Sep 24, 2020
87 Views
0 0

What Marketers Can Learn From Fraudsters

Written by

What can marketers possibly learn from fraudsters? Seems a lot. And that includes better marketing. Hard to believe? Read on. I ve studied fraud and the scammers that commit it for years; their maniacal talk about profits and ruthless pursuit of efficiency are admirable traits more marketers would do well to emulate

 

Let s investigate the evidence. They Cut Dead Wood Faster How long do you suspect it took the fraudsters behind the Methbot fraud operation to swap out the 600 000 IP addresses famously caught and blocked by fraud detection company White Ops in 2016? Six hours. Their moneymaking was disrupted for six hours; once they swapped the IP addresses their profitable merrymaking continued

 

The Interactive Advertising Bureau s IP address block list is reserved for dues-paying members only and it contains 100 million IP addresses. Do you suspect any fraudster continues to be using any of the IP addresses in that block list? How long do you suspect it takes fraudsters to swap out domains that are blocked from making ad revenue? Mere seconds; it s all automated with alerts

 

And they’ve thousands of domains on the ready (see list below). The domains don t even have to be real domains that humans can type. They only have to be domains that aren’t the list of ones that are blocked. And searching on the alphanumeric strings below there s practically an unlimited quantity they could choose from

 

AUGUSTINE FOU MARKETING SCIENCE Fraudsters also swap out the bots that aren’t making them money any more. They could achieve this by changing the deviceIDs (passing yet another fake alphanumeric string) passing real ones copied from different devices spin up new virtual devices (e. g. mobile emulator) or replenish their pool of malware-compromised real devices

 

All of those are examples of scammers cutting deadwood aggressively so they could come again to getting cash as quickly as possible. PROMOTED Deloitte BRANDVOICE | Paid Program
An Accelerated Future For Tax Leaders
Grads of Life BRANDVOICE | Paid Program
No Putting A Person Of Color On Your Panel Doesn t Accomplish Diversity
UNICEF USA BRANDVOICE | Paid Program
The Case For Intersectionality: Commemorating Pride Amidst COVID-19 They Target Humans and Real Devices Better Do you know that some more advanced malware payloads don t activate unless it may confirm the device is real and utilized by a real human? They do this to avoid detection and likewise to focus on real humans devices with malware (to replenish their pool of compromised devices)

 

Research from Confiant through the years has shown code samples where the hacker is seen to envision for real device characteristics (localStorage graphics processor number of cores the CPU has etc. ) or to activate the malicious code only when user is holding the device (motion and orientation are detected). Further research from Confiant this week shows that malicious actors go where the humans are — comScore top 50 site content discovery widget click bait headline and image

 

Once the human clicks they’re redirected to a pretend site disguised as a real one (because they plagiarized everything). The malicious code then locks up the browser to simulate a working laptop or computer freeze; after which hits the user with the common tech support scam – call this number right away! The malicious code that is delivered is likewise known to focus on specific vulnerabilities in line with device operating system and browser version

 

They only need to activate Windows malware on a Windows device. How efficient! Bad guys are better at actually targeting humans and real devices than marketers. It is because marketers are procuring bot detection technologies that don t detect humans and likewise don t detect bots o. k. (see: The way to Select a Fraud Verification Vendor or Not)

 

When these vendors report 1% IVT (invalid traffic) the other 99% which isn’t bot doesn t necessarily mean it s humans on real devices either. It may simply mean they didn’t detect it was a pretend device and pretend user. They Use Resources More Efficiently For the fraudster getting cash is great; saving money while getting cash is sweet too

 

The more efficient they’re in utilizing resources and minimizing costs the more of that juicy money they get to keep. Bot operators already use cloud data centers like Amazon Web Services. So they only pay for what they use; they not need to buy server hardware decide to dedicated hosting racks etc

 

But they could optimize even further. Bots usually cause ads to load by loading webpages (from sites that pay them for traffic). But why incur the bandwidth of loading the full webpage when the bot can load just the ad itself? This is named naked ad calls. And why load only one ad when you could load thousands per second directly? We ve seen cases where fraudsters load hundreds of webpages in hidden iframes; they moved on to loading just video players (for video ad fraud) or simply display ads by the thousands in those self same iframes

 

More clever fraudsters will question whether or not they need to even load the ads themselves. In any case a small 300×250 banner ad incurs some bandwidth. Seems they didn t need to load the ad to make the money. Many advertisers still pay on bids won not on ads served

 

So so long as they win the bid and receives a commission their bots don t need to wait around for the ad to load. It truly is observed within the data when comparing DSP logs for bids won and ad server logs for ads served. Within the table below some domains show 100% discrepancy – out of all of the bids won zero ads were even served

 

AUGUSTINE FOU MARKETING SCIENCE It truly is corroborated within the current Uber lawsuit where Uber is suing 100 mobile ad exchanges some for fabricating ad placement reports when no ads actually ran. It s also the same phenomenon observed within the Sports Bot (2017) and 404bot (2019) fraud operations. There have been no bots in either case just faked bid requests that pretended to be coming from sports domains or non-existent pages on mainstream domains respectively

 

With a big flood of faked bid requests some would be caught by fraud detection but others would get through and make money. Consider the acute efficiency during this case – no bots were needed no fake sites were needed; the ads didn t even need to be loaded; the fraudsters still make money

 

Note: if you happen to buy traffic scammers can make it appear that they delivered traffic to your site by simply loading the Google Analytics measurement tag repeatedly. They don t actually need to make the bots that load your webpages; they only trick Google Analytics. Saves them loads of bandwidth that way

 

They Are Hyper-Focused on Real Profitability Fraudsters investigate analytics all the time particularly the profitability numbers. They know that advertisers are willing to pay more for iPhone users than Android users (thinking those are more affluent audiences). So the scammers simply make a much better proportion of their bots pretend to be iPhones

 

Additionally they know that bid requests that carry geolocation information always get higher bids than ones that don t contain location data. So they only installed faked lat-longs to earn more money. Scammers know advertisers love to buy more targeting parameters (they think more is best ) in order that they sell them many many targeting parameters and even make it as easy as checking some checkboxes to feature targeting parameters

 

Without a doubt those cost somewhat more – so called cost-plus or CPM+ pricing. Advertisers eat that up and pay for it; so scammers make more cash selling more parameters. Bot masters also know that certain industries pay extra for high value audiences. As an example pharma marketers fall over themselves to outbid each other to focus on ads at doctors

 

So the botmaker programs the bots to go to oncology and medical journal sites so they seem like those desirable doctors audience segments. Oh there s also at-scale or look-alike audiences you could pay extra for – I’m wondering what percentage of those million cookies are real oncologists considering there are just 8 000 actual oncologists in North America

 

AUGUSTINE FOU MARKETING SCIENCE This maniacal talk about profits and profitability is what gets scammers 25X and 41X returns on their digital activities. They don t have to go physical product around like they do trafficking illicit drugs or counterfeit goods. It s just bits and bytes floating around the Internet; numbers in excel spreadsheets that advertisers pay for; and most significantly bigger numbers of their bank accounts – which pay for Cannes yachts and yacht parties and collectible supercars (plural) of their supervillain lairs

 

KOENIGSEGG Perhaps marketers can indeed take a page (or two) from these supervillains playbooks. It’s going to make their digital marketing campaigns better and definitely more profitable

Article Tags:
· ·
Article Categories:
Make Money

Leave a Reply