A number of technologies were introduced for manipulation of images in the 19th century. And these were used in motion pictures later on. Such techniques got improved fast with the digital videos. Research conducted at academic institutions in the early 1990s helped in developing Deepfake technology. And, the developers fine-tuned this technology in online communities. In recent years, Deepfake has grabbed a lot of attention to be used in hoaxes, financial frauds and fake news. If we use the technology in a beneficial way, then it may come out to be good for the community. But the government had to limit and watch out for the illegal use of the Deepfake technology. What is Deepfake Technology? This technology refers to the creation of manipulated visual content which is generated with the help of sophisticated artificial intelligence. This technology helps in yielding modified images and sounds which appear completely real. In most of the cases, a person in an image or video is replaced with another person. Deep learning models, which is actually a sub-class in machine learning methods, are used in the creation of Deepfakes. These machine learning methods are generally based on artificial neural networks. How is Deepfake a big cyberthreat for our community? Deepfakes can be deceiving, hence they are considered as a threat to us. In 2018, a deepfaked video of Barack Obama was created which had an audio track synced with it and the audio track was by comedian Jorden Peele. Here, people objected to the election or political interference. It was said that there is not just political or military concern here, rather it had law enforcement, insurance and commerce concerns too. All these concerns were properly validated by an incident that took place in 2019. In this incident, the fraud people used deepfaked audios in order to scam a CEO of a huge company and steal his $243,000. As per the victim’s evidence, the caller used deepfake technology to replicate the German accent as well as melody of his employer and thus fooled him for taking that money. Despite the examples discussed above, there is still a need for materialisation of threats which may get posed by deepfakes. However, this technology is majorly used in creating viral videos or in creating adult content and not in any high tech cyberespionage which causes the security experts, computer scientists or politicians to worry. Does Deepfake technology pose the similar risk in 2021? One of the major reasons for Deepfake technology to not be in full-fledged level of scams is the essentiality of knowledge and the method with which they get generated. For creating a real looking or convincing deepfake, it requires the Artificial Intelligence algorithms and deep learning. Moreover, another factor which limits the use of deepfake is because scammers do not even need such technologies. There are several other low-tech methods which may help them in fooling other people. Then, why will they go for such a high-tech method for scamming? These reasons do not tell us that this technology will not cause any harm. It is possible that these barriers for creation of convincing frauds diminish with time. As they are getting popular among people, there are several apps also which makes it easier for scammers to create more convincing, cheaper and faster digital deepfakes. The best way for us to stay away from such cyberattacks or scams is knowledge. Every person who is well informed of the cases will be difficult to be fooled. How concerned should we be? As we have discussed, deepfake is not a huge threat to identity fraud. If a person tries to impersonate him as another individual as per the digital identity of that person, in this case digital manipulations cause some sort of threat to the methods of biometric authentication. But this is not applicable for a fraudster who is amateur. In order to create convincing deepfake images or videos, there must be significant technical expertise along with so much compute power, unlike some approaches like face morphing. So, it is evident that the scammers will need to put in a lot of effort and time in order to develop their capabilities so that they become capable of at least starting with creating convincing deepfake images, audios or videos. So, unfortunately, we cannot completely rely on this factor of technical barrier so as to prevent the scammers from using deepfake technology for duping other people. As for using any fraud technique or performing cybercrime, people could do this by packaging the code in order to allow others so as to allow others for leveraging Biometric authentication used to detect deepfakes However, we do not face such deepfakes frequently, we can still detect these deepfakes by using some important techniques. First of all, biometric analysis powered by AI can considerably help in determining if the video is forged or original. It uses techniques like motion, lip and texture analysis in order to verify the physical presence of the user. Secondly, we can do it by giving random instructions to the user so that we can know of their authentication. These instructions may include looking in the instructed directions, reading some phrases. These methods will help in predicting their authentication. The users who got to respond wrongly can be taken for further investigation. Also, the manipulation of deepfakes lowers down the video quality significantly. Lastly, the criminals should be fooled by making them think that we are capturing a deepfake video with the help of a phone, whereas we will use verification systems and fool them. Thus, you can know of the fraud.

