The Cat-And-Mouse Game: How AI Powers Both Ad Fraud and Its Detection

In online advertising, it’s only getting harder to know who’s actually looking at what. The digital marketing ecosystem operates on impressions and clicks, generating micro transactions each time someone views or interacts with an ad. A few cents per banner ad served or a few dollars per engagement can quickly accumulate depending on the size of the “audience”.

The problem? Fraudsters armed with artificial intelligence (AI) are skewing these metrics, damaging campaign effectiveness, and generally muddying the marketing waters. Unfortunately, we don’t need to look too far in the past for notable examples.

A massive ad fraud network was uncovered in September involving hundreds of malicious apps that co-opted personal smartphones across the globe. Users downloaded apps that looked legitimate but secretly launched browsers to navigate to scammer-controlled domains. From here, backed by bots that closely mirror human behavior, the scammers simulated authentic ad engagement. At the height of the scheme, users unknowingly generated more than two billion fraudulent ad impressions and clicks daily, delivering a payday for the fraudsters and wasted marketing investment for the advertisers.

AI applications like this accelerate ad fraud and leave traditional detection models struggling to keep up. For this reason, fraud detection platforms are increasingly using algorithms to fight fire with fire. These defensive systems analyze behavioral patterns across millions of data points – mouse movements, scroll patterns, session duration – to distinguish between legitimate and illegitimate users in real-time.

We’re essentially entering an ad fraud arms race between malicious and defensive AI, a cat-and-mouse game where the efficacy and trust of digital marketing hangs in the balance.

The what and the why of ad fraud

This isn’t a new problem in the world of online advertising. The economic structure of digital ads – with engagement translating to payment – is a tempting proposition for bad actors. For years, they’ve capitalized on turning fake clicks into real cash, and they’re only getting better at it.

Ad fraud is now the biggest fraud globally – bigger than credit card fraud – with Juniper Research reporting marketing losses of more than $84B in 2023. This loss is projected to inflate to more than $170B by 2028, accounting for roughly one in every five dollars of ad spend.

There are a few ways ad fraud happens. Typically, it involves fake clicks on paid ads to collect inflated payouts. Other times, the incentive is to leverage fraud-as-a-service and drain competitor budgets. Fraudsters do this by generating huge volumes of spoofed or made-for-advertising websites, embedding banner or video ads that are often invisible to the human eye, and then directing click bots to engage with them. Another method, as we saw in September, involves malware embedded in apps and browser extensions to remotely click ads without user knowledge.

The consequences extend beyond wasted budgets since distorted ad data sullies strategic decisions. Worse still, AI only ups the ante of what this problem looks like. Modern click bots equipped with natural mouse movements, realistic time-on-page patterns, and human-like engagement sequences are much harder to catch. These autonomous systems operate across distributed networks and enable fraudsters to orchestrate millions of coordinated interactions.

Fighting AI attacks with AI defenses

Fraudsters are only refining their offensive strategies with technology, and marketers have little choice but to do the same. The good news is that emerging strategies and platforms are making this possible at scale.

AI-trained models are proving essential for analyzing behavior. Biometrics like mouse movement velocity, scroll patterns, and keystroke dynamics – micro-behaviors that even sophisticated bots struggle to replicate authentically – are telltale signs of inauthenticity.

Likewise, smart solutions can examine device evolution over time, flagging fraudulent operations that lack organic patterns. And, advanced platforms deploy network graph analysis to map relationships between IP addresses and user agents. This exposes coordinated bot networks even when individual requests appear legitimate on their own.

These systems continuously adapt to new fraud tactics by analyzing millions of interactions, blocking threats in real-time and often before advertisers are charged. This proactive approach is a promising way to effectively weed out bot farms, competitor clicks and malware-infected devices, with Juniper Research reporting that fraud mitigation platforms will help to prevent $47B in ad fraud losses by 2028.

The new normal of digital marketing

I’ve worked in marketing for more than two decades and never seen anything like this before. AI is a productivity boon for ad fraudsters across the board, allowing smaller teams to launch bigger, more creative, and more expensive attacks. Even click farms that thrive on fake comments and reviews are getting an efficiency boost with generative tools that clean up messages in “broken” English.

This is the new marketing normal and companies need to better protect themselves. It’s worth noting that platforms like Google reimburse some invalid clicks but they don’t catch everything. Our internal data and experience with customers suggest that manually submitted refund requests have an approval rate of about 10%. From there, about 30-50% of the requested refund amount is approved. This helps, certainly, but marketers are better off preventing fake clicks and ad fraud before they happen.

Fraudsters are ahead but defenses are catching up quickly, leading to this ongoing game of ad fraud cat-and-mouse. Bad actors have a slight advantage because they adopted first without considering ethics or compliance. Marketing, on the other hand, must adapt to these constraints while improving how it monitors ecosystems and confirms legitimacy.

This game won’t be won in a single breakthrough but through constant vigilance, innovation, and collaboration. As fraudsters develop smarter attacks, advertisers must match their pace or risk losing billions more to schemes that undermine digital marketing’s effectiveness as a whole.