DV uncovered the botnet after the company saw a 40% spike in traffic from such devices, marking the first direct, scaled botnet attack that DV has flagged in the CTV environment. The fraud scheme was identified by the DV Fraud Lab which, through a combination of machine algorithms and manual processes, continuously analyzes trends in fraud across devices.
To generate fraudulent impressions, the botnet spoofed real publisher URLs, sending false signals that tell the ad server that the impressions came from a CTV device. DV also reviewed the types of OTT devices where this fraud was perpetrated, and discovered that approximately one-third of impressions were made to look as though they originated from gaming consoles, with the remaining two-thirds from smart TVs.
“The discovery is not surprising, given that fraud tends to follow the money,” said Wayne Gattinella, CEO of DoubleVerify.
“With current data showing that approximately 50% of all Internet users access an online video subscription service or network TV app at least once a week, CTV ad volumes and the opportunity for CTV ad fraud have grown in line with user adoption.”
Once DV identified the fraud scheme, the company immediately took action to protect its global brand customers from potential fraud – extending quality coverage throughout the media transaction (pre- and post-bid). This type of fraud is something DV has previously detected and protected against in desktop and mobile app environments, and now is addressing within the high-growth CTV channel.
“We are continuously executing independent checks of both environment cues and hardware to verify the authenticity of signals and identify discrepancies that point to falsification,” said Roy Rosenfeld, Head of DoubleVerify’s Fraud Lab.
“DV will continue to stay at the forefront of fraud identification, giving advertisers clarity and confidence in their digital investment.”
(Picture courtesy Cloudflare)