Select Page

By Lara O’Reilly
Updated Nov. 21, 2017 6:33 p.m. ET

An ad-tech firm says it has discovered a large and sophisticated advertising- operation in which fake websites and infected computers were used to scam advertisers and publishers out of upward of hundreds of thousands of dollars a day.

Denmark-based Adform, identifier of the scheme, named it “Hyphbot” and estimates that it has been going on since at least August.

According to Adform, the fraudsters behind the Hyphbot scheme created more than 34,000 different domain names and more than a million different URLs, many designed to attempt to fool advertisers into thinking they were buying ad inventory from big-name publishers such as the Economist, the Financial Times, The Wall Street Journal and CNN. It is a tactic known in the industry as “domain spoofing.”

The perpetrators then generated a wave of nonhuman, or “bot,” traffic that loaded the fraudulent sites, which made money mostly through video ads. Video ads are lucrative because they carry higher rates than other online display ads.

Fake traffic is a serious issue for advertisers because it means they have wasted money buying ads that were served to computer programs, rather than real people who might go on to purchase their products. And real publishers get cheated out of potential advertising revenue.

Adform says much of the impact of the scheme could have been thwarted if publishers and ad-tech companies had implemented and kept up-to-date with a new industry initiative called Ads.txt, which is designed to stamp out domain spoofing.

Adform’s investigation suggested that the people behind Hyphbot used a network of data centers and unwitting consumers’ computers, infected by malware, to access more than half a million IP addresses, mostly from the U.S., to mimic real browsing behavior on the network of fake sites.

Read more at The Wall Street Journal