Table 2. Ad fraud categorization: the perpetrator, the victims, and the objectives.

Type of Fraud Does What
(Sub-Type of Fraud)
Who
(Fraudster)
to Whom
(Victim)
How
(Objective)
Ref.
Placement Fraud
(ads and ad related content is placed on a legitimate publisher’s website or a site set-up by a fraudster, with the goal of inflating the number of ad clicks and/or impressions)
Stuffing Keyword Stuffing Dishonest
Publisher
Advertiser
  • A dishonest publisher stacks multiple ad placements over one another—all advertisers are charged for the impressions/clicks even though only the top ad is visible to the user(s).
[62,63]
Placement Stuffing
Stacking
Domain Spoofing/Fake Sites Fraudster Advertiser/User
  • A fraudster mounts/publishes a copy of a well-known websites to mislead potential advertisers and/or users into thinking that they are dealing or interacting with the legitimate website.
[64,65]
Malicious Toolbar/
Malicious Adware
Fraudster/
Dishonest Publisher
Advertiser/User/
Premium Publisher
  • A user inadvertently installs a malicious tool-bar in their browser, which then allows the fraudster to inject ad windows into websites the user visits, thus artificially increasing the number of impressions on the shown/injected ads.
Ad/Content Injection Dishonest Publisher/
Deceitful ISP/
Malicious Competitor Publisher
Advertiser/User/Publisher
  • A dishonest publisher installs ad-injection scripts on their website to show more ads per webpage and increase their per-impression and/or per-click revenue.
  • A deceitful Internet Service Provider injects ads of their own choosing into the websites that their customers visit, (Only possible in case of unencrypted client-server communication).
[66]
Traffic fraud
(techniques that deploy ingenuine web visitors to inflate the number of clicks and/or impressions on a website)
Impression Fraud Dishonest Publisher/
Malicious Competitor
Advertiser
Advertiser
  • One way a malicious advertiser can financially hurt its competitor(s) is by generating a large number of fake impressions and/or clicks on the competitor’ ads (e.g., by hiring ‘human farms’ or web bots).
[67,68,69,70,71]
Click Fraud Publisher Click
Inflation
Advertiser Competition Clicks
Action fraud
(techniques that falsify user actions or mislead users into performing certain actions so as to generate revenue for the fraudster)
Conversion Fraud Dishonest Publisher/
Malicious Advertiser/Fraudster
Advertiser/User
  • To complete a purchase, the user is typically required to fill out a form by providing personal information such as name, address and credit card number. A dishonest publisher could conduct conversion fraud is by filling these forms with fake or stolen customer information so as to inflate the number of conversions coming through their site.
[5,72,73]
Re-targeting Fraud Fraudster/
Dishonest Publisher
Advertiser
  • A fraudster or dishonest publisher can mislead an advertiser into believing that fake users (typically a group of ‘pre-trained’ web bots) are prospective purchasers and encourage them to put a higher bid price on impressions generated by these bots ultimately increasing their ad revenue.
Affiliate Fraud Malware and Adware Nefarious Affiliate User/
Advertiser
  • A nefarious affiliate creates a site/webpage that looks like the home page of a legitimate website and is hosted on a look-alike DNS/URL domain. During interaction with this fake site, the user’s browsers gets stuffed with the nefarious affiliate’s cookies, or the user ends up inadvertently downloading malware. Besides hurting the user and the advertiser, the existence of such a ‘fake’ site could also hurt the reputation and the profit of the legitimate (impersonated) publisher.
[2,5,72,73]
Cookie stuffing
URL Hijacking User/Advertiser/
Impersonated Publisher