• by Tobi Elkin , Staff Writer @tobielkin, August 2, 2016

Back on July 18, Real-Time Dailyreported on new media authentication tools from DoubleVerify. The story included a reference to “injected ads.” Wanting to learn more, RTBlog checked in with Wayne Gattinella, CEO of  DoubleVerify.

Injected ads are part of the ad-fraud problem. According to the oft-cited Association of National Advertisers report, $7.2 billion is expected to be lost globally as a result of nonhuman traffic in 2016. And that number is likely much higher.

Gattinella tells RTBlog that injected ads, also known as pop-unders or pop-overs, are inserted into Web pages without the knowledge of publishers, consumers, and advertisers, and without the permission of site owners. Injected ads can be inserted on top of, or underneath ads that already appear, making those legitimate  ads impossible to see and thereby hurting publishers’ viewability scores. Injected ads can also replace other ads entirely, or appear on pages that weren’t supposed to include ads at all.

In other words, injected ads are a scourge.

Gattinella said the problem could start with a seemingly benign download by a consumer.  Malware then comes along with the downloaded content. The malware downloads into your hard drive and has the ability to deliver the injected ads.

Newer versions of injected ads “can literally overlay an ad against a valid ad that’s on a Web page you’re looking at, and you don’t even realize that it’s an invalid ad,” Gattinella said. Essentially, injected ads are “hijacking the publisher’s website and the brand that paid for the ad underneath.”

Injected ads can be served onto sites that don’t even serve ads, such as the sites of  nonprofit organizations. They look like they’re just another ad unit that’s being delivered on a page. Injected ads clutter Web pages with more ads than the publisher intended. Further, they can appear on any platform—video, mobile, display, and more. “The ads are not specific to a specific platform or format,” Gattinella said.

The bottom line: Injected ads are sophisticated invalid traffic. They’re ad impressions that shouldn’t be counted when evaluating the effectiveness of a site. “Injected ads defraud the publisher out of revenues that it expected, defraud the brand that’s losing out on a valid impression, and defraud the consumer because  their experience of a Web site isn’t good,” Gattinella  said.

The increasing advent of ad blockers is the consumer’s response to what injected ads create: a bad Web experience, and cluttered pages with too many ads. “The entire ecosystem is maligned by these ads," Gattinella  said. "Publishers can’t even deliver a valid ad because their ads are being blocked by these ads.”

Having been at the forefront of bot fraud detection, Gattinella said DoubleVerify is working on solutions to combat injected ad delivery. “We’re identifying the infected browsers and their signatures -- the unique address of the machine and specific browser that’s coming through the system. We are continually identifying emerging threats and schemes that cheat and defraud participants.” Once identified, the threats are shared with all the stakeholders that are bidding on impressions on a real-time basis or placing a media impressions as part of a general campaign.

“The threat is, fraud follows the money," Gattinella explained. "As more dollars flow into digital media, it also attracts the bad actors. I don’t know that that’s ever going to change. It’s the nature of the beast. We’re heavily invested in technologies that are able to detect anomalies and patterns that look different from the baseline. We look at billions of ad impressions per day. We identify anomalies and try to determine what’s causing them.”

He added, “Ad injection is just one of the many ways that the digital ecosystem can be compromised. It’s critical that marketers, agencies, and inventory suppliers continue to be vigilant and seek technologies that are able to keep the bad actors at bay. That’s our thrust.”