What you need to know

• First industrial scale audio ad fraud
• Emerged from earlier attacks on ConnectedTV
• Advertisers are losing a million a month

Ad fraudsters have exploited every category of digital advertising although until recently audio seemed immune to the worst excesses. Not any more. Now a new ad fraud has been discovered that a generates fake audio traffic at scale through large audio platforms. 

The industrial scale ad fraud named BeatSting has been trousering almost a million dollars a month, according to ad fraud specialist DoubleVerify, a company that provides digital media measurement and verification solutions in the digital advertising sector.

Ad fraud is vast. According to UK based Juniper Research global losses accounted for $US68bn in 2022 alone.

DV claims to have first identified this particular family of digital ad grifting in 2019, and says since then an estimated $20 million has been siphoned away from advertisers. 

In the second quarter of 2022, DV's Fraud Lab says it detected a dramatic increase in fraudulent activity targeting audio channels after initially noticing smaller instances of this attack in 2021. 

According to the company, BeatSting is part of a bigger family of server-side ad insertion (SSAI) fraud schemes that emerged in 2019 targeting connected TV (CTV) inventory. 

"In this specific iteration, fraudsters begin by spoofing residential IP addresses and audio apps. At the same time, they also set up fake SSAI servers to falsify audio ad requests, making the inventory attractive to advertisers. If an advertiser bids on this inventory and wins the bid, their ad dollars are wasted on a fraudulent opportunity. And by creating fraudulent inventory, the fraudsters are also siphoning money away from legitimate audio channels," according to a statement from DV.

The authors of the DV report say the shift to audio SSAI is likely driven by financial opportunity and the opportunity to avoid detection.

"Fraud always follows the money – especially in emerging channels of digital advertising, where standards are developing and may not always be transparent to advertisers and networks. Fraudsters are often early adopters of new technology for this reason: non-standard integrations often provide an excellent way to circumvent fraud detection."

They argue that ad volume and the opportunity for ad fraud in audio have grown in tandem with user adoption.

"Not only is digital ad spend increasing consistently, it is the fastest growing digital segment, according to the latest IAB Internet Advertising Report. In fact, it increased by 57.9 percent to $4.9 billion in 2021. Although this is a fraction of the total advertising spend, fraudsters will likely increase their activity across this channel as audio traffic continues to grow. This makes transparency and partnership between verification providers and platforms critical to protect ad dollars."

Avoiding detection

"Moreover, when schemes operate under the umbrella of a fraud family, different variants may take on different tactics. One of the most notable fraud families is OctoBot, a scheme that first became active in November 2019."

The report reveals that BeatSting also originated as a single CTV scheme that same year.

"Since this family has not always targeted audio, it is possible the attack will again shift focus away from audio apps and potentially migrate fully back to CTV. "

So far this year DV's Fraud Lab claims to have detected and stopped an additional seven new SSAI variants aimed at falsifying CTV traffic.

"BeatSting’s family of fraud schemes, in particular, has shown unusual mutations beyond the move into audio. Another scheme in the BeatSting family, LeoTerra, began attempting to hide its behavior by targeting Internet-of-Things (IoT) devices during H1 2022. The evolutions identified here show the lengths to which fraudsters will go in adapting their strategies to avoid detection."

Mark Zagorski, Chief Executive Officer, DoubleVerify said, “Fraud always follows the money, and increasingly that money is flowing to digital audio, a rapidly emerging channel where digital advertising standards are still evolving. CTV continues to experience this phenomenon and, increasingly, audio is quietly becoming a new channel of interest and attack.”

For his part, DV's Australian Country Manager Imran Masood at DoubleVerify warned, “We can only expect fraudsters to increase their activity across this channel as user adoption grows. In Australia, we have observed a steady increase in the growth of digital audio listeners, as well as an increasing media investment in digital audio according to the IAB Australia ‘Audio Advertising of the Nation 2022’ report. It is imperative advertisers work with providers who can offer comprehensive protection to their ad investment.”