“SportBot” served 340 million fraudulent programmatic video ads triggered by visits to some of the most premium publisher websites and sports brands including NFL team domains, ESPN and CBS Sports.
Unlike most bots which focus on no-name sites, the “SportBot,” discovered by Forensiq, focused on premium sports sites (most of which have not deployed the IAB’s ads.txt transparency code)
Here’s How “SportBot” Worked
Someone downloads a program with malware, which allows the botnet to access an internet browser.
That person visits premium name websites which calls a database of domains from the “SportBot.” Upon a domain name match (say ESPN.com) the “SportBot” trigger browsers to open in the background, causing video ads to be served.
“The sports site is not losing any revenue from the bot, but their name is being taken advantage of,” said Amit Joshi, director of data science at Forensiq. “They look like normal, residential IPs where the bot is opening invisible browser windows and loading the ads legitimately on the sites, then poses as a publisher and selling them into a network.”
How Much Did They Take?
Forensiq estimates the ad fraud to be annualized at a $250 million take.
“Botnet fraud lives in two places primarily…mobile and video,” said said Jeff Greenfield, Co-Founder of advertising attribution data cloud C3 Metrics. “Video because the CPM’s are the highest in digital. Mobile because accidental clicks (with a high CTR) can hide click fraud in a big number. Fraudsters have the same mentality as the mob…they skim where there’s big numbers.”
P&G’s CMO, delivered a tongue-lashing to the digital media industry, citing: “75 cents of every dollar P&G spent in digital media never reached the consumer.”
“Programmatic display is like a knife-fight every day,” said Co-Founder of C3 Metrics advertising attribution data cloud Jeff Greenfield. “Because our C3 viewability tag runs with every impression…it has to fight a technological knife fight in a field laden with fraud. But you also have to algorithmically remove fraud in order to false positive correct outcome signals. Fraud won’t go away, but the C3 attribution data cloud can deliver fraud and viewability corrected numbers.”
Jerry Jones, meet Jesse James. Botnets have replaced rifles.