Undeniably, technology today is stepping the ladders of success at the fastest pace and doesn’t seem to slow down! We today are able to do all the things that are the mother of all what-ifs in the past. Mobile phones are the most fascinating sources of entertainment. No person can claim to get bored when thawing phones in their hands. You can do whatever you wish like listening to music, contact a long-distance person, manage work, gaming, and whatnot. Internet facilities act just like the cherry on the cake for any mobile device, you can download your favourite songs and videos and share them among friends and family. In any situation like standing in a queue, long journey, waiting for someone, or getting bored, your phone will come to your rescue and offer you superb entertainment. The pattern of mobile devices in India The vast Indian market of manufacturing of handsets comprises smartphones and feature phones are just skyrocketing. As per the stats of the India Brand Equity Foundation (IBEF) knowledge centre , India is widely prominent to be the second-largest market for mobile manufacturing followed by China. India is believed to overtake the current position of China in the forthcoming years by 5 times if it moves with this pace and can be known as the largest market as compare to China, where growth has started to decelerate. How do I see which app gets what information? As soon as you install an app, it is much common that they ask for certain permissions. Even if we look at the past, several apps seek permission for about everything that they generally require upfront, but in the latest trending IOS and Android the things are very much segregated so they genuinely ask for access. If you see an iPhone, it is a very simple procedure to check what variations of data you have given permission for and from which apps, and if you wish you can also revise your decision with a click. In any non-Apple phone or Android phone, there is a somewhat streamline the setting of privacy in Android 10 and you can also see in some Android 6 version you see the settings in the app permissions options. Why are the apps demanding access to my camera? You must have seen several apps ask for your camera access, it is the most common permission asked by apps. You must have wondered why camera setting? Are they going to put surveillance on me without my knowledge? The answer probably is a no! This is actually a dangerous practice for every app and would not add a lot of value. But the question arises why camera access? Generally, there are some apps that give you access to upload your pictures like Instagram, Facebook, or scanning of QR codes. Until and unless the app is image-focused, there is no such need for any other app to ask for permissions. Why some apps are tar-getting on physical movements? Our phones are almost time connected with the internet and have an added feature of built-in GPS, which makes it easy to understand your movements. Facebook and Instagram have often tied your posts with some places, some music and video streaming apps also have interest in knowing your movements to give you suggestions. Yes, it has its advantages, but sometimes the odds are against us too as this information is something people are much protective about. Both the iPhone and Androids have this feature that calls for the “only while in use” feature with location access. Both of these systems also offer you an option of completely turning your location on or off as per your wish and will also remind you on a daily basis if any app is trying to track you from its backend. What are the safety measures to secure yourself? Completely focus on the app store Generally, your mobile devices give you permission for any type of app installation without their app store, but you should not accept the same. The app store of your phone offers reliable protection against any threat. The apps are perfectly reviewing the malware and along with this, your phone is also scanning any threat that might have left by the app store to ensure smooth functioning of your device. Any outside source, like a file that you download from some website, does not assure any kind of protection. See what your apps are accessing Whenever you install an app, they ask for several common permissions like GPS, camera, photos, and some more. But there are some apps that also require some other things like contacts, profiles, and even more. It is nearly impossible to use the apps without giving them access, but you should be aware that you should not agree to every condition. You might not know that there are some apps that also make money by selling your information to the advertisers and this is why you receive random calls too. You might have wondered why your calculator or flashlight app asks for your location or contacts. Use of Anti-virus and Anti-malware features Of course, nobody would let their computers work without any antivirus, then why would you let your phones stay unprotected? Until the moment you are using the internet, it is under constant threats. There are many anti-virus and anti-malware available for apps that ensure that you are not sharing any information that is not required or blocking the apps that affect your privacy. In a nutshell, People today are so much dependent on their mobiles as they offer startling benefits to them majorly connecting to people all across the globe in their daily life. But we don’t realise that it affects our personal information with any downloads we make or any internet facility we use. Privacy is anyways never secured, but many measures can be taken to protect your phone and your personal data which is important for the great functioning of the phone in the big picture! Author : Auhsini Das About Her : With a Data Science degree from IIT Madras, Aushini enrich audience with her high quality tech articles. Having +5 years of experience in content writing, She work passionately to create copy that converts, with a focus on maintaining your authentic brand voice.

So, you have just started a business and want to expand it. How do you do it? Well, obviously by advertising. But where do you advertise? The newspaper? The magazine? These options are isolated and most definitely don’t reach enough people. The main reason would be digitisation. So posters, newspapers, and tabloid magazines are just not enough anymore. This is where digital marketing comes in. Digital marketing needs understanding to make an online business campaign successful. What is programmatic advertising? Programmatic advertising is the technology the enables you to place ads in ad spaces of publishers. Now there is a process to how this works. First, let us understand the different components of programmatic advertising. SSP – stands for the supply-side platform. It is a kind of software that looks after the supply side of the publisher side. This software takes information from the publisher, such as – the minimum range for which a publisher offers their ad space, the content, and general information about the publisher. SSP mainly finds advertisements suitable for the publishers’ content and uses the ad space effectively. DSP – stands for the demand-side platform. This software takes promoters information – the maximum bidding price, the target audience, and the advertisement content. DSP mainly finds ad spaces based on user interest and shows those ads to the consumers. This enables targeting a specific audience and also ensures the ad gets good impressions. Ad space/ Inventory space– Ad space or Inventory space is any space you see in a website or platform where an advert is displayed. These ads are generally a result of programmatic advertising. Ad exchange – Ad exchange is a technology that acts as a mediator for SSP and DSP. Since it is technology, there is complete transparency for the advertiser as they can directly buy inventory space from suppliers. However, they are slightly complicated and may be best used by veteran businesses with a lot to invest in. Ad network – Ad network also is a mediator connecting SSP and DSP. However, an Ad network is a company. These Ad networks buy inventory space from publishers in bulk and sell to the advertisers. This means that there is a lack of transparency. The supplier’s direct price is not known, and thus the price listed by the Ad network could fluctuate. RTB – stands for real-time bidding. This is a complex process that happens in a fraction of seconds. When you click on a website, the SSP gathers your relevant information through cookies and sends them to the DSP. The DSP then places a bid for that ad space in the Ad exchange or Ad network. Now automatically, the highest bid is chosen. All this happens between the time you click on a website till the website loads. As soon as you load the website, you see the advert on the website. This process is real-time bidding. Tracking – Tracking is how the ad exchange or ad network tracks where consumers are coming from website adverts, or links in search results, through emails, or through social media. It tracks your campaign and thus increases impressions and reach. How does programmatic advertising work? So, as an advertiser, you use an ad exchange or ad network to pay for your campaign to get advertised on different websites, social media, web pages, and emails. DSP and SSP do proper audience targeting. Thus it is ensured that your advertisements reach audiences who have shown interest in campaigns and topics similar to yours. Real-time bidding makes the process very fast and quick. Further, through tracking, you can track the platform through which you get maximum impressions and reach. This makes the entire process of marketing a campaign online much faster, more comfortable, and efficient. Author : Auhsini Das About Her : With a Data Science degree from IIT Madras, Aushini enrich audience with her high quality tech articles. Having +5 years of experience in content writing, She work passionately to create copy that converts, with a focus on maintaining your authentic brand voice.

