Major publishers have fallen victim to domain spoofing: can your business avoid the same fate?
By John Murphy, VP, marketplace quality, OpenX
Recent news stories have shone an important light onto the pervasive issue of counterfeit advertising defrauding brands and robbing publishers of deserved revenue. The practice began receiving mainstream attention following the announcement by the Financial Times that they had found millions of dollars worth of counterfeit ad space being offered by at least six technology companies to unsuspecting brands.
The opportunity for fraudsters to counterfeit (or “spoof”) inventory occurs when a fraudulent player masquerades a non-premium website as being a premium website to attract ad spend. The practice has plagued the digital ecosystem for years, although expansion of inventory resellers that create further distance between the actual buyer and seller and the increased use of server-to-server connections, which complicate domain validation at the time of the bid request, have made the issue a more visible challenge in recent months.
The impact of domain spoofing is most obvious for advertisers, as they believe they are buying high quality inventory, and therefore audiences, when they are in fact failing to reach and engage their target audience. Adding insult to the injury of wasted ad spend, the ads running on the counterfeit sites could unwittingly be running alongside inappropriate, offensive content that could potentially damage a brand’s reputation.
Importantly, domain spoofing is not a single victim crime. It has real and negative implications for publishers as well — and not just because it diverts valuable revenue that should rightfully be theirs into the hands of criminals instead. Spoofing artificially inflates the volume of premium programmatic inventory available for advertisers to bid on and generates low quality traffic, both of which reduce demand for genuine impressions and diminish publisher CPMs. This has a negative impact on relationships with buyers who don’t realize they have been victims of fraud, and instead conclude that the ads they are running on what they think is the publisher’s site are performing poorly. Not only is publisher revenue being siphoned off, but the buyer assigns blame for the poor ROI from the counterfeit inventory to the actual publisher.
While the issue may seem complicated, the good news is that there is a set of best practices that exchanges who are truly committed to ad quality and fighting fraud can put in place to protect both buyers and sellers.
Adopt ads.txt
Inventory arbitrage is a common practice in programmatic, leading to complex payment chains where an impression is bought and sold many times over, frequently without the knowledge or authorization of the publisher. Misrepresentation is rife, with vendors claiming to have direct relationships with premium publishers when in fact they are just buying and repackaging inventory. In this environment it is easy for domain spoofing to thrive, and a single compromised source can spread spoofed impressions across the ecosystem.
To mitigate the problem of spoofed and arbitraged inventory, the IAB Tech Lab launched the ads.txt initiative — a text file standard that allows buyers to check whether a supply source has been authorized by the domain owner to sell its inventory. As a relatively simple way to signpost those authorized to sell their inventory, all publishers should embrace ads.txt.
Run programmatic buying tests
Testing its own website was certainly a wake-up call for the Financial Times and is something publishers should be doing on a regular basis. By setting up programmatic buying tests against their own domains, publishers can gain a demand-eye view of how their inventory is being presented and can pick up on any anomalies. The Financial Times discovered 15 exchanges were supposedly selling video impressions on its site, despite the fact it doesn’t sell its video inventory programmatically. As part of these tests publishers should use third-party verification for domain validation, as well as non-human or invalid traffic.
Work with certified exchanges
Careful selection of monetization partners is a key part of fraud prevention, and publishers should work with technology partners who have made the required investments in quality. In particular, look for exchanges that have certifications from third-party organizations such as the Trustworthy Accountability Group (TAG).
Publishers must also delve into their partner’s quality policies and safeguards. Do they allow resale of ad impressions by DSPs (demand side platforms)? Are networks obliged to prove they are authorized to sell inventory? Do they use post-impression validation to detect mismatched domain and identify domain spoofing?
Publishers should also look for partners that allow them to form and maintain direct relationships with advertisers through private marketplaces or programmatic guaranteed, reducing the complexity of the ecosystem and limiting the opportunity for fraud to thrive.
In any growth market, bad actors will seek to take advantage of change. This is clearly what is happening today with domain spoofing. Only by acting together can we weed out the bad actors and rebuild trust by ensuring our ecosystem is led forward by those with a proven track record of investing heavily — and consistently — to stay ahead of the quality and fraud arms race.
More from Digiday
At the Las Vegas Grand Prix, Mastercard joins a pack of consumer brands flocking to Formula One
For marketers looking to align their brands with F1’s expanded appeal to audiences, the Las Vegas Grand Prix is providing a slip road into the sport.
News publishers may be flocking to Bluesky, but many aren’t leaving X
The Guardian and NPR have left X, but don’t expect a wave of publishers to follow suit. Execs said the platform is still useful for some traffic and engaging with fandoms – despite its toxicity.
Buying with bots: AI search raises the bar for tailored shopping and transparency
AI search platforms like Perplexity and Amazon are adding new ways to shop, but where do the generated recommendations come from?