Ad fraud glossary

04/25 By IAS Team

Ad fraud is any deliberate activity that prevents the proper delivery of ads to the right people at the right time, in the right place. Most often, ad fraud refers to certain kinds of traffic. From ad injection to traffic sourcing, here’s your glossary of key ad fraud terms. For more on ad fraud, check out our guide.

Ad injection
Inserting ads into an app, web page, etc., without the consent of the publisher or operator of that resource. The ad can be visible or hidden.

Ad stacking
Placing multiple ads on top of each other in a single placement, with only the top ad being viewable. This is a form of impression fraud because the advertiser is paying for impressions even if the end user is not seeing an ad.

Adware traffic/ad injection
A device where a user is present and additional HTML or ad requests are made by the adware independently of the content being requested by the user. Adware may also contain a function to inject an ad from the software onto a web page as the user browses, rather than the ad being delivered by the publisher of the web page.

Auto-refresh
A page ad unit enabled to request a new rendered asset more than once and at periodic intervals.

Blacklisting
Using lists of known bad IPs, domains, or other parameters to prevent the serving of ads matching those parameters.

Bot
Short for robot; refers to a software program that carries out automated tasks on the Internet. There are good bots and bad bots. They may intentionally or unintentionally view ads, watch videos, click on ads, etc. For more on bots, check out these resources.

Bot detection
The detection and differentiation of bot traffic and bot impressions from human traffic and human impressions.

Bot prevention
The prevention of bot traffic and bot impressions before the inventory is bought or sold.

Bot traffic
Nonhuman traffic designed to mimic users and inflate audience numbers.

Botnet
A group of computers taken over by software.

Browser pre-rendering
A device makes HTML or ad requests prior to expected human-initiated navigation to the requested resources.

Cookie stuffing
A client is provided with cookies from other domains as if the user had visited those.

Datacenter traffic
Traffic originating from servers in datacenters, rather than residential or corporate networks. Typically, no end user is present, though proxy servers or other technologies may result in traffic appearing to originate from datacenters while still being delivered to human users.

Domain spoofing
HTML or an ad request that attempts to represent a site, device, etc., other than the actual placement. This tricks advertisers and ad exchanges into thinking the inventory is legitimate. This is also called domain laundering.

Hidden ad impressions
Impressions that are not actually seen by people because they are hidden behind other ads or website content (as in ad stacking), displayed in tiny iframes (pixel stuffing), or otherwise served in a way that prevents real ad views.

Hijacked device
A user’s device (browser, phone, app) is modified to request HTML or make ad requests that are not under the control of a user and made without the user’s consent.

Incentivized browsing
A human user may be offered payment or benefits to view or interact with ads or generate traffic on ad-supported sites.

Invalid Traffic (IVT)
Also referred to as Nonhuman Traffic (NHT) or Suspicious Activity Detection (SAD), it is online traffic generated from machines or other bot activity that interacts with digital ads.

General Invalid Traffic (GIVT)
Traffic that comes from known, nonhuman sources on publicly available IP lists. It can be identified through routine means of filtration. Key examples include datacenter traffic; bots and spiders or other crawlers masquerading as legitimate users; non-browser user-agent headers; hidden, stacked, covered, or otherwise unviewable ads; pre-fetch or browser pre-rendering traffic; and invalid proxy traffic.

Sophisticated Invalid Traffic (SIVT)
Nonhuman traffic that is more difficult to detect, and requires advanced analytics, multipoint corroboration/coordination, or significant human intervention to analyze and identify. Key examples include hijacked devices, hijacked tags, adware, malware, incentivized browsing, misappropriated content (if applicable), falsified viewable impression decisions, and cookie stuffing.

Pixel stuffing
The process of serving one or multiple ads in a single 1X1 pixel frame, so that the ad can’t be seen.

Proxy traffic
Traffic is routed through an intermediary proxy device or network where the ad is rendered in a user’s device where there is a real human user.

Retargeting fraud
Bots mimic a human’s intentions, such as an interest in a specific brand, in order to warrant the higher CPM typically associated with retargeting. Advertisers are deceived into believing they are receiving valuable, targeted audiences.

Sophisticated bot
A bot not listed in the industry bots and spider list and known browser list.

Traffic sourcing/Sourced traffic
Any method by which publishers acquire more visitors through third parties.