Digital piracy refers to the illegal act of duplicating, copying, or sharing a digital work without the permission of the copyright holder, a violation of copyright laws. Digital piracy grew out of computer hacking with the popularity of the internet and technology evolving rapidly, more and more people is choosing to consume their content online. Whether it's from a mobile phone, tablet or smart TV, online digital consumption is increasing and becoming the people‟s choice for accessing film, TV, music, books, software and games. Piracy comes in different forms. Each of the forms have a potential to harm enterprises and impact brand safety. 1. Counterfeiting : Illegal duplication, distribution and/or sale of copyrighted material with the intent of imitating the copyrighted product. 2. Internet Piracy : Software/Content being downloaded from the Internet. The same purchasing rules apply to online software/content purchases as for those bought in compact disc format or streamed online. Common Internet piracy techniques are:  Websites that make software/content available for free download or in exchange for others.  Internet auction sites that offer counterfeit or out-of-channel software/content.  Peer-to-peer networks that enable unauthorised transfer of copyrighted programs/content. 3. End User Piracy : This occurs when an individual reproduces copies of software/content without authorisation. These include:  Using one licensed copy to install a program/content on multiple computers.  Copying discs for installation or distribution of software/content.  Taking advantage of upgrade offers without having a legal copy of the version to be upgraded.  Acquiring academic or other restricted or non-retail software/content without a proper license  Swapping discs in or outside the workplace 4. Client- Server Overuse : This type of piracy occurs when too many users on a network are using a central copy of a program/content at the same time. If you have a local-area network and install programs/content on the server for several people to use, you have to be sure your license entitles you to do so. If you have more users than allowed by the license, that's "overuse." 5. Hard-Disk Loading :This occurs when a business sells new computers with illegal copies of software loaded onto the hard disk to make the purchase of the machines more attractive. Effect of Piracy on Business Revenue and Performance? Trust : Why should consumers pay when they can download the software/content for free? Revenue : Pirates share and download your software/content for free leading to severe income loss. Brand Image : Once the content is available for free, brand image and exclusivity goes for a toss! PiracyIQ by Com Olho We leverage state of the art machine based algorithms to takedown pirated versions of your software/content. Linear Discriminant Analysis, topic modelling to extract public endpoints to takedown illegal content. Learn more : https://www.comolho.com/piracyiq Content prepared by : Shweta Choubey, Summer Intern at Com Olho. Note : Content summarised above might be sourced from different public websites in order to summarise the rising menace of digital piracy.

Ever wondered why Ad Tech companies with no real inventories and most questioned for ad fraud are able to deliver on KPI's that matter the most? Have you been running an eCommerce mobile application and frequently supply limited & heavy discounted ad creatives to your ad tech vendors? The eCommerce landscape is so competitive, every performance marketer goal is to have maximum end of the funnel conversions keeping the user experience as the top priority. But do humans really scale? Next Generation Bots : In App Bot Fraud Those days are gone when cyber criminals used to target mobile app's marketing budgets for soft KPI conversions such as fake impressions, fake clicks and fake installs. While the marketers became aware of such a organized crime siphoning off there precious budgets, usage of preventive tools and measurements became a part of budgets. The New Age bots are programmed to act like a human and carry out specific in-app events, often tailor made for single mobile application. These bots are so sophisticated, they evade all fraud templates and are becoming a new headache for advertisers and policy makers globally. At this year’s Mobile World Congress conference, James Hilton, global CEO at M&C Saatchi Performance, urged the industry to work together to get the problem under control, observing that cyber criminals “use devious ways to keep pushing and maximizing revenue” through bots and “by spotting them through AI we can be a step ahead.” How is In App Fraud fueling retail black market? 1. Reselling Products: In App Bots often mimic human behavior to buy out high demand and low priced products on the e-commerce mobile applications. This forces legitimate users to purchase these items at a higher marked up resale prices, creating a bad user experience and deincentivizing loyal customers. These bots not only help siphoning off advertiser's budgets for a valid purchase and qualifying for all KPI's, but also help black-market supply chain gain momentum by supplying below cost price products into the market due to promotional heavy discounting done by e-vendors. 2. Fake Log-ins : Bots have dreams and they are highly ambitious, one of most easiest way to siphon of advertiser budgets is to gain access to real user and trigger product purchases or skim credit cards/UPI's which later lead to much bigger thread, financial fraud. 3. Deliberate Data Fudging : Since data has the ability to recognize and capture potential fraud and their endorsers, today cyber criminals are trying to deliberately skew this data to evade detection. This is triggering a much bigger problem for eCommerce players since these data decision fuels feedback loops and re-targeting algorithms. Solutions: 1. Deploy AI to uncover systematic Fraud : No matter how big and difficult the ad fraud fraud problem is, it is solvable. Cyber criminals like scale, and real humans don't scale. We need to deploy AI algorithms that follow the principals of behavior & scale. 2. Creating new verification events now and then : Bots have not reached a level of self learning, any new event in between would crack the bot up, advertisers should keep on adding random checks between in-app events to systemically break down any bot operation. 3. Taking Legal Measures against Culprits : Just like Uber took the media agencies, ad networks and ad tech players to court to question them on their data practices, more players should follow. Until the industry doesn't take a strong stand that fake traffic is non acceptable, this menace won't stop.

Let us take you back to the 3rd year engineering lecture on control systems. "If either the output or some part of the output is returned to the input side and utilised as part of the system input, then it is called feedback. Feedback plays an important role in order to improve the performance of the control system". Before we break the current Ad Tech system into one such control system, we would like to you understand how fake apps are used to acquire audience inventory from the market either by running campaigns through them with leading publishers/networks or installing a behaviour bot script onto these apps to generate traffic. If you haven't read this understanding from our previous blog post, read here. Understanding Feedback Loop 1 : The sole purpose of feedback loop 1 is to fuel the second feedback loop for increasing the overall performance of the system. In Ad Tech, the feedback loop 1 can be fuelled in 2 ways, 1. Fuelled by Ad Detection Vendor : Several times, in order to to prove the traffic is invalid and doesn't stand for payment, fraud detection vendors have to share reports and validations on why a particular set of attributes qualify for invalid traffic. This feedback in terms of reports and validations makes today's invalid traffic valid tomorrow as merely few attributes have to be changed to over throw the current algorithms of the fraud detection vendor in place. And then you would often see ad tech vendors say, Oh look, your campaign is optimized, it's fraud free now. 2. Fuelled by Re-targeting Campaigns/CRM :A better of way of building the first feedback loop for the Ad-Tech Vendor is to either acquire an advertiser's re-targeting planning or capture post acquisition data in name of optimization. In both the cases, the idea is to understand what qualifies for the good traffic. Acquiring CRM of advertisers is often used to fuel the acquisition DMP's of ad tech vendors. Understanding Feedback Loop 2 : Once the feedback loop 1 is complete, the information is passed onto the feedback loop 2 to empower the entire semi owned network of sub publishers often dummy mobile applications. And this is how, your traffic gets optimised. Where does the buck stop? The cycle of digital advertisement fraud is vicious one, highly unorganised in the front but organised behind and morally disengaged. The red arrow depicts the flow of funds, and it definitely stops at the Ad Tech vendors. No wonder, the market is highly inflated. What should the investors/advertisers look at? 1. FPPA (First Purchase per Acquisition) : No matter how sophisticated the invalid traffic creators get, the financial gain per acquisition for the advertisers will remain clean. A very easy KPI for investor/advertiser to understand the quality of user acquisition is to measure the performance of ad tech vendors over a ratio of total first purchases/total acquisitions over a period of 30 days. 2. Making the internal supply chain Independent : As the old Russian proverb, Trust but Verify. Advertisers should make sure, each of their systems are independent of each other i.e vendor for UA, vendor for Re-targeting and vendor for fraud detection. Instead of supplying each of the systems with feedback loops, the advertisers should stick to blocking the fraud publishers for further damage because invalid traffic can't be turned valid by mere optimization. 3. Say No to Network Effect : Ad Tech vendors are often heard saying the phrase "network effect". It sounds like the magic wand, which comes into play when the advertiser realises the need of continuous investment into user acquisitions until an effect is created by which scale happens automatically. But in reality, user acquisition's don't scale. Brand and organic growth is build only by continuous effort in content building, noise and customer service. Not everything that counts can be counted, and not everything that can be counted counts.

Data isn't just the source for anomalies detection for advertisers today when it comes to fraud, but it is also the source of reverse engineering for fraudsters to bend the rules and mimic bot traffic as real traffic. If you have been sharing ad fraud data with your partners, you are fueling a much bigger problem than it was at the first place. Every time a type of invalid traffic reason tags are shared within partner network, the clown in the same partner network works to find the way around so that the invalid traffic today becomes valid tomorrow. Basically, invalid traffic is any activity that doesn't come from real user with genuine interest. We are working round the clock to break this systematic type of fraud chain and make sure people who cause it don't profit from it. We are working towards an compliance with Interactive Advertising Bureau , Media Rating Council, Trustworthy Accountability Group to build world's first bait-caught model, where certain traffic changes are create deliberately to understand who is plaguing the supply chain. If you are committing to any of the 4 mistakes below, you need to probably rethink again. 1. Real publishers/networks never ask for attribution data for optimization. If you are being asked for post acquisition/attribution data from your trusted partner network in the name of optimization of your campaigns, you are probably being fooled around. The fraudster would eventually look into how does real traffic for your application looks like in terms of attributed data and mimic all it's sources to fudge all your matrices. This would be the death of performance which would impact your business certainly in 2-3 business quarters. 2. Never let an acquisition partner run your re-targeting campaigns. If you are already doing this, you might have to rethink this particular strategy. Your re-targeting audience is actually your loyal customers that is your brand's real food, you would never want a competitor's promotional creative to reach their eyes which can actually slip this particular customer into your competitors pocket. You might risk your CRM to be used for your competitors acquisition campaign. Set a neat line of legal understanding with your partners on usage of this data only for re targeting and not fuel any acquisition DMP whatsoever. 3. Keep changing your fraud detection algorithms. The fraudster's intention is to understand what logical filters or algorithms you are deploying to understand invalid traffic in your campaigns. Once this understanding is developed, it takes seconds to deploy invalid traffic mimic real user traffic. You would need to collate bunch of algorithms at your place and keep using them in mix-match fashion. 4. Not storing partners past mischief's. Every organization and network in the world today is plagued with ad fraud. It's alright to understand your partner's stand to improve over time, but it is foolish to not store the invalid traffic that you had caught before under partner's name/sub ID name table. Over the time, this data would help you understand the systematic name change of Sub-IDs but same fraud behavior in the subsets. Without facts and principles, data is useless.” – Bob Hoffman

Years have gone by and the Ad Tech industry has seen a whooping sense of consolidation and obliteration. According to Sloan Gaon, CEO of PulsePoint, ad tech leaders should double down efforts and embrace differentiation, specialization and verticalization if they would want to succeed. Analyst's forecast less than 250 net operating companies in ad tech in 2020 from over 1500+ companies in 2013. The domino effect of bad debt, ad fraud, technology upheaval and overheated evaluations within the industry has strong armed Ad Tech companies into the ultimatum, differentiate or die on the vine. Leading brands are moving more into the traditional way of advertising, McDonald's acquisition of Dynamic Yield to create more store walk-ins and drive-thru, trending menu items by geo-fencing or Walmart's acquisition of Polymorph to innovate it's digital advertising and draw more customers to the brand. While the list is endless, Sojern acquiring Adphorus, AirBnB purchased AdBasis. The industry is thrown back to the clear intent of brands looking to adopt, apply and integrate technology with data to effectively create real and transformative changes instead of driving fake acqusitions, MAU's and DAU's over unethically acquired inventories which has created an non transparent and non trust worthy ad tech market. As Jack Welch says, "Change before you have to". To successfully weather the storm, players should be wise to play a long term way keeping customer deliverable an utmost priority. The compound effect of poor profitability in an overcrowded market has left players to scout for working capitals from various sources by window dressing the balance sheets. Advertising needs to take into account the diversity of individuals in a generation to avoid being archaic and ineffective. - Dave Asch

For Every $3 Spent on Digital Ads, Ad Fraud Takes $1 The above figure has been cited so frequently that it has undoubtedly affected the perception of digital advertising. Unfortunately, this is also true, as cybercriminals have been snatching considerable sums of money from major businesses' advertising budgets throughout the years. One of the most poignant instances of fraud in any industry is certainly ad fraud. Digital ad fraud, mobile ad fraud, bot fraud, and other forms of practices that were once believed to be insignificant, are now costing the industry more than $68 billion in losses each year. Publishers and advertisers lose money as a result of the organised cybercrime activities that have grown out of ad fraud. But as a marketer, how should you respond to such sort of malicious activity? To answer that query, you first need to understand what ad fraud exactly is and how does it influence your advertising efforts? In this article, we will be discussing advertising fraud in the digital ecosystem. Ad fraud: What is it? Ad fraud constitutes efforts made by cybercriminals and fraudsters to deceive online networks in order to make financial gains. More specifically, ad frauds prevent adverts from reaching the real target audience and redirect them to non-human traffic. Digital ad fraud can function on several levels. Scammers employ bots to commit ad fraud, and they also have the ability to control traffic as well as elements like impressions, conversions, and imitating user behaviour. In marketing campaigns over the world, metrics such as traffic, bounce