsters typically use bots to commit ad fraud. These are autonomous web programs that hackers design to conduct malicious activity, and they are abundant. Experts estimate that bots comprise roughly 50% of all traffic on the web.

How does ad fraud affect publishers?

Ad Fraud $81 billion: The total cost of ad fraud in 2022
Statista, Estimated cost of digital ad fraud…

Ad Fraud 28% of all ad traffic in 2018 was fraudulent
Adobe, 2018 Digital Web Traffic Data

Ad Fraud 31% of iOS app installs are fraudulent. 25% of Android app installs are fraudulent
Interceptd, Q2 2019 Mobile Ad Fraud Report

Ad Fraud Top 3 ad fraud sources: App Install Farms: 42%, Click Injection: 30%, Click Spam & Ad Stacking: 27%
Gohil & Meniya, Survey on Online Advertising…

Ad Fraud Techniques: How Does Advertising Fraud Work?

Online advertising fraud involves a broad range of techniques. Fraudsters develop new tricks every day, and it’s impossible to detail them all. That said, most involve scammers pocketing unearned commissions at the advertiser’s expense, and are based on a few basic tactics.

Online advertising scams typically fall into one of the following categories:

Domain Spoofing

Domain spoofing could be described as “site impersonation.” Here, the scammer builds a site deliberately designed to look like a reputable publisher. Unwary advertisers are scammed into paying premium prices for ads on the counterfeit site.

For example, the fraudster might promise advertisers ad placements on auto industry publication CarAndDriver. The fraudster creates and hosts a professional-looking website using the domain “” Advertisers then pay the fraudster a premium price, believing their ads will appear on the more heavily trafficked site.

Click Fraud

Click fraud, also known as pay-per-click fraud, is a way to artificially inflate traffic for online advertisements. Bots (or occasionally humans) target pay-per-click (PPC) ads and pretend to be legitimate site visitors.

This can deplete an advertiser’s budget or skew the ad’s performance. In most cases, the goal is to steal revenue by repeatedly clicking on ads, as each click requires the ad network to pay the phony publisher.

Did you know? Bots are good at impersonating real users.

Bots can also be distributed across multiple devices in a botnet that utilizes consumers’ devices through secretly installed malware. Each click comes from a different IP address, making the impressions seem legitimate.

Cookie stuffing is fraud aimed specifically at the affiliate marketing space. Affiliate marketing is where an advertiser works with a network of third-party affiliates to drive traffic to the site.

Cookie stuffing is the practice of secretly sneaking affiliate tracking cookies onto the user’s browser. For example, if a user makes a qualifying purchase, the fake cookie tells the advertiser to send a commission to the cookie-stuffing scammer.

Affiliate fraud means you’re paying commissions on bogus sales. We can help you increase your affiliate marketing ROI by eliminating these bad actors.


Pixel Stuffing

Along the same lines, pixel stuffing hides an invisible ad inside a 1 pixel × 1 pixel square. Any impressions the legitimate ad gets are also received by the ads crammed into the stowaway pixel, stealing credit (and commissions) while delivering zero benefits to the advertiser.

A similar trick (mostly used on mobile devices) is ad-stacking, where ads are literally hidden (stacked) behind the real ad that the user sees. The fraudster gains impressions for as many ads as they’re able to pile up behind the legitimate message.

Viewer Fraud

Whenever ads are shown on YouTube videos, the advertiser is charged a fee. Naturally, the most frequently viewed videos demand the highest price per view.

Spammers program bots to automatically “watch” the ads, generating false metrics that make it seem like the ads are getting more views than they actually are. The fraudster charges premium prices for the alleged “traffic,” even though the videos are never seen by human eyes.


Geomasking is the practice of disguising the geographic location where certain web traffic originates. Obviously, different regions of the world have more or less value as a market. Fraudsters can exploit this by spoofing IP addresses to make the traffic look more valuable than it is, then increasing advertising fees accordingly.

Fake App Installs

A trick more commonly used with mobile advertising, fake installs are exactly as the phrase describes. Scammers use emulation software to install fake apps that look and act like the genuine article. The program asks for data access during the alleged install, thereby gaining permission to a device's information. An app gets installed on the unknowing user’s device, and the advertiser pays the marketer a commission for the install.

Ad Fraud: 3 Red Flags That Signal Bad Traffic

Since ad fraud comes in all shapes and sizes, no single tactic will be enough to completely protect publishers or advertisers. That said, a multi-level ad fraud detection plan can help alert you about fraud when it happens, allowing you to take defensive action.

Google Analytics and other such services can help monitor activity. However, even DIY tactics can detect and deter some types of ad fraud. Mostly it requires basic analysis and common sense.

