By Sahil Patel
Oracle Corp.'s data cloud and measurement business said it
detected a new instance of fraud in streaming television that
likely impacted millions of dollars in advertising spending,
signaling a growing problem for advertisers as they move more
dollars into the medium.
The operation, which Oracle Data Cloud has dubbed "StreamScam,"
took advantage of flaws in streaming-TV ad-serving technology and
the supply chain to fool marketers into paying for ads that were
never actually seen by viewers on real devices and apps, the
Based on an estimated average cost of $20 to deliver a thousand
consumer impressions in connected TV viewing, the swindlers likely
stole $14.5 million over the last four months, according to Derek
Wise, chief product officer of Oracle Data Cloud. The scam, which
was first uncovered by Oracle over the summer before the fraudsters
accelerated their operation in September by faking more devices and
apps, is still ongoing, the company said.
Ad fraud is more commonly associated with web video and display
advertising, but bad actors are following the money as marketers
shift money into streaming TV.
Although still only a fraction of the $60 to $70 billion spent
on traditional TV in the U.S. every year, ad spending on
internet-connected TV sets, where most of streaming TV happens,
will reach almost $8 billion in the U.S. this year and likely total
$15.6 billion in 2023, according to research firm eMarketer.
And the ad technology infrastructure underpinning streaming TV
remains nascent compared with online and mobile advertising, giving
swindlers an opening, Mr. Wise said. "This is escalating
significantly," he said.
With StreamScam, swindlers used a practice known as "spoofing"
to trick advertisers into believing their ads were running on
legitimate apps and devices, according to Oracle. They used
thousands of servers to impersonate "server-side ad insertion"
technology, which are systems that stitch ads directly into
programming to prevent issues such as buffering during an ad break.
These fake SSAI servers then sent falsified ad requests
masquerading as legitimate IP addresses, devices and apps.
Oracle said it uncovered StreamScam after noticing
irregularities in the measurement data such as ad requests coming
from older Apple TV models running on new iOS software that they
couldn't support. An analysis from Moat, a measurement and
verification business within Oracle Data Cloud that says it tracks
server-side ad insertion as well as ad impressions that actually
play, confirmed the purchased impressions and programming never ran
on real devices.
StreamScam involved 28.8 million fabricated household IP
addresses, and spoofed about 3,600 apps and 3,400
internet-connected TV device models, according to Oracle.
Spoofing, the most common and troublesome version of fraud in
streaming TV, requires the exploitation of not just flaws within
the server-side ad technology but also a lack of visibility for
advertisers buying inventory on open ad exchanges, said Tal
Chalozin, chief technology officer of ad-tech firm Innovid Inc.
"That is the core part of all of this," he said. "They take
advantage of there being no direct connection between the merchant
and the buyer by inserting themselves into the middle."
Some advertisers have sought to do more direct deals with
streaming-TV ad sellers, sometimes setting up private, invite-only
automated marketplaces, in an effort to evade swindlers and secure
more control over where their ads run. But the industry will need
to improve the technology tools, systems and measurement within
streaming TV to more effectively combat ad fraud, Mr. Wise
Device makers, for example, can do a better job of disclosing
what percentage of different models are being used by consumers
currently, which would make it easier for measurement firms to
detect anomalies, he said.
Some efforts already have been made to combat ad-fraud in
streaming TV. Measurement and tech firms such as DoubleVerify Inc.
and MadHive Inc. are developing brand-safety and fraud-management
tools. Earlier this week, the IAB Tech Lab, a digital-media
industry nonprofit, signaled plans to bring a set of standards to
streaming TV called "ads.txt," which enable publishers and
distributors to declare who is authorized to sell their
Oracle's Moat, which is used by advertisers as an independent
third party to measure and track digital ads, also is pushing
clients to make "valid traffic" a requirement before purchasing
streaming-TV ads, much in the way they have learned to do in mobile
advertising, Mr. Wise said.
"Connected TV looks a lot like digital five years ago," Mr. Wise
said. "Our past told us programmatic advertising without
measurement was a bad idea; now we are talking about programmatic
ads across connected TV without measurement. We need to learn from
our mistakes a little bit quicker."
Write to Sahil Patel at firstname.lastname@example.org
(END) Dow Jones Newswires
December 18, 2020 19:04 ET (00:04 GMT)
Copyright (c) 2020 Dow Jones & Company, Inc.