News UK finds domain spoofing causes $1 million a month in lost revenue

To investigate the level of domain spoofing occurring against its news brands, News UK conducted a programmatic blackout test for two hours in December. The result: 2.9 million bids per hour were made on fake inventory purporting to be News UK’s The Sun and The Times of London newspaper brands.

From the results, the publisher estimates that marketers are wasting £700,000 ($950,000) on domain-spoofed inventory per month. A total of 650,000 ad requests were made each hour, according to the publisher.

The publisher conducted the test between 3a.m. and 5 a.m. on Dec. 4, deliberately choosing a time that would be less disruptive to site visitors and wouldn’t hamper revenues or ongoing campaigns. The publisher shut down all programmatic advertising on its sites, including all supply-side platforms, its header bidding wrapper and all networks. During this time, it was impossible to buy programmatic inventory on The Sun, the Times or News UK’s fantasy football brand Dream Team. That made it easy to isolate inventory that still appeared to be offered on its sites as fraudulent.

The publisher wouldn’t name the SSPs, but The Sun’s partners include Google AdX, Rubicon Project, AppNexus, Index Exchange, PubMatic and Amazon’s A9, according to its ads.txt file. The Times’ ads.txt file lists Google AdX, Rubicon Project, AppNexus, Index Exchange, PubMatic,, OpenX and Sovrn. For the test, News UK chose to focus on inventory bought via its six biggest SSP suppliers.

The 2.9 million impressions were found to be across two specific SSPs, though one of those two had significantly higher fraudulent inventory within it, according to Ben Walmsley, digital commercial director for News UK, though he wouldn’t specify their names. The other partner showed some fraudulent activity, although mainly through three network vendors selling inventory that appeared to be from News UK titles. Two of the SSPs were totally clean, and the remaining two haven’t yet provided their data logs to the News UK team for that two-hour window, according to the publisher.

Most of the fraudulent inventory discovered was display, although there was also evidence of spoofed video inventory. The Times is a subscriptions title and doesn’t sell any pre-roll ads, let alone programmatically, so any video inventory purporting to be from the Times is fraudulent. The Financial Times also saw this occur across its own video inventory when it conducted its own domain-spoofing investigation.

“We wanted to expose where brands are being tricked into thinking they’re buying quality inventory, bidding on what they think is a premium site when it isn’t,” Walmsley said.

News UK has been in close contact with the SSPs, all of which have been cooperative and responsive, according to Walmsley. No deadline for removing the fraudulent inventory has been set for the SSP found to be carrying the most on its platform. Walmsley stressed the publisher wants to remain on good terms with its tech vendors and that it’s only by cultivating strong relationships with vendors, brand partners and agencies that fraudsters can be rooted out. “We’re all victims in one way or another,” he said. “If the SSPs hadn’t taken it seriously, then it might have been different, but they were very keen to address it.”

read more here:

YouTube suspends Channel Over Child Exploitation Video Concerns

YouTube is facing a fresh brand safety crisis as a number of brands have suspended advertising on the platform after it emerged their ads were run against content showing exploitation of young children. Brands including O2, Which? and Dropbox have suspended advertising on YouTube after The Times and The Sun flagged a series of ad enabled videos showing children in pain and distress. YouTube responded by removing one of the offending channels, and removing or demonetising the videos highlighted by the two newspapers.

YouTube has spent the year recovering from previous brand safety concerns, where advertisers found their ads were playing alongside extremist content, leading around 250 companies to stop advertising on the platform. Many have since returned, convinced by YouTube’s efforts to tighten its content filtering, but now doubt is being cast again on its ability to control its content as large channels featuring monetised disturbing content involving children have been pulled into the spotlight.

