But an investigative report (PDF) recently published by Social Puncher, “an independent company that serves as a sheriff in the digital ad market”, suggests that publishers seen as legitimate can be the source of fraud.

The report claims Newsweek Media Group (NMG), whose digital properties include Newsweek.com and IBTimes.com, paid for fraudulent traffic that led to it earning millions in ad revenue from an ad campaign run by the Consumer Financial Protection Bureau (CFPB). Specifically, the report alleges that  “Ibtimes.com in spring 2017 (March-May) received 13,300,000 of laundered via tech domain pop-under visits and 5,500,000 non-laundered pop-under visits.”

Many of the sites originating this traffic were said to be file sharing and pirated video streaming sites. Layers of redirects were used to hide the origin of the traffic, Social Puncher’s report states.

BuzzFeed, which conducted its own investigation into IBTimes India, says that two independent ad fraud detection and measurement firms identified similar patterns. What’s more, BuzzFeed reported that one of those firms, DoubleVerify, has this month “classified IBT’s US, UK, India, and Singapore sites as ‘as having fraud or sophisticated invalid traffic’”.

As a result, DoubleVerify “is now blocking all ad impressions on these sites on behalf of customers.”

Not surprisingly, NMG disputes the claims that it has been engaging in fraudulent behavior. While it admitted that it purchases from ad networks that generate pop-up and pop-under traffic, it told BuzzFeed that this represents a “small percentage of traffic on our sites” and “we use third-party platforms to verify and filter this traffic to ensure it is of the highest quality.”

According to BuzzFeed, NMG refused to identify those third-party platforms by name.

Who can advertisers trust?

Certainly, the fact that multiple independent sources have raised the same suspicions calls into question NMG’s claim that it was acting on the up and up.

But more importantly, it calls into question just how much advertisers can trust the digital advertising ecosystem.

According to Social Puncher, the CFPB’s purchase of ads from NMG was conducted on its behalf by GMMB, a Washington, D.C.-based agency. Its report indicates that one of the largest campaigns GMMB ran for the CFPB was a video campaign that consisted of $6.4m in direct ad buys through the DoubleClick Campaign Manager DSP and that over half of the budget went to NMG.

Many advertisers of course outsource media buying to agencies and this wouldn’t be the first time that an advertiser has come away let down.

Late last year, Uber sued ad agency Fetch, which is owned by Japanese holding giant Dentsu, alleging that it had squandered “tens of millions of dollars” to purchase non-viewable, non-existent or fraudulent traffic on Uber’s behalf.

While that’s a different scenario – neither Social Puncher or BuzzFeed has alleged that the CFPB’s agency knew about NMG’s questionable traffic buying – it is clear that even the firms advertisers are hiring for their media buying expertise are often falling short when it comes to policing fraud on behalf of their clients.

In the case of the CFPB and NMG, what’s particularly disturbing is that the alleged fraud wasn’t the product of, say, opacity in the programmatic market. It was conducted by a publisher seen as reputable enough to be awarded a significant irect buy from a legitimate agency.

The lesson: the ad fraud problem runs deep and while progress is being made to reduce the ease with which ad fraud can take place in programmatic markets, there’s still the very real ability for large-scale fraud to take place in plain sight. To address this, advertisers are going to have to get more aggressive in vetting the capabilities of their agencies to address fraud. Ultimately, they may conclude that they either need to move some of their media buying in-house or exercise much greater oversight over agency buys.

Further reading: