Get the Latest Updates from Anura
Subscribe to Email Updates
Fraudsters use all kinds of schemes to try to take more money from marketers and merchants. Over time, they have refined their fraud tactics to the point of being an art form. One such tactic that marketers and the companies they serve need to watch out for is domain spoofing.
In today’s post, we’ll cover what domain spoofing is, why it’s a threat to your online marketing campaigns, and how to prevent domain spoofing.
Domain spoofing is a fraud technique where fraudsters drive invalid traffic to an illegitimate domain and attempt to make that traffic appear as if it is coming from a trusted domain. It often involves creating a “lookalike” of a trusted or well-known website domain to trick those who see it into thinking it’s a legitimate website.
When used against consumers, website domain spoofing is usually part of a phishing attack. In such schemes, the fraudster typically attempts to trick the consumer into clicking on a malware-laden link, giving up personally-identifiable information (PII), or taking some other action that allows for further fraud.
The Federal Trade Commission (FTC) stated that it received “more than 2.1 million fraud reports from consumers in 2020.” This fraud resulted in over $3.3 billion in losses.
Of course, these figures represent all kinds of fraud and not just domain spoofing. However, it also highlights how prevalent and impactful fraud is in general in the USA.
There are a few different types of spoofing that you may see, and two of them are associated with domain spoofing:
This is when a fraudster manipulates the email domain name of their email address to make themselves look like a representative of a trusted organization.
When used against a company, the fraudster might try to pose as a trusted vendor, a higher-level exec in the organization, or a member of the accounting, HR, or IT department to try to trick a victim into giving up financial information (or other sensitive data).
Website domain spoofing is when a fraudster creates a fake website with a similar domain name to that of a trusted website to trick companies.
The website is often identical to the real one visually since it is copied from the real thing, but may be laden with malware or information-capturing forms that allow the fraudster to steal website visitor information under false pretenses.
Domain spoofing can also be used against marketers or merchants to trick them into paying premium rates for advertising space on the fake website that won’t really convert. Once the ads are up on their spoofed website, fraudsters can use bots and human fraud farms to trigger them and claim illicit revenue.
When used against marketers or merchant organizations, domain spoofing is a major problem for a few distinct reasons:
Website domain name spoofing tricks the victim into paying for advertising space that won’t really drive new business. If you fall for a spoofed website, you’ll be burning money for little to no real return on your investment.
A simple check of your online marketing performance metrics should easily reveal just how little impact the spoofed website is having on your success.
Fraudsters will try to maximize their profits from their spoofed website in a few ways. For example, they may:
These techniques can increase the ad spend you waste and delay your spoofing detection efforts until it is too late. After all, manually reviewing your conversion data takes time—especially if you’re trying to trace thousands of fake leads back to their source.
By the time you’ve realized that the leads were fake, the fraudster is likely long gone and operating under a different name with a different spoofed website (or working another type of ad fraud scheme altogether).
When you spend money on online marketing channels that don’t produce results, you waste something that is more valuable than that money—you waste your time.
While you could, conceivably, recover a portion of your money if you could find the fraudster or get the bank to reverse the charges for the fraudulently-billed ad spend, you can never get back the time you spent on that ad campaign.
During the time that the fraudster was stealing your ad budget, your competitors were putting out ads on websites with real domain authority—getting their products and services out in front of real people who were interested in their products. This gives your competitors an advantage with those consumers by letting them build an uncontested relationship.
Drawing consumers away from a service or product provider that they trust can be incredibly difficult. Unless the competitor provides a bad experience, customers aren’t likely to change to a new brand on their own. However, some studies have indicated that 72% of customers are likely to switch brands after a single bad experience, so there is a chance to catch them if the competitor messes up!
Despite the chance of converting customers if the competition messes up, it’s still better to be the first company to offer your product or service to an interested consumer. So, wasting money on ineffective ads that aren’t going to be put in front of interested consumers means losing your competitive advantage.
No company wants its brand to be associated with fraud. Falling for a domain spoofing trick can lead to a damaged reputation for the business.
For example, consumers could start to associate your ads with fraudulent, spoofed websites. In this case, they may come to believe that your products and services are fraudulent—just like the website they were found on. Even well-known companies could end up looking like they endorsed the fraudster simply by having their ads appear on the spoofed website.
Another issue that can hurt your brand reputation is if your ads are appearing next to unsuitable content. This is actually one of the reasons that Uber eventually discovered that they were losing millions of dollars to ad fraud—they received complaints about their ads appearing on questionable websites (which they had actually blacklisted).
The backlash from appearing to endorse these sites had hurt the company’s reputation. So, Uber moved to drop the marketing partners that put the ads there. After eliminating millions of dollars of ad spend, the company realized that it hadn’t seen a meaningful drop in their total monthly app installs. This indicated that the misplaced ads had been wholly ineffective for driving customer growth.
By appearing next to questionable content, ads can drive away potential consumers instead of attracting them. However, domain spoofing makes it difficult to control whether your ads appear next to suitable content. As it turns out, what you don’t know can hurt you.
So, what can you do to spot domain spoofing before you buy advertising space on a bad website (or determine if one of the websites you’re already advertising on is fraudulent)?
Here are a few quick tips for domain spoofing detection and prevention to get you started:
In some cases, a fraudster might substitute a letter in a domain name for a character or symbol that looks very similar, but isn’t the same. They may also add a number or letter where one doesn’t belong. For example, if the name ABCollectors.com is the real website name, then a spoofed version might have the name ABCCollectors.com or ABColIectors.com. In first spoofing example, an extra “C” was snuck in while the latter replaces one of the “L” letters in “collectors” with an uppercase “i” (which is very similar to a lowercase “l” in sans serif fonts.
Who owns the website and what is their email address? If the email address doesn’t match with the registered owner of the site, then it might be a spoofed website domain. For example, if a website is supposed to be owned and operated by a major entertainment company, but the email address for the owner is some random free email account, it could be fraudulent.
If you notice that all of the ads bought through a specific marketing platform or website aren’t generating results, that could be a sign of ad fraud. It helps to look at actual conversion data and not just impressions or clicks. You want to see a reasonable number of real customers come through the pipeline. If a channel claims to send you 100k leads, but not one of them completes a transaction, odds are good that there’s something wrong. This basic domain spoofing test might be reactive rather than proactive, but it’s better than missing the fraud activity entirely.
Most fraudsters get found out sooner or later. When purchasing ad space through a demand-side platform (DSP) service provider, consult with others to learn more about the marketing partner. How effective were the ads they placed? Did other companies have problems getting their blacklists honored? This information can help you avoid bad marketing partners so you can focus on more effective ones.
By logging fraudulent activity from your ad campaigns, an ad fraud solution can make domain spoofing detection almost trivial. Simply check your reported fraud sources and see which URLs have the most fraud. If one domain is providing a significant amount of fraud and few actual leads, that’s a great indication that you need to drop that domain (or the marketing partner who sold you the ad space).
Need help protecting your marketing campaigns from domain spoofing and other fraud techniques? Reach out to Anura today to learn how to prevent ad fraud while saving time and avoiding false positives.
Learn more about ad fraud and the many ways we can help in our eBook: Ad Fraud 101.
Subscribe to Email Updates