Millions of dollars syphoned from advertisers in large scale audio fraud scheme

DoubleVerify’s Fraud Lab has discovered the first audio-based large-scale ad impression fraud scheme.

Digital media measurement platform DoubleVerify (DV), has discovered a large-scale fraud scheme targeting audio inventory and according to DV, it’s the first of its kind.

Now referred to as ‘BeatSting’, the fraud scheme was costing unprotected advertisers up to $1m per month. It begins by spoofing residential IP addresses and audio apps while simultaneously creating fake server-side ad insertion (SSAI) servers to falsify audio ad requests. This makes it seem like the apps have users and inventory on which legitimate advertisers would want to bid.

There is a possibility that BeatSting’s audio invasion is just tip of the iceberg, part of a larger web of SSAI fraud schemes, it was initially designed to target connected TV (CTV) which was first identified by DV Fraud Lab in 2019. However, DV believes that while CTV schemes have been under the microscope, audio has quietly become a new channel of interest for attackers.

The spike in audio interest from fraudsters is credited to its money-making capabilities. Per Statista, digital audio spend is steadily increasing and if an advertiser bids on a fake inventory - like those created by BeatSting - and wins the bid, their ad dollars are wasted on a fabricated opportunity and going into hoaxers pockets instead. Further, by creating fraudulent inventory, fraudsters are syphoning money away from legitimate audio channels.

Mark Zagorski, Chief Executive Officer at DoubleVerify, said: “Fraud always follows the money, and increasingly that money is flowing to digital audio, a rapidly emerging channel where digital advertising standards are still evolving.

“CTV continues to experience this phenomenon and, increasingly, audio is quietly becoming a new channel of interest and attack.”

Since the initial identification in 2019, an estimated $20m has been syphoned from advertisers by fraudsters.

“This is the first time a fraud scheme has generated fake audio traffic at scale through large audio platforms”

The quiet shift to audio inventory schemes presents a frightening possibility for hapless advertisers, particularly with CTV still being targeted at scale by fraudsters.

Initial attacks on audio channels were noticed by the DV Fraud Lab in 2021, occurring on a very small scale. However, early in the second quarter of 2022 and again in January of this year, a dramatic spike in fraudulent activity targeting audio channels was identified.

According to the DV Fraud Lab however, the issue was quickly neutralised so the financial impact on DV advertiser and partner platforms ceased.

In order to prevent digital fraud schemes from metastasizing, DV Fraud Lab aims to uncover the latest schemes as they occur and shut them down in real time. Fuelled by a team of data scientists, mathematicians and analysts, the system performs continuous analysis, scenario management and research to pinpoint the sites, apps and devices responsible for fraudulent activity.

Looking ahead, audio advertisers will need to be just as cautious as those within CTV when making bids on inventory or risk becoming susceptible to nefarious schemes which could cost them precious time and money.