DoubleVerify Fraud Lab Report: CTV Fraudsters Impersonate Smart Refrigerators to Falsify CTV Traffic

Rhea-AI Summary

DoubleVerify (NYSE: DV) has identified a new variant of the LeoTerra advertising fraud scheme, which spoofs IoT devices to conceal fraudulent activities. This latest variant has cost unprotected advertisers around $10 million this year. In the first half of 2022, DV flagged three new variants, with LeoTerra spoofing over 92 million devices. As CTV advertising spending grows, estimated to reach $27.5 billion by 2025, the threat of fraud continues to escalate, prompting DoubleVerify to enhance its fraud detection efforts.

Positive

• Identification of a new variant of the LeoTerra fraud scheme.
• Prevention of up to $10 million in losses for advertisers.
• Ongoing development and enhancement of fraud detection measures.

Negative

• Estimated fraud cost to advertisers could rise as detection evolves.
• Continued susceptibility of CTV inventory to fraud schemes.

The latest variant of LeoTerra is spoofing IoT devices such as smart refrigerators and smart watches

NEW YORK--(BUSINESS WIRE)-- DoubleVerify (“DV”) (NYSE: DV), a leading software platform for digital media measurement, data and analytics, today announced that the DV Fraud Lab has discovered a new variant of the Connected TV (CTV) advertising fraud scheme, LeoTerra – which it first identified in July 2020. The new variant spoofs IoT (Internet of Things) devices, including smart refrigerators and smart watches, in an attempt to hide fraudulent behavior. DV estimates that LeoTerra’s latest variant has cost unprotected advertisers up to $10 million this year alone.

“This latest iteration of LeoTerra shows how fraudsters are always looking for new ways to avoid detection,” said Roy Rosenfeld, Head of DV’s Fraud Lab. “It also highlights how easily they spoof millions of devices by simply rotating through device lists that are free and easily accessible online.”

LeoTerra is a server-side ad insertion (SSAI) scheme that is part of an extensive operation of SSAI schemes known as OctoBot. To spoof large numbers of devices, fraudsters often use online device information sources, where they download lists of devices and incorporate the device information inside their falsified ad requests. This makes it appear as if their fraudulent traffic is coming from millions of different devices.

In some cases, online device lists also include unique or invalid device information. The fraudsters behind LeoTerra downloaded an entire list of CTV and mobile devices from one of the popular online device information providers. This list, however, included more than just CTV and mobile devices – it also included IoT devices. Through the unique and invalid devices, DV accurately identified the fraudsters’ source for extracting their spoofed device data, catching the new variant and continuing to block its impact for customers.

“LeoTerra is continuously shifting patterns in its attempts to evade detection,” added Rosenfeld. “In the first half of 2022 alone, DV identified and flagged three new variants of the LeoTerra scheme. These three variants, including the one impersonating IoT devices, have spoofed more than 92 million devices during H1 and up to 3.5 million device signatures each day.”

Connected TV (CTV) advertisers in the US spent $14.44 billion last year on CTV¹ and, at its current pace, that number is expected to grow to $27.5 billion by the end of 2025². As revenue opportunities in CTV grow rapidly, so does the opportunity for fraud.

“Unfortunately, CTV inventory is highly susceptible to fraud,” said Mark Zagorski, CEO, DoubleVerify. “Fraud usually follows the money – particularly in environments that lack data transparency, industry standards, and technology solutions to counter it. The CTV ad ecosystem is no exception.”

As the industry has become more aware of CTV fraud’s scale and impact, DV has seen fraudsters evolve to evade detection, with more schemes mutating or changing their initial approach. To date this year, for example, DV’s Fraud Lab has caught and stopped six new SSAI variants aimed at falsifying CTV traffic.

DV’s Fraud Lab — powered by a dedicated team of data scientists, mathematicians and analysts — performs ongoing detection and analysis of new types of ad fraud across channels in order to uncover the latest schemes as they occur. Through continuous analysis, scenario management and research, the Fraud Lab pinpoints the sites, apps and devices responsible for fraudulent activity and updates protection for DV clients in real-time.

For the full LeoTerra variant report, click here.

About DoubleVerify

DoubleVerify (“DV”) (NYSE: DV) is a leading software platform for digital media measurement and analytics. Our mission is to make the digital advertising ecosystem stronger, safer and more secure, thereby preserving the fair value exchange between buyers and sellers of digital media. Hundreds of Fortune 500 advertisers employ our unbiased data and analytics to drive campaign quality and effectiveness, and to maximize return on their digital advertising investments – globally. Learn more at www.doubleverify.com.

¹ eMarketer, “US Connected TV Advertising 2021,” 2021
² Statista, “Connected TV advertising spending in the United States from 2019 to 2025,” 2021

View source version on businesswire.com: https://www.businesswire.com/news/home/20220824005237/en/

Press:

Chris Harihar

chris@crenshawcomm.com

Source: DoubleVerify

FAQ

What is the new variant of the LeoTerra fraud scheme discovered by DoubleVerify?

The new variant spoofs IoT devices like smart refrigerators and watches to hide fraudulent activities.

How much has the LeoTerra scheme cost advertisers this year?

The latest variant of the LeoTerra scheme has cost unprotected advertisers approximately $10 million.

How many devices have been spoofed by LeoTerra in the first half of 2022?

LeoTerra has spoofed over 92 million devices in the first half of 2022.

What is the projected growth of Connected TV advertising spending?

Connected TV advertising spending is expected to grow to $27.5 billion by the end of 2025.

What role does DoubleVerify's Fraud Lab play in tackling ad fraud?

DV's Fraud Lab continuously detects and analyzes new ad fraud schemes, updating protection for its clients in real-time.