Some of the globe's most recognizable brands -- including Oreo, GlaxoSmithKline, Burger King and Sprint -- were bilked out of millions of dollars by a Florida company that used fake websites to skim from the ad-tech ecosystem.
Then, the scam's operators simply disappeared.
Perpetrators of online ad fraud are usually portrayed as running sophisticated, high-tech operations. But this scam is notable for its simplicity. The fact that some of the biggest names in ad tech were unable to detect it draws the industry's fraud-fighting capabilities into question.
The brands affected bought ads on a network of 300 sites owned by Client Connections Media, which listed the sites' ad inventory in the automated ad-buying marketplace and then flooded those sites with bot traffic.
By the time CCM got caught in March, it was generating at least $1.5 million dollars a month, according to online video security firm Telemetry, which uncovered the scam by noticing that nearly all of CCM's traffic originated from five internet service providers used by businesses, not by consumers. High traffic volume from business ISPs is a strong hint something is amiss. Further digging proved Telemetry's suspicions correct.