The connected TV industry is trying to shut down what is being characterized as one of the biggest examples of ad fraud in the space; a scheme that led to $14.5 million in misspent advertising.
On Thursday, Moat, a part of Oracle Data Cloud, outlined the connected TV fraud named StreamScam. Bad actors apparently generated fake video ad impressions, ones that were never served and never seen, which siphoned ad money that would otherwise go to legitimate video apps. It’s the type of investigation that companies like Moat conduct to test the powers of their own fraud detection services and promote their services to the market.
“This is, we believe, the largest operation we’ve found, but we think also the largest CTV operation reported to date,” says Mark Kopera, head of product at Oracle Moat. “It’s impacted, they generated traffic that was spoofed, based on 28.8 million U.S. households, spoofing 3,600 apps, and impersonating 3,400 different device types.”
Here is what happened: The fraudsters took advantage of a technology that is typically beneficial to the CTV space, called server-side ad insertion. This type of ad tech smoothly injects commercials into apps, the kinds that are viewed on Roku, Fire TV, Apple TV and other smart TV devices. With StreamScam, the perpetrators set up a “network of servers that impersonated server-side ad insertion.” They created spoofs that made automated ad buying systems think they were transacting on real video ad inventory, with spoofs of internet addresses, household data, devices and apps. A buyer would think they were receiving commercial space in a popular media app, but they weren’t. “In the end, there was no streaming content and the ads were served to no one,” Kopera says.
Kopera did not reveal what advertisers may have been compromised or which media properties were the ones being spoofed.