The dating app, popular in the LGBTQI community, has recently been discovered as the targeted unknowing escape vehicle used in an ad fraud scheme. The operation, named “DiCaprio,” was akin to a digital version of a ‘bait-and-switch’ and used a method called ‘advertising spoofing’ to generate fraudulent revenue.
The app, which is currently available in 192 countries, and has garnered over 10 million downloads from the Google Play Store, was the playground for the fraudulent activity. However, the real victims are the advertisers that believed they were paying for premium OTT video ads over Roku devices. Instead, they were paying for simple banner ads in Grindr.
The ad fraud scheme mostly targeted impression-based campaigns. Thus, advertisers and marketers were the targets, Roku was the bait, and Grindr was the vehicle used to perpetuate this fraudulent scheme.
A Grindr representative said the company was not aware of the ad fraud operation prior to hearing about it in the media and that they are currently “taking steps to address it and are continually working to implement new strategies to protect our users.”
“Grindr is committed to creating a safe and secure environment to help our community connect and thrive. Any fraudulent activity is a clear violation of our and conditions and something we take very seriously,”the representative added.
The app, which has over 2 million DAU or daily-active-users, and over 5-6 monthly-active-users or MAU, was likely targeted due to its high in-app engagement, and thus, high availability of spoofable digital advertising real estate.
Some of the spoofed Roku apps that advertisers thought they were purchasing in-app space inside included PBS, CBS News, FOX, and FOX Now. Advertisers would have paid a premium for these simulated OTT premium video spaces with the assumption these ads were being shown to genuine Roku users.
This calls to a greater problem, surrounding the integrity and legitimacy of digital advertising, which is often vulnerable to ad fraud, spoofing, and attribution fraud.
Roku’s vice president of communications, Tricia Mifsud, stated that companies should be vigilant in order to fully protect their brands when purchasing OTT advertisements using open exchanges, as this poses a higher risk than when buying from publishers or platforms directly.
“We recommend that OTT ad buyers buy directly from Roku or publishers on the platform. When buying from other sources and especially open exchanges, the buyer may be better served to use technology that can help with verifying the source of the ad requests,” Mifsud stated.
An example of the type of premium locations of the spoofed Roku ad spaces
The specific technique used, ad spoofing, is one of the more sophisticated forms of ad fraud among the myriad of types, including SDK spoofing, click injection, cookie stuffing, and ad stacking to name a few.
These are the specific steps of how the ad fraud scheme “DiCaprio” was carried out.
A real user opened the Grindr Android app, triggering a standard impression ad sale via their demand-side-platform or DSP.
Another normal part of the process, performed by the content delivery networks (CDN), runs in the background, passing on crucial information back to the app (in this case, Grindr), also facilitating the ad exchange.
New ad requests were fraudulently sent, claiming to be for premium Roku OTT video ad space in the dimensions of 1920 x 1080.
This information was made possible through the complex and flexible algorithm named “DiCaprio,” which was created to spoof Roku’s traffic.
Advertisers bid on the premium space in the advertising exchange when, in fact, the ads were being displayed on Grindr.
One of the companies that do genuinely sell advertising space in Roku apps, S&W Media, an Israeli firm and ad network, says they deny any involvement in this particular fraudulent attack, and that historically when ad fraud was detected, advertisers were refunded.
“In August 2019, one of our advertisers brought to our attention that some of the traffic we were sending him was suspected of being fake. We immediately worked to locate the traffic sources and stopped working with this supply, in addition to not paying them for this traffic,” he said. “We do everything in our power to battle fraudulent traffic, including using third-party verifications tools. We as a mediator have suffered the most from this kind of activity and will do anything in our power to stop it, including developing inside tools to fight this,” said CEO of S&W Media, Nadav Slutzky,
Source: Interceptd Q2, 2019 report. This report shows the scope and severity of the mobile ad fraud problem, and the potential 2020 financial forecasts.
Ad fraud does not just extend to DSP and CDNs but also ad networks, affiliates, influencer marketing, and every reach of the advertising and marketing funnel.
“Fraudsters will combine their highly specialized skills in 2020, attacking the whole marketing funnel,” he added. “Eventually, we predict ad fraud to increase in evasiveness. Thus, ad fraud prevention in 2020 will require a holistic approach.”
