Methbot: The beginning of the end for digital ad fraud
The recent Methbot scam should act as a wake-up call for advertisers, and columnist Alex Bornyakov provides steps you can take to protect yourself.
The latest ad fraud scandal to hit the digital advertising world has been exposed, and its name is Methbot.
A Russia-based botnet with data centers in the Netherlands and the United States, this digital-age criminal network deploys sophisticated tricks to defraud advertisers, brands and media companies.
Now that security firm White Ops has penetrated the operation and made its methods public, measures can be taken to prevent Methbot quietly siphoning off advertising dollars. But how did the fraudulent operation become so profitable, and what does its discovery mean for the digital advertising industry?
Methbot was extraordinarily successful because it appeared to provide something that is scarce within the digital ecosystem: large volumes of low-cost premium video inventory. Over 6,000 domains and 250,000 specific URLs were spoofed to trick advertisers into thinking they were buying video placements on premium publisher sites. Fake ad impressions were then generated on these domains using over 500,000 IP addresses.
With an estimated 200 to 300 million fraudulent impressions per day and average CPMs of $13.04, White Ops describes Methbot as “the single most profitable ad fraud operation to strike digital advertising to date.” Sophisticated measures used by the fraudsters to avoid detection include manipulation of geolocation data, countermeasures against code used by specific ad tech providers to filter out fraud, and exceptional bot imitation of human behavior such as social media logins and cursor movements.
The impact of Methbot varies across the industry, and the scam should act as a wake-up call to the industry as a whole. In addition to immediate actions that must be taken following the discovery — such as blocking impressions from the IP addresses identified by the operation — there are other more general steps the industry should take to protect itself from future threats.