Nov 28, 2018

Authorities stop giant digital ad fraud scheme

Rebecca Zisser / Axios

The Justice Department announced Tuesday that it has brought criminal charges against eight people on 13 indictments related to a digital ad fraud scheme dubbed "3ve" worth tens of millions of dollars. The scheme, which included three separate operations, was uncovered by Google and fraud detection firm White Ops.

Why it matters: The operation was one of the largest and most sophisticated schemes ever to be uncovered involving digital ad fraud, in which advertisers are charged for bogus ad views. The discovery required unprecedented collaboration between law enforcement and dozens of different private sector groups, many of whom are competitors.

Our thought bubble: It's easier to have such a joint effort between companies and law enforcement when a financial harm is being committed. Although this sort of collaboration is also beginning to occur more often on the organic media side, catching misinformation botnets, there's less financial incentive for it.

Be smart: Per Buzzfeed's Craig Silverman, who broke the story: "With today’s charges and the takedown of 3ve’s systems, the Department of Justice is sending a message that it now recognizes ad fraud for what it is: a global criminal industry that’s stealing billions with impunity and little fear of prosecution."

The details: The indictment was unsealed in federal court in Brooklyn. Eight men — five from Russia, one from Russia and Ukraine and two from Kazakhstan — were charged with criminal violations, including wire fraud, computer intrusion, aggravated identity theft and money laundering. Three of the eight have been arrested.

  • Some experts found the new fraud scheme reminiscent of the now infamous 2016 Methbot ad fraud botnet that stemmed from Russia.

How it works: The fraudsters ran fake ad networks, pushing ads to load on fabricated webpages, and in turn cashed in on the ad revenue. While this operation was different from the one against Methbot, it did use some of the same infrastructure that helped deliver that fraud scheme two years ago.

By the numbers: To give you a sense of just how complex and advanced the operation was:

  • Officials say "tens of millions" of advertising dollars were obtained illegally.
  • Per Google, the operation involved more than 10,000 counterfeit websites, more than 60,000 accounts selling ad inventory via more than a million compromised IP addresses, and processed more than 3 billion daily bid requests.
  • The federal court in Brooklyn revealed seizure warrants authorizing the FBI to take control of 31 internet domains and to take information from 89 computer servers that were all part of the infrastructure for botnets engaged in the fraud scheme.

How they found it: White Ops and Google worked together to identify and investigate the crime ad operation last year, which led to the news on Tuesday from law enforcement. White Ops says it was truly a cross-industry effort.

"We were in a room at the beginning of this collaboration directed by the FBI with some of the largest platforms on the internet, over a dozen FBI agents and federal prosecutors at the DOJ... It was a rather historic turning point in the history of ad fraud."
— Hassan

The bigger picture: The digital ad industry is extremely vulnerable to such kinds of fraud because there's a lot of money at stake ($273 billion globally, per eMarketer), and there's very little regulation or oversight of transactions.

  • To make matters harder, online criminals can operate well beyond their physical jurisdictions, which means it usually takes international law-enforcement bodies to work together to identify and dismantle such operations.

What's next: The industry, led in part by Google, the dominant player in the global digital ad business, has tried to regulate itself in order to combat the problem.

  • But while these measures have been widely adopted on the publisher side, they are still far from being fully implemented on the ad agency side, and fraudsters have become more sophisticated about how to beat the system while evading detection.

Bottom line: Digital advertising was supposed to bring more transparency to the advertising sector, but its increasingly automated nature has made it more susceptible to fraud. A lack of oversight makes fraud schemes often hard to detect until it's too late. Industry collaboration as a form of self-regulation will be key to maintaining trust in the digital marketplace.

Go deeper

Coronavirus updates: Market ends worst week since financial crisis

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens.

The stock market ended its worst week since the financial crisis, prompting the Fed to release a statement. Meanwhile, the WHO warned that countries are losing their chance to contain the novel coronavirus and raised its global risk assessment to "very high" Friday.

The big picture: COVID-19 has killed more than 2,860 people and infected more than 84,000 others in over 60 countries and territories outside the epicenter in mainland China. The number of new cases reported outside China now exceed those inside the country.

Go deeperArrowUpdated 7 hours ago - Health

California coronavirus: Latest case has no recent history of international travel

Gov. Gavin Newsom. Photo: Kevork Djansezian/Getty Images

A new case of the novel coronavirus in California was announced on Friday after Gov. Gavin Newsom said Thursday that 33 people had tested positive for the virus, noting the risk to the public remains low.

What's new: An adult woman with chronic health conditions in Santa Clara County who "did not recently travel overseas" or come into contact with anyone known to be ill was confirmed to have contracted the coronavirus on Friday by CDC and California Department of Public Health officials.

Go deeperArrowUpdated 8 hours ago - Health

Big video game conference delayed amid coronavirus concerns

Photo: GDC

Next month's Game Developers Conference in San Francisco became the latest tech event to be cancelled or postponed amid growing concerns over the spread of the novel coronavirus.

The big picture: A growing number of events are being scrapped, including Mobile World Congress and Facebook's F8 developer conference. Some, like the giant SXSW event in Austin, insist they are moving forward.