Product Marketing Lead Gavin Dunaway dives deep into a lead-gen scam that has flooded the ad ecosystem with low-quality creative.
Scam and deceptive advertising has always seemed like an ugly, unremovable wart on ad-supported media. In the past, shady, low-quality advertising was relegated to the classified ads in the back of magazines or newspapers, or super early-morning TV—partially because scammers wouldn’t plunk down the change for more expensive placements.
But digital advertising has changed the equation, particularly since scam advertisers can easily find prominent placements on premium publishers at reasonable CPMs thanks to ad networks and programmatic advertising. Hence the waves of acai berry ads, “One Simple Trick,” “Get Rich Working From Home!” and increasingly home solar and mortgage refinancing creative loaded with false claims. These aren’t just showing up archived pages published 10 years prior— they’re being served on heavily trafficked pages.
The Media Trust has detected a 38% growth in scam ads hitting the ecosystem since January 2021. [Figure 1] Scam and deceptive advertising employ false claims to promote products or services, and/or solicit PII from consumers for dubious purposes—a group we call “data leeches.”
The latter group—which we not-so-affectionately call “Data Leeches”—has drastically increased its presence in the ad ecosystem in 2021: in August alone, we detected more than 160 distinct incidents using different creative and formats for one prolific prolific and dishonest lead-generation company. (Each of those incidents can represent 10s of thousands of impressions). That month we blocked more than 110,000 ads for this service—on a single client.
Unfortunately, scam and deceptive advertising doesn’t resonate as a tangible threat to digital consumers along the lines of unequivocal malware like malicious redirects or software download prompts (although scam creative can host such nasty nasties), or bad, bad ads like malicious clickbait and phishing. Too many publishers are willing to look the other way and grab meager CPMs when Data Leeches come calling. The excuse: the onus is on the consumer to avoid being a mark.
But by enabling scammers to advertise on publisher pages—heavily trafficked ones at that—they’re leaving their audiences vulnerable to attack, and frankly dumping all over user experience with low-quality ads. At this tenuous moment for data-driven advertising, publishers need to strengthen their relationships with audiences—and scam and deceptive advertising pushes them away.
Data Harvest
While the green energy crusade is no doubt noble, it has brought out the fraudsters in droves. Home solar systems in particular have proven a lucrative market for scams, according to solar advocacy group Solar United Neighbors. The truth of the matter: installing solar panels and cells may dip your energy bill over time, but it’s an investment—while various tax breaks like the federal Investment Tax Credit might help ameliorate the cost of hardware and installation, they will by no means squash the expense.
These scam ads match many of the warning signs laid out by Solar United Neighbors, including using images of politicians, misleading information about localized energy bill rebates, false promises regarding upfront costs; and the great benefits that await if only consumers share personally identifiable information like email, phone number, and home address. A major lead-generation company with similar deceptive advertising was kicked off of Facebook ads in 2019 after complaints from state governments.
These Data Leeches sell personal data to a variety of lead-hungry industry suppliers. Less scrupulous salespeople typically target low- and middle-income homeowners by building on fabrications about no upfront costs to pressure them into predatory financing agreements.
But the data sales don’t stop there. One scam advertiser’s privacy policy spells out that it reserves “THE RIGHT TO SELL, RENT OR TRANSFER YOUR PERSONAL INFORMATION TO our participating service providers, as authorized by you, which include: lenders, agents, and debt management firms FOR ANY PURPOSE IN OUR SOLE DISCRETION.” There is no list available on the website.
When you actually share personal information, there is no mention of the additional data sales, just partnering with industry providers. No surprise, spurned consumers complained that they’ve been inundated with scam phone calls from a variety of industries.
A Plague of Scams
It may be tempting for publisher ad ops to shrug, grab the revenue from these ads, and leave consumers to their own devices. But running scam and deceptive ads is a double disservice to your audience. A portion of consumers are simply turned off by the low-quality creative, and your site’s reputation is diminished for letting such trash through the ad pipes. But those that click through and go on to share information will likely be harassed or swindled, and could have their data circulated
Think about it this way: you are letting scammers prey on the audience that you count on for revenue. How gross is that?
At the same time, beating back scam advertising is an industry-wide effort. In addition to hunting down malware like auto-redirects, software-install prompts, phishing, and other dastardly malware, The Media Trust’s Digital Operations & Security team is also stalking scam and deceptive advertising across the web. Exposing malware can sometimes be easier because the truth is written in the code (no matter how obscured). Unmasking scams and deceptive advertising requires painstaking research into the end advertiser to ensure an actor is working in bad faith.
Ad tech partners (SSPs and DSPs) that strive to be high-quality demand resources want to keep shady advertisers off their platforms. They can audit creative coming in for not only malware and sensitive categories, but also to identify scammers trying to exploit their pipes.
In the end, though, the publisher is the last line of defense—they can raise their programmatic floors or blacklist specific advertisers within their ad server, but these are not foolproof methods. A more comprehensive approach is to block Data Leeches with a real-time ad quality provider. Your audiences will be better off for it.
