August 19, 2010
For those who aren’t aware of it, I have a background in Cybercrime and Law Enforcement – before even working in interactive advertising, there was a time where I was devoted to catching cybercriminals and kiddie porn traffickers.
There is still a part of me that always wants to catch the bad guy and put him in jail – and have even while working in this Industry been involved in catching fraudsters and criminals, and have put a few of them back in jail. However, it’s come to my attention that there might be something even more devious happening in the industry: the very real possibility that interactive advertising fraud is helping to fund terrorism.
During my time running a display ad network, there was a constant influx of people submitting websites to our reviewers that looked like legit websites. They would often copy websites, change a few things – many times it was obvious, sometimes it was pretty damn convincing. Using proxy servers, they’d apply using a US IP address and real postal address.
For those who weren’t trained in noticing “little problems” in the websites, it would easily seem that they were actually showing advertising on a legit, highly trafficked website. After a month or so, when the site was making money, they would often then change the pay information on the website to another address, or request a wire to an offshore bank account – hoping that some companies would be too busy to notice or even think twice about it. More than once during my time, the new address was in China, or worse in a country with extensive terrorist ties, including Pakistan, Libya or Syria. Every major network, whether it is display or affiliate based has similar stories.
There is already significant information that terrorists use the internet for much of their activities, including to recruit, organize and learn. Those “in the know” in Cybercrime can tell you that there are already well known links to terrorism and botnets.
The American Federation of Scientists, in a report prepared for Congress, points out that current cybercrime rings have ties to both drug dealers and terrorists. The FBI has long acknowledged that terrorists are using botnets in order to attempt to disrupt the infrastructure of the United States.
Botnets have been traced back to the middle-east several times, their complexity growing yearly. The ties to organized crime are well documented and since many of these criminals have no qualms about who they work with, it is easy for them to provide support and training for terrorist groups. Different types of wire fraud, credit card fraud, phishing and other scam mechanisms have been tracked back to terrorists over and over again. Similarly, these methods have been tracked to interactive advertising fraud – which often provides a “legit” method of cash flow, through paid advertising.
Interactive advertising is always vulnerable to fraud. Without standard checks and balances, many companies rely on their own knowledge (or lack thereof) and poorly trained staff who haven’t the foggiest idea of how to detect fraud.
Companies that provide turnkey products for anyone to create a banner network or affiliate program allow almost anyone with a computer and a few thousand dollars the ability to make a new company. With the complexity of the schemes, even those with basic training can often be fooled by proxy-ip situations that make it look like real people are viewing advertising, clicking on the ads and often even buying products.
Anyone who has run a network knows that fraudsters are often applying to networks at an alarming rate, getting hundreds of applications from people that don’t pan out to be real. Since it costs almost nothing to run these schemes and defraud, even if a small percentage of these scams are not caught, hundreds of thousands of dollars a week can be sent to scammers…and into the hands of possible terrorists.
There is another problem here that makes this even worse. As we all know, there are some companies in our industry that while they themselves might not be committing fraud (or claim they are not), they are very much lenient on the type of fraud that occurs under their watch.
For years I sent notices to various ad networks showing them extreme examples of fraud occurring in their network, and many of them did not seem to care or take notice. For them, often small businesses, turning off a publisher account that makes them thousands of dollars a day seems like a bad idea, so they ignore the fraud. When fraud occurs, they take the attitude “if no one complains too much, especially the advertiser” then why do anything about it?
I have argued over and over again that they are just as complicit in the fraud. I now have a much greater case against them – in cases like this, where they don’t take action, they are helping to fund terrorist cells and groups.
If we can’t “prove” that the money is directly going to terrorism or turn a blind eye to the possibility, it’s only because much of the industry refuses to connect the dots. If checks are being cut and wires being sent, based on fraudulent activities, to countries that have ties to terrorism, then it’s very likely the money is making its way into the hands of terrorist organizations.
It is not a huge leap to reach the conclusion that some part of online advertising in the US is funding terrorism. If you think that the money is going into those countries to fund after-school daycare programs, or to help feed the poor, you’d be sadly mistaken.
Terrorist cells in those countries are engaged in many types of crimes, ranging from drug growing to arms dealing, all to fund their desire to destroy the “western world.”
We have a responsibility as an industry not only to prevent fraud for the industry, but for the greater good. Fraud of this kind doesn’t just hurt your clients, and eventually your business, but could be hurting many people in a real, tangible way. I even had a friend, who is a recognized expert in Affiliate marketing tell me that he knows of Affiliate networks that send checks to Iran, Syria, Pakistan knowing “full well what they are tied to.”
I urge the industry as a whole to look at these issues and examine them. I urge the IAB and the DMA to address the overwhelming issues of fraud in our industry and the need for the industry to make changes that prevent not only the fraud, but prevent the money being used to fund terrorism.
Maybe a decade ago, such thoughts would be considered the rants of a crazy guy. Now, with all we have learned, and with the giant leaps in technology and the well-documented connections of cybercriminals to terrorist organizations, we need to open our eyes… if only a little bit.
In perhaps the fastest growing industry ever, one person has made a name for himself as a leader and innovator. Pace Lattin, the publisher of the top newsletters in new media and online advertising, is one of the inventors of many of the technologies and methods that have become standards in the industry. He has been called many things, including a rabble-rouser, a guru, an innovator and a watchdog — but one thing stays the same: he is one of the most interesting leaders and commentators in the online advertising industry. Marketing Sherpa, a leading marketing research publication called him the most influential journalist in online media for a reason. IndustryPace.com