Audio Ad-Spend Fraud: Hackers Spoof More Than 500,000 Devices In March

Audio Ad-Spend Fraud: Hackers Spoof More Than 500,000 Devices In March

by , Staff Writer @lauriesullivan, May 7, 2024

Audio Ad-Spend Fraud: Hackers Spoof More Than 500,000 Devices In March

DoubleVerify identified audio fraud where fraudsters combined invalid traffic with legitimate traffic to remain undetected, spoofing content on more than 500,000 devices, including mobile phones, tablets, CTV, audio players, smartwatches and smart speakers to drain advertisers’ budgets.

FM Scam fraudsters falsify audio traffic using dedicated servers. DoubleVerify said the scam represents the second significant global ad scheme targeting audio spend after BeatSting, the first major invalid traffic (IVT) scheme aimed at audio traffic.

Jack Smith, chief innovation officer at DoubleVerify, believes audio is rapidly becoming a lucrative target for fraudsters. He stated that fraudsters tend to focus on emerging media, like audio, that attracts advertising investments but lacks comprehensive measurement standards.

DoubleVerify estimates the combined financial impact of FM Scam and BeatSting on unprotected advertisers exceeded $1 million in spend monthly. 

FM Scam fraudsters generated up to 100 million ad requests monthly. Siphoning money away from legitimate audio channels impacted the yield of quality audio sellers, the company said.

Scammers falsified audio traffic using dedicated servers, and spoofed a range of devices typically used for playing audio content. Fraudsters auctioned invalid traffic through supply-side platforms (SSPs), exchanges and ad networks. The fraudulent traffic blends with legitimate traffic by mimicking the behavior of a typical continuous ad session.

FM Scam creates longer and uninterrupted sessions. This technique randomizes the traffic pattern to appear more human-like, as opposed to delivering a consistent, fixed amount of impressions across devices.

When FM Scam emerged and identified through AI-powered technology and human review, DoubleVerify managed to tie IP addresses used by the attack to a CTV scheme first detected in 2019. A portion of the IPs were also associated with a variety of malicious activities across many verticals including the spread of malware.

Another thing to note, use patterns in the audio differ significantly from other media types, with a broader range of players and devices and are sometimes exclusive to audio. As audio continues to grow, it becomes an increasingly attractive target for fraudsters. They frequently target emerging media that attracts advertising spend but lacks comprehensive measurement standards.

DoubleVerify identified audio fraud where fraudsters combined invalid traffic with legitimate traffic to remain undetected – spoofing content on more than 500,000 devices, including mobile phones, tablets, CTV, audio players, smartwatches and smart speakers to drain advertisers’ budgets.
 
 

(3)