IAS detects 404bot Scheme

02/25 By Victoria Chappell

In early 2019, the IAS Threat Lab, our team of fraud experts, unmasked a large-scale ad fraud scheme that has been on the prowl since 2018. This bot scheme’s main game is domain-spoofing, generating fake browser data and creating fabricated URLs earning its name: 404bot. 

What is it?

The 404bot capitalises on unaudited Ads.txt files, the very tool created to help ad buyers avoid illegitimate sellers and prevent unauthorised inventory sales from happening. A sign of the continually growing sophistication of ad fraud, the 404bot scheme was able to bypass many preventative techniques and ensured spoofed URLs would slip under the radar. 

What’s the impact?

The 404bot has affected a range of publishers domains, both high and low profile, many of which have one thing in common: large Ads.txt lists. In recent years, in response to a rise in counterfeit ad inventory, the IAB Technology Lab started the Authourised Digital Sellers initiative, known as Ads.txt to increase the transparency of inventory flow in the online advertising ecosystem. The implementation of Ads.txt by publishers thus far has shown a dramatic decline in bad actors being able to abuse the ecosystem, but fraudsters are constantly evolving and are now capitalising on unaudited Ads.txt files.

How does it work?

Similar to 3ve and Hyphbot, the main signature of the 404bot is extensive domain spoofing, where URLs are spoofed at the browser level – meaning that the data from the browsers are faked. To avoid the vulnerabilities exhibited by past bots, the 404bot ensured their spoofed URLs would not be easily detectable to the human eye, allowing the bot to slip under the radar. 

How much has it cost the industry?

IAS has estimated the 404bot is responsible for costing the industry upwards of $15 million dollars – a number that continues to grow – and has affected over 1.5 billion video ads. 

What’s next?

IAS will continue to work closely with publishers and the IAB Tech Lab to improve the Ads.txt model to limit their susceptibility to fraud attacks like the 404bot. 

 

To learn more about the impact of the 404bot scheme and ways to mitigate the risk of fraud in your next campaign download our white paper here.

 

Download now