January 5, 2017 AudienceScience

AudienceScience says it gave $1.20 in every $10m of media spend to ‘methbot’

[This article originally appeared in The Drum on January 5, 2017]

Audience Science has released the data from an audit that shows it was minimally impacted by the large-scale ad fraud dubbed ‘methbot’.

The ad tech business says it carried out tests after learning of the threat, with just $1.20 in every $10m spent being served to IP addresses operated by ‘methbot’.

The industry and public were alerted to the issue at the end of last year after cyber security firm White Ops released a report that claimed that millions in ad spend had potentially been fraudulently taken by a Russian hacker group, dubbed Ad Fraud Komanda or “AFK13”.

The hackers used tech, referred to as ‘methbot’, which tried to trick algorithms within exchanges to bid on fake IP addresses that looked similar to mainstream publishers and platforms. The report is now with Federal Law Enforcement in the US and was handed over to the industry via the Trustworthy Action Group (TAG), which assembled its members for a briefing on the findings on Tuesday (December 20).

This meeting was when AudienceScience found out about the issue, which triggered the research into its own practices. The company said its data showed a ‘good amount’ of affected ad requests but that its anti-ad fraud measures meant that it didn’t buy them on behalf of clients.

Michael Greene, VP of product strategy at AudienceScience, said established players would have measures in place but that the scale wasn’t to be underestimated as longtail players would not.

“The programmatic ecosystem is large and we can say we are confident that our system is good. Speaking to larger exchange partners, others have come out publicly saying exposure is minimal, but that is a small number of highly scaled, well established companies that depend on providing trust to advertisers and publishers.

It’s a big ecosystem and there are thousands of companies that have minimal relationships with clients direct, as they are a middle man. There are many cases in which they don’t have incentives to ward-off fraud or, if they do, they haven’t invested as much as we have. I certainly don’t know who it is but the data we found certainly says the numbers [in the report] make sense and given scope of ecosystem, longtail players have not invested as much,” he said.

The ‘methbot’ fraud primarily targeted the US, which Greene says is because of the scale of spend within the market but that other markets would become targets as spend increases.