Digital ad fraud techniques by hackers on the trends causing huge loss to advertisers

By this segment, we will come across different digital ad fraud techniques used by hackers to make money. This will help you to detect as well as getting rid of them.

The multi-billion-dollar online advertising is still growing. It is predicted that the global digital ad expenditure which constitutes the 44% of total ad expenditure will reach US$225 billion. This makes the Cybercriminals creating technologies and techniques to generate money by online Ad fraud.

The ads fraud refers to as Invalid traffic is a practice of fraudulently representing online advertisements impressions, clicks, conversion or data events in order to generate revenue. It is mostly associated with ads, videos ads and in app ads.

It is expected that of about 6$ billion and more, Cybercriminals steal from the advertisers each year through the Ad fraud. Since many an ad fraud is undetectable, it will be said that the actual data is much more big than that the mentioned above.

The Question may arise how the hoaxers manage to earn that amount of money. It could be possible because of fake audience, fake traffic, fake clicks, and fake install. Below are some digital ad fraud techniques used by hackers through we are trying to describe how they manage to get such a big amount.

Digital Ad fraud technique #1:

Invisible and Hidden Ads

In this, advertisements is attach on a website by making them too small to see by human eye, while they are still generating revenue for their publishers. This type of fraud is use by the publishers who want to generate revenue by generating web traffic.

Techniques involves in this type of attack:

  • Ads are designed in a 1×1 pixel iframe.
  • Advertisements are displayed outside of the viewport area
  • Multiple re-sized advertisements are being displayed
  • Several ads are loaded on a single iframe ad slot. This means only one out of many will be seen to the human eyes.

Non-viewable impressions are totally different from this because there you can see the bottom of the page properly and are valid and accountable impressions.

Digital ad fraud Technique #2:

Impression laundering

In this type of attack, real website is concealed and the advertisement is displayed. Here is the full process:

The advertiser buys advertisements from a carefully selected publisher (one that has relevant audience and content which coincides with advertiser’s brand), usually paying high cost per mile rates. A part of the advertisements impressions bought by the advertiser are pushed on fraudulent websites of which neither the advertiser nor audience are relevant to the advertiser’s brand. Complex redirects and nested ad calls through iframes make the advertiser to see the legitimate website instead of the actual fraudulent sites where the ads are displayed.

Some of the digital ad fraud techniques are followed up by taking control over computers or browsers to generate ad revenues. These are Hijacking Ads, Hijacking Clicks and Pop-unders.

Digital ad fraud techniques #3:

Hijacking Ads

This refers to a way in which the attackers infiltrate some malware which hijacks the ad slot on a website. Ads displayed on the website generate the revenue for the attacker and not for the owner of the website. This is done in following ways:

  • By compromising the users’ computer to change the DNS resolver, this allows the resolve some malicious domain to IP of the server controlled by the attacker to serve the ads.
  • By compromising the publisher’s websites or the users’ computer to change the HTML which changes the ad tags from publisher to under control of the attacker.
  • By compromising the users’ proxy server or router to spoof the DNS server or change the HTML content of the site on the fly.

Digital ad fraud techniques #4:

Hijacking Clicks

Here, the users are redirected to different site once they click on ads. The attacker makes its possible by following ways:

  • By compromising the users’ computer to change to the DNS resolver
  • By compromising the publisher’s website and hijacks the click
  • By compromising the users’ proxy server or router to spoof the DNS or change the HTTP request on the fly.

Digital ad fraud techniques #5:


Pop-unders are almost the same as pop-ups Window. The thing that makes it different from the later is that the former the advertisement Window will appear behind the main web browser window and not in the front. It can be combined with the impression laundering technique to generate additional revenue.

Some domains consider it as a completely a legal advertising method despite the fact that many ads networks forbid ads served in this way.

Digital ad fraud techniques #6

Publishers can use botnet traffic, which either consists of a compromised computer individually or a set of cloud servers and proxies, in order to achieve the higher revenue targets, ensure eCPM growth and maintain comScore audience growth. Methbot is one of the profitable add most disruptive method from the large-scale botnet operations that are being used to generate revenue.

More about Methbot

Methobot, a fraud scheme, detected back in 2016 is the most profitable digital ad fraud operations up to now. It is discovered by White Ops, an US-based security firm.

Methbot was found to be controlled by Russian criminal organization operating under the name Ad Fraud Komanda (AFK13).  It was estimated that the fraud made the revenue of 3 to 5 million dollars from advertising every day.

Methbot is very difficult to detect. The organization used several methods to disguise the bot as real human traffic. These methods include:

  • Fake clicks and mouse movements
  • Fake social network login information
  • Fake Geo-location with each IP address controlled by the organization
  • Countermeasures against code from over dozen of different AdTEch companies
  • A custom HTTP library and browser engine with Flash support, all running under Node-js.
  • Dedicated proxy servers would not make it possible to track the traffic to a specific source

Mobile Apps and Ad fraud

Fraudsters targets upon the Mobile apps are now show an increase now day. They are targeting now the mobile apps because they know that Mobile apps are not blocked by ad-blocking software and this makes the Mobile an easy target for the fraudsters.

Digital ad fraud techniques #7:

Fake users

It typically involves a combination of methods such as bots, malware, and click or app install farms that build a large audience of fake users and subsequently feed on the online advertising ecosystem.

Click bots performs fake in- app action. Through this way, the advertisers are tricked to believe that a large number of real users clicked their ads, however, this is not so. On the other hand, the Click Farms use low-paid workers who physically click through the ads, earning CTR money for the fraudsters.

Digital ad fraud techniques #8:

Fake installs

In this case, the Fraudsters use teams of actual people who install and interact with applications on a large scale. They use emulators to mimic real mobile devices. The device farm regularly resets the DeviceID and avoids detection by using newly created IP addresses.

Digital ad fraud techniques #9:

Attribution manipulation

Bots contain some malicious code which run a program or perform an action. They aim to send clicks, install, and in-app events for installs that never actually happened. These are done in two ways;

Click injection: Fraudulent apps downloaded by users generate fake clicks and take credit for the installation of other apps.

Click spamming: Mobile devices IDs are used to send fake click reports. The real users on that ID organically install an app; the fake click will get the credit and make profit.

Many a company to identity fraudulent behavior

  • Fraudlogix
  • White Ops
  • Forensiq, now part of Impact
  • DoubleVerify
  • Integral Ad Science
  • Pixalate

Above mentioned are some of the companies which use algorithms to identity fraudulent behavior. From there, these ad-fraud detection companies can blacklist certain URLs and IP addresses. Despite the fact that we have the proliferation of fraud detection methods, fraudsters continue to invent new ways to exploit the system. Experts recommend developers update SDKs, monitor the data for variance and perform regular fraud assessments.


Digital ad fraud is a serious issue. It causes the huge loss of advertising industry. At the same time, there is no any effect mechanism to detect the ad fraud. Even though, fraud prevention in online digital advertising is must and we must not surrender to the evil advertisers to keep going on their activities. We should try our best.