35 comments

[ 0.18 ms ] story [ 82.9 ms ] thread
Another article about this kind of click fraud. And again only lots of details where the traffic goes and how it is then used to "spam" impressions on ads.

Does anyone understand what devices/users are actually going into this "funnel" and where they come from? Botnet? Junk traffic from porn sites? Iframes?

(comment deleted)
This is the real Artificial Human Intelligence
> "The Methbot is a beautiful simulacrum of a real browser. It's gotten better over time. And by better, I mean, a more perfect life-like copy," said White Ops CEO Michael Tiffany.

Very interesting.

Damn, $5MM a day. Even if your network gets broken up after a few weeks that's still a massive win.
why are porn sites "junk traffic"? the users eyeballs are still eyeballs
Not for the companies buying the ads, you need the ask the question from them.
Historically if you want to pay _lots_ of super cheap traffic, you get it from porn sites. Not the ones with monthly subscription, but the ones where each click leads you to a new domain with a 50/50 (or 95/5 depending on your "value" [US>Bulgaria, Mac>Linux, ...]) chance of landing on some scam site / ad.
Viant (aka Specific Media) is a well known fraudster. Nobody in the ad industry thought MySpace was "back" after you heard who bought it years ago. The Vanderhooks (the brothers who founded Specific and continue to run all their schemes) pioneered the pop-under and have been running darker scams ever since. I worked for Specific for a few years and the brothers were refreshingly tech savvy. The penchant for fraud was always the dominant strategy (grown from a kernel of organic, like all good ad fraud).
Why did you work for them for a few years if they were engaging in fraud?
stolen money spends as good as earned money
These things are rarely gone over in the initial ramp up in my experience :)

It usually takes some time to see what the actual core values of an organization are.

Fraud is generally done at the operational and deal level. When discovered (technically), I made it clear that I would not participate directly. The fraud is so pervasive, that individual departments defraud the company at times. The short answer was that I moved to other projects. I made a couple of enemies by pointing out nasty schemes. The technical challenges were large scale and unlimited budget. Hard to turn down the experience when I was under 30.
I can confirm. I too used to work there (hi Jack9, good to see you're still around).

The owners were secretive and good at compartmentalizing their actions. So, it took a long time to figure out what they were trying to do. Although pure speculation, I would not bet against their complicity in this latest round of fraud.

I'm the journalist who wrote the story and I would love to hear from any current or former employees. craig.silverman at buzzfeed.com.
Can you elaborate on the compartmentalization? Want the code base accessible to all engineers? Or is that not what you're referring to?
I worked at an ad network about a decade ago and we had a partner spending about $10k/day buying traffic that was directly from click/bot farms. They were fully aware of this fact and continued buying as much as possible. We couldn't understand why.

Later we figured it out: Their revenue model was selling display advertising on their own website. The bot traffic inflated their Comscore/Hitwise/Alexa rankings and as a result they could negotiate significantly higher deals.

Going one further, when I was in the agency world there was a major publisher whose goals were buying traffic for $.01. they did not care about quality.

When I found out about this and pressed the agency team, I learned it was because they were arbitraging it into inflated reach for justifying their CPMs and then selling the garbage traffic.

This stuff is pretty pervasive and the reason why savvy media buyers bill off their own IAP certified numbers with some quality/viewability vendor in place.

Facebook is probably also juking their stats. I don’t trust any of their numbers.
Does it matter? Their effectiveness is proven at this point.
When have they proven the effectiveness of their ads? From my understanding, in fact it is increasingly being discovered that much of their clicks and likes, etc are fake.
You don't fake your stats, you tell something true that is impressive unless you look under the hood of how the number was formulated. That's how you can get away with it legally. There's a famous old book called "How to Lie with Statistics" (it's on Bill Gates' must read list) that explains some methods companies use.
I dislike how FB presents their data by default, but if you know where to look or how to set things up it is something you can mitigate (unless you need to get view data into your ad server for something using Custom Audiences which they don't allow).

It is admittedly less of an issue for performance advertisers than brand advertisers as the former can rely more heavily on conversion tracking to inform quality.

(comment deleted)
This is certainly click fraud. Is that fraud in the legal sense?
If it can be demonstrated that your'e intentionally and knowingly deceiving someone in order to separate them from their money, it's fraud.
In this case, it’s not clear who the fraudsters deceived. If it’s the advertisers, how do you demonstrate malice rather than, uhh, stupidity? If it’s the consumers, that just seems like effective adertising.

I guess, this is certainly colloquial fraud, but is there any evidence this could lead to a criminal suit?