The following are a few of the key warning signs of ad fraud activity that you should watch for:

Red Flag #1 | Performance

If you’re looking for ad fraud, a lack of performance conversions (increased sales, for example) is a dead giveaway. An easy way to check is by comparing the performance of your display ad campaigns to other channels like Facebook, LinkedIn, or other well-known sites.

For example, if 100 clicks from a Twitter ad results in 10 conversions, but your display advertising campaigns deliver zero, that should set off alarm bells. By the same token, if your display ads are bringing in 50 conversions compared to five via Twitter, something is still amiss.

Red Flag #2 | Performance

Take note of anything that seems out of the ordinary, like spikes in traffic that happen for no known reason. Certain fraud tools use historical data and statistical analysis to identify questionable events, but even with these kinds of safeguards, you should stay alert for anomalies.

For example: some sophisticated bots can be programmed to mimic human behavior, but most don’t. Look for tell-tale signs of real human behavior, such as visiting other pages on the site, filling out forms, and so on. Compare the results and look for any events that break the pattern.

Red Flag #3 | Over-the-top CTRs

Finally, perhaps the most obvious fraud red flag is an unrealistically high click-through rate (CTR). It can be easy to ignore this warning sign simply because you want it to be true. If you're experiencing CTRs over a half-percent or so, however, you’ll probably need to check into things further.

This is especially true if you’re only getting those numbers from certain sites. Check your analytics for things like high bounce rates and short session durations. If it turns out to be fraud, contact the publisher or your ad network immediately.

6 Quick Tips for Better Ad Fraud Prevention

As we mentioned earlier, ad fraud comes in so many variations, a “one-size-fits-all” solution isn’t feasible. Attacking the problem from multiple angles is the only way to effectively mitigate risk. Here are a few suggestions for creating an effective prevention plan:

  • Implement Ads.txt: The Ads.txt (Authorized Digital Sellers) initiative employs a text file that allows publishers to list which companies are authorized to sell advertisements on their behalf. Advertisers can check the list to ensure that the publisher they’re buying from is legit.
  • Ask Your Customers: Instances of ad fraud may be missed by the advertiser but noticed by users. Make sure you have a fast, simple way for visitors to give feedback if they spot copycat sites or receive suspicious emails. Communicating directly with your publisher can also help.
  • Protect your site elements: To spoof websites, scammers may swipe pictures, logos, and text directly from your site. Consider using a service that can monitor instances of your content across the web. Creating “exact match” alerts through Google is a good starting point.
  • Partner with trusted vendors: Make sure you find a vendor who has the technology and expertise to effectively combat fraud. Reputable providers typically use third-party technology to help publishers and advertisers track traffic metrics, monitor ad quality, and detect bots or malware.
  • Consider Blockchain: While it’s not yet in wide use, blockchain technology solutions can deliver absolute transparency. Anyone accessing the public record can identify traffic and track ad spend, making it difficult for fraudsters to hide their work.
  • Employ Affiliate Fraud Tools: While affiliate network anti-fraud tools can greatly mitigate fraud risk, help from the right outside vendor can greatly increase your protection. Affiliate Fraud Shield from Chargebacks911®, for example, was designed to give merchants deeper insight into their affiliate programs and help weed out fake clicks.

Ad Fraud: an Ongoing Issue

Like most online fraud situations, ad fraud is a constant push-pull between advertisers (and publishers) and cyber crooks. Fraudsters are getting more sophisticated, to the point where it’s hard to know exactly how widespread the problem actually is.

On the other hand, awareness on the part of advertisers is higher, and technology detecting ad fraud keeps improving. Blockchain offers tantalizing possibilities, as do advances in machine learning.

The issue is far from resolved, but there is hope for the future. To learn how Chargebacks911 can help you rein in fraud losses, contact us today.


What is online advertising?

Advertising which takes place on websites or apps. Publishers are the owners of ad space (also referred to as "ad inventory"), while advertisers are the ones who purchase those spaces.

What is an ad network?

An ad network mediates the sales of ad inventory between publishers and advertisers. The main job of the ad network is to gather ad space and match it with an advertiser's needs.

What is online ad fraud?

Online ad fraud is cybercrime aimed at deceiving advertising platforms into thinking that fake activity on the network is real user behavior. Fraudsters use a range of methods to try and get advertisers and ad networks to pay them unearned commissions.

How much does ad fraud cost advertisers?

The amount that advertisers lose to digital ad fraud will hit $44 billion annually by the end of 2022.

How do you prevent ad fraud?

Advertisers can set alerts and watch for warning signs of fraud, then take appropriate action. Always work with vendors that can be verified as legitimate. Keeping open lines of communication with customers, watching for tell-tale signs such as unrealistic CTRs, and using available fraud detection tools can also aid in prevention.

We’ll run the numbers; You’ll see the savings.
Please share a few details and we'll connect with you!
Over 18,000 companies recovered revenue with products from Chargebacks911
Close Form
Embed code has been copied to clipboard