The Times singled out a channel called Toy Freaks which has run since 2011 and drawn over seven billion views where a man posted videos of pranks he pulled on his two young daughters, causing them pain and distress, as well as bizarre footage of him and his daughters crawling around and spitting liquid on each other. The Sun described some of the videos, which have since been taken down, where the man filmed his daughters screaming in distress at frogs and snakes being placed in a bathtub with them, and crying after being spoonfed baby food. YouTube analytics specialist SocialBlade estimates the channel could have earned anywhere between £544k to £8.7m per year.

Belinda Winder, a forensic psychologist and head of the sexual offences unit at Nottingham Trent University told Times that some of this content is designed to appeal both to children and to adults “who are not simply paedophilic but who also suffer from sexual fetishes involving pain and abuse”.

YouTube has now taken down the Toy Freaks channel and blocked or demonetised similar disturbing content on other channels, and says it will redouble its efforts to filter out and remove this type of content. “We take child safety extremely seriously and have clear policies against child endangerment” it said in an official statement. “We recently tightened the enforcement of these policies to tackle content featuring minors where we receive signals that cause concern. It’s not always clear that the uploader of the content intends to break our rules, but we may still remove their videos to help protect viewers, uploaders and children. We’ve terminated the Toy Freaks channel for violation of our policies. We will be conducting a broader review of associated content in conjunction with expert Trusted Flaggers.”

read more here:

How publishers are fooled by ads.txt fraud

Publishers say that third-party sellers like Thrive+, Ludius Media and SelectMedia asked to be listed on their ads.txt files, even though the publishers did not have direct relationships with these companies. These vendors say they were merely trying to form direct relationships with the publishers whose inventory they were reselling. In response to reporting on this subject, the politics publisher Salon removed Thrive+’s name from its ads.txt file, SpotX and LKQD terminated their relationship with the reseller, and OpenX sent an email out to its publisher clients that called the whole thing a “scam.”

Launched by the Interactive Advertising Bureau Tech Lab in May, ads.txt is a text file that publishers put on their web servers to list their authorized inventory sellers. The point of ads.txt is to reduce unauthorized reselling and domain spoofing, which are persistent problems in programmatic advertising.

The hubbub began last week when a publisher source announced on Reddit that he was receiving unsolicited requests from vendors to get on the publisher’s ads.txt file, which prompted an AdExchanger article on the topic. One of the vendors, Thrive+, was listed on 65 ads.txt files as of last week, according to Pixalate. Salon and were the largest publishers on the list.

Salon declined an interview request for this story, but as seen in these archived links, it removed Thrive+’s name from its ads.txt file after Digiday asked the publisher about its connection to the vendor. said it uses Thrive+ to sell its inventory, but it didn’t answer other questions that Digiday posed. Thrive+ said it has relationships with both publishers.

What’s made this particularly confusing is that in a phone conversation, Thrive+ referred to itself as a programmatic agency and a buyer of inventory. But ads.txt is for listing sellers of inventory, not buyers, which is a point ad tech people are passionate about.

“It’s definitely a reseller trying to not just game but cheat the system,” said Dan de Sybel, CTO of programmatic agency Infectious Media. “They want to pass themselves off as a legitimate source for selling this inventory. Buyers do not need to be added to ads.txt, only sellers.”

Bob Regular, managing partner of Delivering Yield, which invests in Thrive+, vehemently disputed that Thrive+ is engaging in shady arbitrage.

He said the ad tech industry’s response to the Reddit thread is a “mass bullying campaign that is working to destroy the company.” At one point, he said accusations against Thrive+ were “defamation.”

Regular said there is a nomenclature misunderstanding and that Thrive+ is helping publishers by reselling their inventory. Essentially, Thrive+ works as a supply-side platform reseller. In order to resell inventory, it must first buy it.

Since Google’s demand-side platform is beginning to use ads.txt to filter unauthorized resellers, the point of Thrive+’s emails to publishers was to let them know that Thrive+ buys inventory from them and that Thrive+ would like to work directly with them, Regular said. The full email it sent to publishers appears below. The ID numbers for each company have been scrubbed.

read more here: