About $15m in advertising booked to appear on millions of smart TVs was never seen by anyone, says Oracle

Yes, Oracle the database giant. 2020 keeps on being 2020

Oracle on Thursday said it has uncovered the largest fraud campaign yet targeting businesses booking advertising in video streams showing on so-called "smart" televisions.

The campaign, dubbed StreamScam by Oracle, supposedly exploited Server-Side Ad Insertion (SSAI) technology, used to inject ads into video streams, by generating records that ads had been displayed (ad impressions) without actually presenting any ads to anyone. Who exactly was behind this fraud is not yet clear, and still said to be under investigation: it could be crooks paid to artificially inflate ad impressions, or could be someone involved in brokering the ads to ensure ad impression targets are met one way or another. Due to the complexities of digital advertising, it can be hard to determine.

Whoever they are, in just four months the scammers are estimated to have conjured up almost $15m worth of fraudulent billings to advertisers without providing anything in return, based on a cost-per-thousand impressions (CPM) of $20, Oracle told The Register. We understand the final amount billed may be reduced upon audit.

StreamScam, Oracle claims, spoofed more than 28.8 million valid IP addresses associated with US households, affecting 3,600 apps and 3,400 connective TV devices, which include products like Apple TV, Amazon Fire TV, Google TV, Roku, and Samsung Tizen Smart TV. That's an order of magnitude more than the largest previously detected connected TV ad fraud campaign, ICEBUCKET, spotted in April, which involved two million spoofed household IP addresses.

Oracle's cloud business operates an analytics service called Moat that companies use to measure digital marketing. The enterprise database giant said that while making such measurements, it discovered that those behind the scam had created a server network that sends ad impression events to its Moat service and to advertisers without sending ads or video content to anyone.

"They forged household IP addresses, app IDs, and device IDs in the measurement events to make it appear that ads had played in those environments when in fact they did not," Oracle said in a blog post.


Ad-scamming, login-stealing Windows malware is hitting Chrome, Edge, Firefox, Yandex browsers, says Microsoft


Mark Kopera, head of product for Oracle Moat, told us the identity of the perpetrators is unknown. "We’re actively working with our industry partners to further research and attempt to determine the source of fraudulent activity," Kopera told The Reg.

Kopera expects connected TV ad fraud to grow. "Server-Side Ad Insertion (SSAI)-based fraud is a complicated challenge, as StreamScam demonstrates, and we believe it will grow quickly until our industry adjusts its defenses to address it," he said. "We plan to work closely with our peers across the industry to better understand this threat and the most effective tools to block it."

Last month, Cheq, an anti-fraud biz, published a report claiming that losses from digital advertising fraud ($35 billion) are now greater than global annual credit card fraud ($27 billion), despite the fact that the $333bn digital ad market is a tenth the size of the $3.32tr credit card market.

Cheq estimates that about 10 per cent of all digital advertising revenue is lost to fraud. Compare that to the 0.008 per cent rate of credit card fraud.

For certain market segments like paid programmatic advertising, some have argued that roughly half of the ad impressions are fake. Caveat emptor. ®

Broader topics

Narrower topics

Other stories you might like

  • Running Windows 10? Microsoft is preparing to fire up the update engines

    Winter Windows Is Coming

    It's coming. Microsoft is preparing to start shoveling the latest version of Windows 10 down the throats of refuseniks still clinging to older incarnations.

    The Windows Update team gave the heads-up through its Twitter orifice last week. Windows 10 2004 was already on its last gasp, have had support terminated in December. 20H2, on the other hand, should be good to go until May this year.

    Continue reading
  • Throw away your Ethernet cables* because MediaTek says Wi-Fi 7 will replace them

    *Don't do this

    MediaTek claims to have given the world's first live demo of Wi-Fi 7, and said that the upcoming wireless technology will be able to challenge wired Ethernet for high-bandwidth applications, once available.

    The fabless Taiwanese chip firm said it is currently showcasing two Wi-Fi 7 demos to key customers and industry collaborators, in order to demonstrate the technology's super-fast speeds and low latency transmission.

    Based on the IEEE 802.11be standard, the draft version of which was published last year, Wi-Fi 7 is expected to provide speeds several times faster than Wi-Fi 6 kit, offering connections of at least 30Gbps and possibly up to 40Gbps.

    Continue reading
  • Windows box won't boot? SystemRescue 9 may help

    An ISO image you can burn or drop onto a USB key

    The latest version of an old friend of the jobbing support bod has delivered a new kernel to help with fixing Microsoft's finest.

    It used to be called the System Rescue CD, but who uses CDs any more? Enter SystemRescue, an ISO image that you can burn, or just drop onto your Ventoy USB key, and which may help you to fix a borked Windows box. Or a borked Linux box, come to that.

    SystemRescue 9 includes Linux kernel 5.15 and a minimal Xfce 4.16 desktop (which isn't loaded by default). There is a modest selection of GUI tools: Firefox, VNC and RDP clients and servers, and various connectivity tools – SSH, FTP, IRC. There's also some security-related stuff such as Yubikey setup, KeePass, token management, and so on. The main course is a bunch of the usual Linux tools for partitioning, formatting, copying, and imaging disks. You can check SMART status, mount LVM volumes, rsync files, and other handy stuff.

    Continue reading

Biting the hand that feeds IT © 1998–2022