rates, impressions, conversions, etc. are used to determine its efficacy. However, it is relatively simple for cybercriminals to skew such data and figures. As a result, they have been duping big brands and businesses all over the world and stealing a good portion of their marketing budget. How does Ad Fraud function? There are many ways fraudsters can get advertisers and ad networks to pay them. In most cases, fraudsters send fake impressions, clicks, and traffic on digital ads. And not only bots, but fraudsters also rely on human-controlled traffic to engage in ad fraud. Bot traffic, often known as non-human traffic, refers to fraudulent ad impressions made by bots. Bots are typically programmed and trained to carry out automated processes. This way, they can perform suspicious activities such as clicking on adverts, visiting websites, and so on under the instruction of a fraudulent programmer. Their robotic behaviour and conduct make them easier to detect. On the other hand, incentivised fraud carried out by actual human beings is slightly difficult to assess. Impressions resulting from click farms will appear genuine (since they are from real beings), but those clicking on adverts are not the real targeted users for the ads. In addition, there is also mobile ad fraud, wherein malware is injected onto mobile devices. It not only compromises the mobile apps and ad campaigns running on the device but also puts the users’ private data at risk. What types of fraud exist in online advertising? Cybercriminals can commit ad fraud in a number of different ways. Sometimes the fraud targets ad networks for views, and on occasion, they may also impersonate clicks or impressions. Let us now look at some of the most popular and damaging ad fraud techniques that exist. Click Spam Click spamming, which is also referred to as click flooding, involves sending a lot of clicks to a digital advert. It is very common in mobile ad fraud, where fraudsters send a huge number of fake clicks in an effort to claim credit for app installations. The commission intended for the advertisers is given to the fraudster after the app is installed. Although the consequences vary, click spamming fraud affects almost every player in the advertising industry. It has a minor impact on users, but it has a significant financial impact if you are a network, publisher, or advertiser. Domain Spoofing Domain spoofing is a type of phishing in which an attacker impersonates a well-known publisher’s domain, and then trick advertisers and people into trusting them. Many websites reserve space on their platform for advertisements and charge advertisers to promote their business. Scammers use a publisher’s website and create a fake domain, fooling advertisers into thinking it is a real website. As a result, they charge a premium to place the advertisements there. Moreover, advertisers receive good impressions, traffic, and clicks, but most of these interactions are fake. (since the website is fake) Click Injection Click Injection is another common technique used largely for mobile ad fraud that steals legitimate, organic traffic from other sources. Using an app (suspicious app with malware) that is already installed on the user's device, Click Injection will trigger a click even before a new app is fully installed, allowing fraudsters to claim credit for the install. Click Injection exploits the existing drawbacks of the last-click attribution model and injects a click before the lead is submitted or an install is completed. Fraudsters can click on numerous adverts simultaneously by using bots or bot networks. Ad Stacking In ad stacking, numerous ads are stacked one on top of one another. In the single ad placement, fraudsters stacks multiple ads, but only the top ad is displayed to the user..In general, all of the ads below the top ad count as impressions but are not really seen by the user. The user only sees the top ad. Consequently, marketers are charged for all of the ad impressions and clicks obtained from the adverts underneath, even though the user only sees the top ad. Advertisers are paying for unseen or un-clicked ads since they still load properly and comply with the rule that at least one pixel must be visible for at least 0.5 seconds (a common metric in the digital advertising industry). The objective of ad stacking is to bill publishers and advertisers for each impression and click on each stacked ad. ​Click Farms It is one such ad fraud where the actual human beings were engaging in the crime. Click farms involve a large number of low-paid individuals recruited to particularly engage in target paid advertisements in order to "fake" impressions, clicks, and overall engagement of ads. Since it features real human traffic, it is also very hard to stop and avoid. Geomasking Geo Masking is a technique that can trick marketers into believing low-quality traffic ad high-quality. It is very easy for fraudsters to spoof or conceal the genuine location or address of a website, resultantly, also presenting fake users as a real ones. Some regions invest more in advertising and see higher conversion rates than others while running marketing initiatives. Thus scammers geomask their genuine identities using a VPN or RDP and thus get paid for irrelevant traffic, which is not the intended audience for the ad. How does Ad Fraud affect online advertising? While the primary motivation for ad fraud is money, in the context of ad tech, it is not exactly the end result. Decisions that are crucial to the campaign's operations are impacted by incomplete information. In addition to costing money, skewed statistics and misrepresented campaign outcomes can force marketers to implement more questionable decisions. The effect of the their method is overshadowed by the existence of malicious sources, even though it might be advantageous in a typical setting. How is Com Olho combating Ad Fraud? Monitoring anomalies in your ad campaigns can help determine the source of fraudulent or suspicious traffic. The anomaly-based strategy examines ad spaces for suspicious activity, such as unusually high traffic, unusual placements, and others. Ad fraud is becoming increasingly difficult to identify, particularly without the usage of anti-fraud technologies designed expressly to protect your campaigns and ad spending from such frauds. Com Olho's technology can assist organisations in preventing different types of ad fraud before they have the opportunity to steamroll their ads and drain their budgets. Schedule a free demo to learn more about how Com Olho may help secure your advertising initiatives.

