Ad Fraud in 2024: What Is It, How It Works, & How to Combat It

Cost of ad fraud

Digital advertising fraud, commonly known as "ad fraud", is a rampant issue draining tens of billions from marketing budgets each year. As companies increasingly shift their ad spend online, so too have opportunistic scammers adept at profiting off fake engagements.

In 2022 alone, an estimated $42 billion was lost to ad fraud globally. And the problem is only set to intensify as automation, AI and other technological advancements make it easier than ever for fraudsters to execute sophisticated schemes at scale.

Cost of ad fraud

Figure 1: The cost of digital ad fraud keeps rising. Source: Statista

For digital marketers and advertisers, identifying and preventing fraud is crucial for optimizing your ad spend and safeguarding ROI.

In this comprehensive guide, we‘ll cover everything you need to know about ad fraud in 2024 – from common techniques used to evolving threats to proactive solutions for fraud prevention.

What is Ad Fraud?

At its core, ad fraud refers to any deliberate malicious activity intended to defraud advertisers by artificially inflating the value or performance of an ad campaign.

Common techniques include:

  • Click fraud – Using bots or scripts to generate fake clicks on pay-per-click (PPC) ads.

  • Impression fraud – Making repeated requests to load ads without any intent to actually view them.

  • Conversion fraud – Faking actions like app installs, sales or signups to overstate conversions.

    • For example, fraudsters use emulators to falsely mimic app downloads from mobile ads to extract bounties without any real installs
  • Pixel stuffing – Stack ing invisible ads on top of each other to over-count impressions.

    • Fraudsters stuff sites with hidden ads and bots that make requests to against them to drive up impressions
  • Ad stacking – Placing ads in locations or sizes where they won‘t be visible to users.

    • Like pixel stuffing, ad stacking loads ads where users can‘t see them in order to inflate views
  • Device spoofing – Using emulators or falsified device IDs to mimic mobile users.

    • Fraudsters often spoof device IDs and attributes to avoid detection vs bot traffic

In all cases, the intent is to deceive advertisers into believing their ads are receiving real engagement and traffic from potential customers. This false activity is used to siphon off and waste ad budgets.

According to analysts at Cheq, various forms of ad fraud will cause global losses between $35 billion to $50 billion in 2024.

Figure 2: Estimated ad fraud losses for 2024. Source: Cheq 2019 Ad Fraud Report

Why Does Ad Fraud Matter?

The economic impact of ad fraud is staggering. Global losses are projected to top $100 billion by 2023, up from $42 billion in 2024.

For individual companies, ad fraud can drastically inflate CPC and CPAs, while sinking campaign performance. Bots don‘t buy products, after all.

Beyond the explicit costs, ad fraud also:

  • Distorts valuable analytics and KPIs used for optimizing campaigns.

    • With inflated metrics, marketers make poor decisions based on false or misleading data
  • Undermines brand safety when ads appear on shady sites loaded with bots.

  • Can lead to blacklisting if fraudulent traffic triggers platform violations.

    • Getting flagged for policy violations causes accounts or sites to be banned or limited

For these reasons, tackling ad fraud is vital for improving ROI on ad investments and gaining trustworthy performance insights.

The Evolution of Ad Fraud Tactics

Ad fraud techniques have grown increasingly advanced, making it an ongoing arms race for advertisers. Some key developments include:

  • Botnets – Fraudsters now control large networks of hijacked devices and internet-connected "zombie" machines. Distributing fake traffic across thousands of IPs and locations gives the appearance of real human activity.

  • Sophisticated bots – Bots are now highly sophisticated, able to mimic natural human behaviors like mouse movements and scrolling. Many bypass CAPTCHAs and other fraud defenses.

    • Today‘s bots act increasingly human-like, fooling basic defenses
  • AI tools – Fraudsters leverage AI to automate creating and managing huge volumes of bots capable of human-like behaviors. This expands the scale of potential fraud exponentially.

    • AI makes it easy to create unlimited bots that act real
  • Attribution hijacking – Redirecting or misattributing clicks allows fraudsters to get credit for high-value actions users actually take. This earns payouts for lead gen or sales conversions they didn‘t influence.

    • Stealing attribution is hugely lucrative, earning commissions without any work
  • Fraud-as-a-Service – Underground business models now allow easy subscription access to sophisticated fraud tools and bot networks. Lower barriers make fraud universally accessible.

    • DIY fraud kits mean anyone can buy capabilities that used to require technical expertise

These developments dramatically increase the complexity of ad fraud – but also the importance of prevention.

In a 2021 survey of ad tech pros by CHEQ, a shocking 82% said they‘ve seen increases in ad fraud sophistication over the past year.

Figure 3: 82% reported a rise in fraud sophistication. Source: [CHEQ 2021 Ad Fraud Survey](https://cheq.ai/ Resources/Reports/2021-Ad-Fraud-Survey)

How Ad Fraud Operates: Tactics and Techniques

To pull off ad fraud effectively, scammers have developed an array of techniques to mimic real users at scale. These include:

Botnets and Bot Farms

Botnets are collections of Internet-connected devices infected with malware that allows them to be remotely controlled in unison. By distributing fake traffic across thousands of unique IPs, botnets avoid easy detection based on volume patterns or location clustering.

Closely related are bot farms – dedicated data centers filled with devices programmed to carry out fraudulent activities. Large bot farms can contain hundreds of thousands of mobile devices or computers.

