DEVCON’s Maggie Louie talks about why creating a study on ad fraud impacting publishers is so important right now


DEVCON, Local Media Association and AdHack.org are collaborating with local media publishers to create the largest ever study of ad fraud in the publishing industry. 

To access free tools to combat digital ad fraud, and participate in the study, click here.

To learn more about what will be in the study and what’s happening today in this space, we caught up with the CEO of DEVCON, Maggie Louie.

Can you tell us a little about what DEVCON does and what it’s doing to try to address ad fraud?

DEVCON is a cyber security company and we develop anti-virus, anti-fraud software for adtech, like a Norton for you ads. The industry has been very focused on bot traffic and view ability, and those are certainly issues, but there is a bigger emerging threat that is taking a devastating toll on publishers and that’s the rise of exploited ads.

Our platform provides real-time filtering of bad ads, allowing good ones to continue generating money, and blocking only the exploited ads.

You can actually see the effects on network revenue in our yield dashboard, where we track revenue across networks alongside of the real-time attacks we’re blocking.

Tell us at a high-level what’s happening with ad fraud today and why news organizations should be on guard?

Popups, malicious redirects, drive-by downloads, crypto miners, they are all making their way into the ecosystem suspiciously, and without the consent of the ad networks or the publishers. 

They do this in a myriad of ways, but most commonly by hiding a popup inside a legitimate ad, that not only redirects the user, but can deploy secondary attacks that have greater revenue opportunities for the bad actors.

On the black market harvested consumer data sells at the low end for $3 per attack. So you can imagine why this is so popular. To put that into perspective, last month we blocked over 6M bad ads/exploits for publishers. Of course that had ad revenue losses for the publishers, because those ad placements were hijacked to display the popups, but that revenue is small compared to the resale of harvested consumer data, which would have the earning potential of $18M for bad actors … criminals.

What are some of the areas and highlights LMA members should expect to see in the report DEVCON, LMA and AdHack.org is developing for the publishing industry?

Consolidated solutions for monitoring, managing and protecting: ad revenue, ad quality, user engagement, time on story, tag verification and ability to self-audit inventory quality providing direct intel to big advertisers, DSPs and advertising agencies, while eradicating ad fraud threats for advertisers, publishers and consumers.

Some of the most important finding will be:

  • How many of these attacks are happening on average
  • What are the top vulnerabilities hackers are exploiting, and what can be done to create lasting change
  • How much is it costing the publishing industry
  • Breakdown of attacks by device, content, time of day, and type of exploit
  • What are the top types of exploits by volume of attacks
  • Top exploits by risk ranking. Risk ranking based on exploit sophistication, level of access or financial damage it is capable of
  • Seasonality of attacks

What should media companies be doing today to protect themselves from ad fraud?

Be proactive, educated and responsive. Partner with an ad fraud company.

We know budgets are paper thin, that’s one of the main reasons we wanted to offer a free tier. With Google looking to clamp down on the popup problem, the consequences of not being proactive could be devastating. The only way to shed light on the misconceptions is to do research that will prove that these popups are not something publishers want, but if you read the most current mandate from Google, it’s clear that change is coming.

I did write on behalf of the publisher defense and they did update the article with the following, but the kind evidence that can be generated by the LMA/ Adhack study, will prove that publishers are not complicit or financially gaining, but rather the opposite.

“Maggie Louie, CEO of cybersecurity vendor Devcon, disagreed with this assessment, arguing that website publishers are not necessarily responsible for the deceptive content of ads served through their sites.

“Publishers are not publishing these bad ads,” she told The Daily Swig. “They, in face are going to great lengths to stop them! These are pervasive encrypted attacks being deployed through ad networks of all kinds. They are being passed though often injected into perfectly normal looking ads and other encrypted code.”

“The ad networks don’t want this either. They are fighting just as hard as the publishers against these unwanted pop-up ads and malicious redirects.”

Where can media members get more info on ad fraud?

There is so little research available, that’s why this study is so important. The bulk of research focuses on bot traffic and viewability – blaming the publishers for invalid traffic. Publishers are not slamming their own sites with bots to increase traffic and ad views. We know that.

There are people who are benefiting from ad fraud, but it’s not publishers. It’s time to pull the curtain back and figure out who the real  bad actors are, and stop them.