Mobile penetration is at an all-time high, and hence enterprises have had to go online to stay afloat. People’s perceptions and attitudes towards digital media shifted in the wake of pandemic. App and mobile advertising providers currently own the majority of the digital advertising space. Today the majority of the digital advertising market is dominated by app and mobile advertising providers. Digital media consumption evolved in the wake of the COVID-19 pandemic. As consumers lead increasingly hybrid lifestyles, mobile is the top-ranked priority at 77%, followed by social media platforms and videos. Mobile penetration is higher than ever, and businesses have had to move online to survive. Such times make people more vulnerable, which provides new opportunities to the fraudsters. This year, mobile internet users in India are expected to surpass 600 Million. Mobile ad fraud is plaguing mobile-based performance campaigns like never before, as fraudsters are getting smarter and using innovative and more sophisticated techniques to steal money. Click Injection Evasion is one such sophisticated tactic syphoning off enterprise ad spend dollars. What is Click Injection Evasion? To understand click injection evasion, we first need to understand Click Injection Fraud. Click Injection is a sophisticated form of click spamming and a commonly used mobile ad fraud method that steals organic and quality traffic from other sources. Click Injection exploits the existing drawbacks of last click attribution model, and injects click before the lead is submitted or an install is completed. (To understand how click injection works in detail , read this blog.) Click Injection detection using CTIT (click to install time) anomaly has been widely used by mobile advertisers in India since 2016. Evading this detection, a more sophisticated form of this fraud is click manipulation, a type of ad fraud where fraudsters, while injecting a click, backtime the click time to make sure it evades the existing click to install time algorithms present with existing ad fraud detection companies. Com Olho calls this methodology “Click Injection Evasion”. How does Click Injection Evasion work? Click Injection Evasion, a sophisticated form of click injection fraud, is a type of mobile ad fraud that is advancing as the whole world turned digital and mobile. Fraudsters work with programmatic ad networks or pre-purn applications i.e the mobile applications that are pre-installed on devices by manufacturer, and lace them with behavioural trackers and adwares. This allows fraudsters to hijack organic mobile conversions and also steal traffic from social networks reattributing them as theirs. When more than 70-80% of acquisitions are done using social networks, stealing conversion traffic from these sources makes sense for fraudulent publishers. Com Olho using deterministic and admissible in court data algorithms, has not only been able to detect click injection fraud but also as detected fraudsters attempt to reverse existing fraud detection technology. Using our patented technology, our algorithms in real time can measure any kind of click data manipulation for financial gains. Who is affected by Click Injection Evasion fraud? Click Injection Evasion fraud affects almost every player in the advertising industry, even if the consequences vary. Networks and Publishers: Click Injection Evasion fraud will take away the credit from the worthy and deserving network and publisher, depriving you to make money even if you get an install as a result of your genuine efforts. Advertiser: Even if the campaign was influenced by click injection evasion fraud, it may look that the advertiser eventually received the desired outcome that is app installation. However, it impacts them in multiple ways. To begin with, advertisers might end up paying to the network or publisher even if they earned the installation with the organic efforts. Moreover, such frauds manipulate the campaigns performance and view-ability. This can also lead to a negative impact on advertiser’s decision making as they may keep spending more on fraudulent sources while downsizing the real and true performers. Needless to mention, that was not an ideal scenario to be in. What are the threats that Click Injection Evasion pose? Click injection evasion mostly affects the publishers who run digital ads across several platforms with the goal of driving app installations. CPI campaigns are usually run on multiple different ad networks, meaning that enterprises need to protect them across each such platform. The main threats are: Exhausted Budgets: Click Injection Evasion results in fake app engagements and clicks, wasting advertiser’s hard earned money that could have been spent on reaching real and genuine people.Many fraudsters also employ bad bots to increase ad views or clicks, which speeds up the depletion of budgets even more. Skewed campaign data: One of the most damaging effects of click injection evasion is the skewed campaign data that results from it. Marketer’s future campaigns and ad spending decisions depend on the data that they get from campaigns. Since any data affected by click injection evasion will be skewed, marketers will not be able to accurately identify which channels are most effective, perhaps, resulting in investing money into invaluable campaigns. What can you do to prevent Click Injection Evasion? Using Com Olho’s patented technology, enterprises can detect click injection evasion, a sophisticated type of click ad fraud, which is spoofing more than 4 Crore devices per day an affecting at least 10% of advertising spend siphoning off INR 250 Crore a month by digitally stalking over 10 Crore devices daily. As the fraudster was able to evade click injection, it is clear that our digital ecosystem cannot be protected from this type of fraud using the existing traditional methods for identifying such click anomalies. We ensure at least 20% Month-on-Month savings on mobile ad spends using their deterministic and patented algorithms. We also published a report that deep dives into a live case of a fraudulent publisher/ ad-network manipulating the click to install time and how using our patented technology, the company identified and detected fraudsters attempted to evade such click injection detection. In Conclusion The fraudsters’s ability to evade click injection indicates that the traditional methods for detecting click anomalies are insufficient in detecting and removing such fraud from our digital ecosystems. There’s a need for innovation at the enterprise level. Fraudsters are getting smarter day by day and are siphoning advertiser’s money by sophisticating their tactics.

"Someone once told me growth and comfort do not co-exist. And I think it's a really good thing to remember." - Ginni Rometty A year ago, I started my corporate career as a Data Lead with a start-up. And looking back now, it has been the best decision I could have made as I’m learning and growing every day in my career with Com Olho. The journey as a woman in a tech start-up is seen to be a tough and rocky one, but taking it positively as a challenge, I aspire to overcome all the social misconceptions and hurdles in my way. Com Olho gave me the chance to work together with a very young and highly motivated group of individuals to define and shape the team and the goals of the company. While focusing on learning all about data and tech, and continuously refining my data & tech skills, I often found myself taking on other responsibilities as well - the best way of gaining experience in new areas. It's difficult to summarise my journey so far in a few key moments, but here we go. The team Working with like-minded, driven, and inspiring people on a daily basis is gold. Everyone who joins the company is welcomed into this expanding family. It's all fun and jokes one minute, and then we're all brainstorming and working as a team on a product release the next. Responsibilities & recognition Having a flair for coding and aggressively toying with data, developing it in the most desirable way, and obtaining positive feedback from both management and co-workers gave me the feeling that I could make a difference. This is the place I'd like to be. 'Are you sure you're not a BTech graduate?' It's the nicest feeling in the world to get recognised for what you actually believe in, and what you enjoy doing. The shining moment Acknowledging and discovering my interest in data and technology was not an easy decision in my career, but being associated with a group of people that encourage you at every step helped me feel exactly at home in the moments when I needed it the most. Being a member of Com Olho and witnessing the shift of raising the first fund round - Seed Round - as well as all of the good improvements and recognitions that followed was a wow-moment. It feels amazing to watch our company and team evolve into something so powerful. Connect with me on LinkedIn : Link

Following the COVID-19 outbreak, the industry saw an increase in mobile advertising. According to a recent report, the total ad spend in India is estimated to cross INR 1 Lakh Crore mark in 2022. With a 45 percent share of the entire ad pie, digital is destined to overtake TV as the most popular advertising medium. The total estimated mobile ad spends from the total share of digital ad spend is projected to be greater than 60% in 2022, valuing it at INR 29,000 Crore. Digital spending is only going to increase. As a result, passionate marketers have the perfect opportunity to innovate and deliver the best ROI. However, they got to overcome a significant challenge in the process – Mobile Ad Fraud. Mobile Ad Fraud is a subset of ad fraud plaguing mobile based performance campaigns. It is a collective term used to describe a combination of tactics used to stop digital ads from being delivered to the audiences or spaces for which they were intended. One such tactic syphoning off enterprise ad spend dollars is Click Injection. What is Click Injection? As a marketer who is handling user acquisition, click injection is perhaps the most common fraud that you experience, regardless of if you have figured it out yet or not. Click Injection, a sophisticated form of click spamming, is a commonly used ad fraud method that steals organic and good traffic from other sources. Click Injection will use an app located on the user’s device which informs the fraudsters when a new app is installed, triggering a click before installation is completed, enabling fraudsters to take credit for the install. As a result, the attributes are manipulated and you will be paying the wrong media source instead of the actual (and deserving) source. Click Injection exploits the existing drawbacks of last click attribution model, and injects click just before the lead is submitted or an install is completed. How Does Click Injection Work? Click injection is a type of ad fraud technique that aims to win the last-click attribution in CPI campaigns affecting millions of devices. Fraudsters inject a click when an app is downloaded by a user on their device just before the install is completed. Publishers are usually charged a fixed fee when an app is installed, but when click injection is performed, fraudsters receive the financial credit for the app install. Fraudsters also utilise bots or bot networks to click on multiple ads at the same time. Here is how click injection works: Users may unintentionally install the malicious app that performs non-suspicious activities, like auto-changing wallpapers, flashlight, cat-voicing, etc., and it appears harmless to them. They can even make their way to mobile devices without the user’s knowledge. These apps have the ability to inject a click to run another application. The malicious app installed in the phone keeps performing its unsuspicious action until the user begins to download a new app, and the first malicious app contains code that alerts it of this new installation. Fraudsters inject a fake click to represent as the source of app install, as well as also inject the click to run the application. In the advertising industry that works on last click attribution, advertisers pay mostly to the last source that got the successful installation. In this model, the malicious app is able to claim the credit for getting your app installed. Hence, the advertiser attributes the credit to the fraudster and pays them a percentage of the revenue. Who Is Affected By Click Injection Fraud? Click Injection fraud affects almost every player in the advertising industry, even if the consequences vary. It marginally affects the user experience of the customers, but has a significant financial and reputational impact if you are a network, publisher, or advertising. Networks and Publishers: Click injection fraud will take away the credit from the worthy and deserving network and publisher, depriving you to make money even if you get an install as a result of your genuine efforts. Advertiser: Even if the campaign was influenced by click injection fraud, it may look that the advertiser eventually received the desired outcome that is app installation. However, it impacts them in multiple ways. To begin with, advertisers might end up paying to the network or publisher even if they earned the installation with the organic efforts. Moreover, such ad frauds manipulate the campaigns performance and viewability. This can also lead to a negative impact on advertiser’s decision making as they may keep spending more on fraudulent sources while downsizing the real and true performers. Needless to mention, that as not an ideal scenario to be in. What are the threats that click injection pose? Click injection affects mostly the publishers who run digital ads across several platforms with the goal of driving app installations. CPI campaigns are usually run on multiple different ad networks, meaning that enterprises need to protect them across each such platforms. The main threats are: Advertising budget losses Click injection result in fake ad engagements, wasting advertiser’s hard earned money that could have been spent on reaching real people. Compromised analytics Marketer’s future campaigns and ad spending are influenced by the data that they get from campaigns. Since any data affected by click injection will be skewed, marketers will not be able to accurately identify which channels are most effective, perhaps resulting in investing money into invaluable campaigns. What can you do to prevent click injection? Click injection, even though it is a simple sort of ad fraud for fraudsters to carry out, it is a malicious form of ad fraud because it infects devices directly. Keeping up with all of a fraudster's tricks is difficult. Without proactive anti-fraud solutions that automate the detection of bad actors and their methods, click injection fraudsters will continue to use low-quality apps to hijack devices. Protect your CPI campaigns against click injection Ad fraud prevention often feels like a cat and mouse game. As soon as you block one incident, another ten pop up in its place. Unfortunately, fraudsters are only getting smarter. Ad fraud is becoming more difficult to detect, especially without the use of anti-fraud solutions that are specifically engineered to prevent your campaigns and ad spending from such frauds. Com Olho’s solution can help enterprises prevent multiple forms of ad fraud before they have the chance to steamroll your campaigns and bleed your budgets dry. Find out more about how Com Olho can help protect your advertising campaigns by scheduling a free demo.