Suspicious Web Domains Cost Online Ad Business $400m per Year

Full of hot air

If your therapist thinks you have trust issues, you might just work in online advertising.

That’s because it’s getting harder and harder to know what’s real and what isn’t on the Web. And if you don’t believe in ghosts, maybe you should.

On March 19, Adweek.com published a story titled “Meet the Most Suspect Publishers on the Web.” In the piece, we brought to light the issue of so-called “ghost sites,” seemingly innocuous content pages responsible for massive amounts of traffic on various ad exchanges but exhibiting little evidence of actual human audiences. Upon further examination, many of the sites we uncovered, including Alphabird’s Ladyshopspot.com and Precision Media’s Toothbrushing.net, contained little in the way of substantive content.

A large number of the sites in question are suspected of getting huge chunks of traffic from bots—that is, nonhuman traffic delivered by machines designed to mimic users and inflate audience and traffic numbers for publishers while stealing from advertisers.

In fact, as our investigation was coming to a head, a British company, Spider.io, dropped a bombshell: A botnet dubbed Chameleon had infected more than 200 Web domains, many of which corresponded with the sites Adweek had been examining. Spider believes Chameleon is costing the industry $6 million a month.

As it turns out, we may have just scratched the surface.

Since our initial story, numerous industry sources have stepped forward to help us unearth still more suspect publishers. Some have blamed traffic vendors or affiliate brokers for peddling bogus traffic, implying that certain questionable publishers could be innocent. That has only served to muddle the picture, and further erode the industry’s trust.

Since our story, the data-driven ad targeting firm Media6Degrees (m6d) has noticed 500-plus dicey new sites popping up on various exchanges—and collectively, 40.5 million bid requests. One site, says Alec Greenberg, vp, media operations at m6d, exhibits more than 50 percent user overlap with 463 other known exchange pubs. “I’m pretty sure that’s a new record for us,” he says.

Another buyer estimates that hundreds of millions of bogus impressions have been traded on ad exchanges in the weeks since our story. “Put another way, at least 15 to 20 percent of all real-time bid requests are probably fraudulent in some way,” he says.

Seni Thomas, CEO of Heights Media (previously known as Audience Amplify, a heavy exchange buyer that we reported on in our original story), says he and his team have since identified a new group of suspicious publishers—sites that have suddenly seen their exchange traffic soar by 10 million to 80 million impressions per day. It seems the botnet may have shifted.

The social ad data firm RadiumOne, which also spends a lot of time in the exchange world, estimates that ghost publishers, shady Web crooks and their bot-employing associates are stealing a staggering $400 million a year from the online ad business.

Experts say it’s impossible to catch all the bad guys, especially since many are said to originate from outside the U.S. (India, Israel, Eastern Europe). Containment is the more realistic goal.

Following are more suspicious publishers we have homed in on:

Mevio.com

This video site is backed by Kleiner Perkins Caufield Byers, the venture capital firm behind Twitter, Path, Zynga and others. Yet according to numerous sources, including Radium-One, Mevio is suspected of being flooded with bot traffic. It also shares huge portions of its traffic with other sites. Mevio officials were unavailable for comment.

Forward Health

Forward Health operates six sites, including Menshealthbase.com and Womenshealthbase.com—which, according to one active exchange buyer, are “two of the most suspicious sites we’ve ever seen.”

An analysis by social ad data company RadiumOne found that 94.4 percent of the traffic on Womenshealthbase is identical to Mensshealthbase. “Something is really going on here,” says Kyle Napierkowski, RadiumOne’s director of ad optimization.

But Forward Health managing partner Arthur Meyerovich says the company does not use bots, adding he is shocked to hear that it’s been tied to the brewing scandal. “We are not a tech company,” says Meyerovich. “This is absolutely surprising to me. We’ve expanded our investigative efforts, and we’re looking to third-party security companies. In fact, if you are a security company that deals with this, I would personally love to hear from you.

“We take pride in our properties and content, which is created in-house by our doctors and health authors,” he continues. “Our business model online is advertising on our sites, and our clients range from top pharmaceutical brands to general large brands looking to reach a premium audience.”

Is it possible that Forward Health is a victim here? While some in the business say that could be the case, others contend its sites have exhibited suspicious traffic for so long that it’s doubtful company executives are unaware.