Example of a bot farm

Figure 2: An example bot farm. Image source: LockFish

Sophisticated bot operators invest heavily in realistic bot behaviors. Common methods include:

  • Random clicks, scrolls and mouse movements
  • Human-like browsing across sites
  • Filling out forms and interacting with pages
  • Multi-step processes to mimic conversions

These tactics make it extremely difficult to distinguish bot traffic from real users.

Click Injection

With click injection, botnets hijack legitimate user traffic passing through infected devices and forcibly add additional fraudulent clicks.

By piggybacking on real activity, injected clicks are challenging to filter based on IP patterns, geolocation and other signals. As a result, click injection converts unsuspecting users into sources of fraud.

Click injection

Figure 3: Click injection hijacks legitimate traffic to fraudulently add clicks. Image source: GeoEdge

Attribution Hijacking

One highly advanced technique is attribution hijacking, also called click hijacking. The fraudster intercepts legitimate clicks to swap the attribution and steal credit for conversions.

For example, a user may initially click a paid search ad, but malware redirects the click to send the user directly to the site. The fraudster still gets credited for the conversion by the search engine, despite not influencing the user‘s purchase.

This technique allows scammers to earn commissions for high-value actions they never actually drove.

A 2021 Datasembly study found that over 25% of clicks on mobile advertisements are fraudulent – a massive volume.

Figure 4: Rate of mobile ad fraud. Source: Datasembly

Emerging Ad Fraud Threats in 2024

While tactics are constantly evolving, several emerging trends pose particular concern for 2024:

  • Mainstreaming of deepfakes – Realistic AI-generated video and audio deepfakes open new possibilities for fraud, such as creating fake personalities to deliver misleading influencer ads.

  • Fraud monetization at point of origin – As platforms crack down, scammers are increasingly building fraud to sell engagement, not run their own ad campaigns.

    • Fraudsters sell fake traffic, conversions, etc. to shady marketers
  • CTV and OTT consumption growth – Fraud is expanding into connected TV and over-the-top streaming, which often lack robust fraud protection.

    • CTV/OTT ads have exploded but lack anti-fraud maturity
  • Weak onboarding controls – Relatedly, fast onboarding and self-serve platforms enable fraudsters to easily spin up accounts and commit fraud.

    • Easy ad account creation aids fraud at massive scale
  • Device fingerprint spoofing – Sophisticated bots are now able to spoof hardware fingerprints used for bot detection, undermining a key defense.

    • Bots can now fool fingerprinting that tracks device attributes
  • Weaponizing stolen consumer data – Breached usernames and passwords fuel account takeover attacks and aid device spoofing.

    • Fraudsters leverage credential dumps for sophisticated attacks
  • NFT investment scams – Fraudsters are purchasing NFTs with stolen cards or money, then reselling them to unsuspecting investors who get stuck with the fraud purchase.

Marketer should recognize these emerging threats and partner with fraud detection platforms that incorporate leading protections against new and evolving techniques.

How to Prevent and Combat Ad Fraud

Despite growing sophistication of ad fraud, brands have powerful tools to fight back. Here are proactive tips for fraud prevention:

Leverage Anti-Fraud Tools and Services

Specialist anti-fraud software and services provide multilayered bot detection and prevention capabilities such as:

  • Behavioral analysis to identify non-human patterns
  • Device fingerprinting to detect emulators and spoofers
  • Monitoring changes in location, IPs, URLs and more
  • Ongoing bot evolution research and adaptation
  • Real-time blocking of confirmed bots

Choose services with a continuous adaptation approach to keep pace with new fraud tactics. Look for vendors who combine technology with expert human insight.

Monitor Traffic Sources

Closely analyze traffic sources to pinpoint high-risk sites or placements with unusual engagement patterns. Block suspicious inventory sources or advertise only on pre-vetted networks.

Watch for odd traffic spikes, hidden redirects, etc. Make sure you understand the full path of your ad traffic.

Ban Suspicious IPs

Proactively block IPs associated with fraudulent activity. Specialist tools can help identify and shut down fraud botnets at scale.

Monitor changes in location, IPs, frequency etc to detect patterns. Blacklist ranges linked to past fraud incidents.

Work With Transparent, Fraud-Free Networks

Partner with ad networks, exchanges and publishers that contractually guarantee fraud-free inventory, verified through third-party audits. This provides assurance without needing to police it yourself.

Reduce complexity by dealing directly with transparent publishers vs programmatic auctions with tons of intermediaries.

Optimize Ad Targeting

Tightly target placements and user segments less likely to interact with bots. Avoid broad targeting and remnant inventory. Frequency capping also limits excessive repeat views from bots.

Focus spend on legitimate publishers with enrolled user bases vs open exchanges. Limit targets to reduce waste and scrutiny.

Use Proxies and Attribution Providers

Proxies and attribution trackers can sniff out click hijacking by independently tracking clicks. Discrepancies reveal fraudulent attribution manipulation.

Deploy parallel tracking systems to validate clicks and conversions match the originating source.

Develop In-House Anti-Fraud Capabilities

Build internal expertise in fraud detection analysis and tools. Dedicated staff can provide essential human insight to complement automation.

Leverage your team‘s knowledge of campaigns and analytics to spot anomalies automation might miss.

The Bottom Line

Left unchecked, ad fraud poses a major threat to digital advertising in 2024 – potentially infiltrating billions in ad spend while distorting key analytics.

But with proactive strategies, the right fraud prevention tools, and ongoing vigilance, brands can significantly mitigate risks and optimize ad investments.

The economic incentives will continue driving fraudster innovation – but savvy marketers can stay a step ahead.