Placement Laundering and the Complexities of Attribution in Online Advertising

A basic assumption in online advertising is that it is possible to attribute a view of a particular ad creative (i.e., an impression) to a particular web page. In practice, however, the seemingly simple task of ad attribution is challenging due to the scale, complexity and diversity of ad delivery systems. In this paper, we describe a new form of fraud that we call placement laundering, which exploits vulnerabilities in attribution mechanisms. Placement laundering allows malicious actors to inflate revenue by making ad calls that appear to originate from high quality publishers. We describe the basic aspects of placement laundering and give details of two instances found in the wild. One of the instances that we describe abuses the intended functionality of the widely-deployed SafeFrame environment. We describe a placement laundering detection method that is capable of identifying a general class of laundering schemes, and provide results on tests with that method.