Hijacking, Stuffing, and Stacking – A Hacker’s Delight

This blog was written in collaboration with Senior Marketing Manager, Cristie Setzer.

Last year, the Interactive Advertising Bureau admitted that 36% of Web traffic was non-human traffic. In fact, some estimates claim that as much as 50% of Web traffic is fraudulent.

Ad and traffic fraud can inflate your impressions, clicks, click-through rate, and pageviews due to robot activity. What’s more, your number of impressions is likely to be inflated when ads are hidden/stacked and served on a page. Your clicks and click-through rate will be inflated when dishonest bots create fake clicks.
The 3 Ways Hackers Are Compromising Your Ads

  1. Clickjacking: Malware that sends real users to sites they didn’t intend to visit, or bots that imitate real users by continuously “clicking” or reloading a page to inflate visits.
  2. Ad Stacking: When multiple ads are stacked on top of the same ad placement.
  3. iframe Stuffing: When ads are compressed into a microscopic 1×1 pixel size and served on a page.

What does this really mean? This means that not every reported impression is actually seen by a potential customer, and that not every click recorded in your data actually occurred. This fraud creates warranted concern about the true impact of digital marketing tactics, most heavily in display advertising.

How Does Ad Fraud Affect Advertisers & Agencies?

For advertisers and agencies, display advertising is a crucial piece of the digital media strategy and provides valuable brand awareness and effective retargeting capabilities. These marketing pieces are necessary in promoting and maintaining a holistic user experience.

Hackers continue to get more and more creative with their methods, however, and even working with the most transparent partners is often not enough. As a result, when choosing a media partner or display vendor, we at Delphic work only with partners who have full publisher and reporting transparency in order to decrease the “black-boxiness” associated with many display experiences. We also have the opportunity to whitelist or blacklist specific sites based on performance, which allows us to better control where our ads are showing.

But, don’t let the risk of dishonest agencies and their falsely-manipulated data deter you; there is hope! Although click and impression data is subject to fraud, we know one thing as true-conversion data.

As many of you will know, branding and awareness campaigns are, of course, not just about the conversion-they are meant to increase brand awareness and engage new prospects too. But although this is a very important piece of the puzzle, the ROI, analytics-focused marketing world that we live in (sorry Mad Men) always comes back to the conversion. Even if CTR and impression volume looks awesome, it’s not enough. Instead of simply reporting the number of clicks or impressions an ad received, it’s important to determine what that click or impression did for your client’s business. Utilizing smart analytics is key to proving the value of display ads (and yes, it is valuable!).

Long story short, even if impression and click metrics are inflated, you can rest a little easier if your ads are tagged and tracked correctly. You then arm yourself with the ability to attribute conversions driven by direct, social, or paid search channels back to your awareness efforts through attribution modeling.

Event Spam – Coming to An Analytics Account Near You

It’s not just marketing campaigns that are impacted by hacking; analytics reporting is also being affected.

Analytics reporting has typically been considered “clean”-data is only captured from locations in which the tracking code and tags were placed (e.g., website, video). If something seemed off about the the data, the first step has always been to check the tags. Recently, however, there has been an explosion in spammy traffic and event reporting. So not only are impressions and clicks potentially inflated, but the site-side metrics are also being affected. It is an intrusive practice meant to create false traffic, pageview, and event activities.

The 3 Ways Hackers Are Compromising Your Analytics

  1. Web Crawlers: Some Web crawlers (non-legitimate ones) do not identify themselves as such and end up in traffic reports
  2. Ghost Referrals: Typically generated by a fake HTTP request so the traffic never hits the site, but is still captured in reports
  3. Event Spoofing: Similar to the Ghost Referral, but sends event tracking components (category, action, label) that leads to their appearance in event reports

Why This is Such a Big Deal for Analytics

Metrics are meant to be as precise as possible-it’s what many companies use to make or influence decisions. It is difficult-and potentially misleading-to be making decisions on data that is incorrect or on traffic that may not even exist. And if analysts are not even aware of the presence or severity of referral spam, they may be presenting wholly incorrect information.

Tracking can also be “misappropriated,” which means that it becomes easier for one company to intentionally damage another’s reputation, or take advantage of the customer base that a legitimate company has established.

What Can Be Done to Stop It
The analytics world is abuzz with suggestions and methods for how to stop the spam activity. The most common solutions noted in the articles we found include hostname filters, cookie manipulations, and referral filters. Unfortunately, because of the volume and variety of site URLs that we need to capture (and block), most of us use a combination of several filter/segment combinations, customized for the site’s specific spam issue(s). Regardless of your approach, it’s best to always create a new view in Google Analytics to test in first. Remember, filters will fundamentally alter how the data is processed, and can not be “undone.” That is, once data is filtered out, it essentially no longer exists and will not be recovered, even with changes to the filter or removal of a filter. For a situation such as this, apply filters to a test view to determine impact. Once happy with the results, only then should the filters be applied to your reporting data view.

 

« Prev Article
Next Article »