The ad fraud saga continues unabated around the world. For every scam that security experts uncover, there are dozens more that continue to rip off advertisers. One of the more recently discovered scams, dubbed DeepStreamer, has apparently been active for more than a year. And it has been raking in millions of dollars per month.
DeepStreamer was uncovered by a group of researchers from DeepSee and Malwarebytes. They were able to get to the very core of the operation by enlisting the help of a DSP willing to purposely place fraudulent ads so that the flow of money could be tracked.
According to the researchers, DeepStreamer is a highly sophisticated operation that used a variety of strategies to maintain stealth. Though the scam has now been exposed, no one should expect the scammers to go away. They will either find a way to modify DeepStreamer or set up some other scam.
How the Scam Worked
Although sophisticated in its implementation, DeepStreamer was pretty simple in its main principle: it combined hidden digital adds with illegal video streaming sites to generate as much as $1 million per month. The scammers sold their ads to unsuspecting advertisers through a variety of platforms. However, researchers say the majority of the ads were sold through the Google Ads platform.
Ads were displayed on websites offering pirated videos to users. The problem was that the ads could not be seen. They ran in the background, completely hidden from website users. Every view of every page of a targeted site represented another ad click.
The scammers also employed a variety of techniques designed to avoid detection and filter users away from legitimate sites and to their sites. So not only were they breaking the law by providing pirated content, but they were also racking up the ad clicks against unsuspecting advertisers.
Maximizing Impressions Is the Goal
Although the DeepStreamer scammers demonstrated a level of sophistication that clearly proves they knew what they were doing, their ultimate goal was identical to every other ad fraud campaign: maximizing impressions. The more impressions an ad gets, the higher the bill for the advertiser.
In this particular case, the scammers took advantage of an appetite for pirated video. They knew that, given the choice to visit illegal streaming sites or pay subscription fees for legal video, a lot of people would choose the former option.
As for the advertisers they scammed, you are talking businesses that put a ton of money into pay-per-click (PPC) advertising on a monthly basis. The scammers were not able to generate more than a million dollars in monthly revenues by targeting advertisers afraid to spend.
Fighting Ad Fraud Isn’t Easy
The necessity of reporting on stories like this is obvious at a time when ad fraud collectively costs online advertisers billions every year. Still though, learning about things like DeepStreamer can leave advertisers wondering what on earth they can do to fight ad fraud. Fighting it isn’t easy, that’s for sure.
A certain segment of the industry seems to have come to terms with the fact that a minimum amount of ad fraud is unavoidable. But that sort of thinking only encourages scammers the keep doing what they do. If the industry fought back more aggressively, perhaps the financial losses could be mitigated to some degree.
The thing about fighting ad fraud is that there isn’t just one way to do it. The makers of the FraudBlocker click fraud detection software explain that a multi-pronged approach is the best way to attack the problem.
Multiple Means to Scam Advertisers
For their part, scammers have multiple means of doing what they do. DeepStreamer is a classic example of creating hidden ads that generate fake clicks without website visitors being any wiser for it. They have no idea they are contributing to click fraud because it all happens in the background.
Ad stacking is another strategy. It utilizes multiple ads stacked on top of one another in a single online space. If one ad gets clicked, they all get clicked. Combining stacked ads with a hidden ad strategy can be a virtual gold mine. It creates a scenario in which a single click is automatically generated when someone visits an infected site. That one click cascades to all the other ads in the stack.
Yet another tool is the click bot. This is a piece of software designed to do one thing and one thing only: search for ads and click on them. What makes click bots so challenging is that scammers can deposit them on computers and mobile devices around the world by way of a malware infection. Infected devices do the dirty work while making it harder for investigators to pinpoint the true perpetrator.
PPC Still Works or Advertisers
In the midst of so much ad fraud, it would be reasonable to question why advertisers still utilize the PPC concept. They do so because PPC works. A well-crafted ad designed to target a lucrative audience can generate very healthy returns. Unfortunately, they can also invite fraudulent clicks.
For advertisers, click fraud prevention starts with understanding how scammers do what they do. If you know how they are pulling off their scams, you can find ways to protect yourself against them. That is where companies with specialized software’s come in. They not only offer fraud detection software and services, but they also educate advertisers in the best ways to shore up their ad campaigns.
They Will Be Back
DeepStreamer is just the latest ad fraud scam to be uncovered by security experts. It was an impressive scam capable of generating a ton of revenue. It is no longer a factor thanks to DeepSee and Malwarebytes researchers, but the perpetrators will be back.
There is far too much money in click fraud to walk away. Scammers capable of generating millions per month will not give up that income easily. Every uncovered scam is simply motivation to come up with a new one. That is exactly what they will do.
