Icons showing multiple bad websites being viewed

Domain Spoofing Detection Tips to Protect Your Ad Campaigns

Fraudsters use all kinds of schemes to try to take more money from marketers and merchants. Over time, they have refined their fraud tactics to the point of being an art form. One such tactic that marketers and the companies they serve need to watch out for is domain spoofing.

In today’s post, we’ll cover what domain spoofing is, why it’s a threat to your online marketing campaigns, and how to prevent domain spoofing.

Get started with a free trial today to see exactly how much you could be losing  to ad fraud.

What Is Domain Spoofing?

Domain spoofing is a fraud technique where fraudsters drive invalid traffic to an illegitimate domain and attempt to make that traffic appear as if it is coming from a trusted domain. It often involves creating a “lookalike” of a trusted or well-known website domain to trick those who see it into thinking it’s a legitimate website.

When used against consumers, website domain spoofing is usually part of a phishing attack. In such schemes, the fraudster typically attempts to trick the consumer into clicking on a malware-laden link, giving up personally-identifiable information (PII), or taking some other action that allows for further fraud.

The Federal Trade Commission (FTC) stated that it received “more than 2.1 million fraud reports from consumers in 2020.” This fraud resulted in over $3.3 billion in losses. 

Of course, these figures represent all kinds of fraud and not just domain spoofing. However, it also highlights how prevalent and impactful fraud is in general in the USA.

There are a few different types of spoofing that you may see, and two of them are associated with domain spoofing:

1. Email Domain Spoofing

This is when a fraudster manipulates the email domain name of their email address to make themselves look like a representative of a trusted organization. 

When used against a company, the fraudster might try to pose as a trusted vendor, a higher-level exec in the organization, or a member of the accounting, HR, or IT department to try to trick a victim into giving up financial information (or other sensitive data).

2. Website Domain Spoofing (URL Spoofing)

Website domain spoofing is when a fraudster creates a fake website with a similar domain name to that of a trusted website to trick companies. 

The website is often identical to the real one visually since it is copied from the real thing, but may be laden with malware or information-capturing forms that allow the fraudster to steal website visitor information under false pretenses.

Domain spoofing can also be used against marketers or merchants to trick them into paying premium rates for advertising space on the fake website that won’t really convert. Once the ads are up on their spoofed website, fraudsters can use bots and human fraud farms to trigger them and claim illicit revenue.

Why You Need to Be Wary of Domain Spoofing

When used against marketers or merchant organizations, domain spoofing is a major problem for a few distinct reasons:

1. It Makes You Waste Your Advertising Budget

Website domain name spoofing tricks the victim into paying for advertising space that won’t really drive new business. If you fall for a spoofed website, you’ll be burning money for little to no real return on your investment

A simple check of your online marketing performance metrics should easily reveal just how little impact the spoofed website is having on your success.

Fraudsters will try to maximize their profits from their spoofed website in a few ways. For example, they may:

  • Try to drive up the cost per mille (CPM) for display ads on their site if you use impression-based bidding so they get more money faster.
  • Use bots that not only trigger impressions, but also “click” on the links and take further actions to imitate real users who are interested in your advertised products or services.
  • Hire human fraud farms to follow through on ads and fill out lead generation forms or complete transactions using stolen credit card information.

These techniques can increase the ad spend you waste and delay your spoofing detection efforts until it is too late. After all, manually reviewing your conversion data takes time—especially if you’re trying to trace thousands of fake leads back to their source. 

By the time you’ve realized that the leads were fake, the fraudster is likely long gone and operating under a different name with a different spoofed website (or working another type of ad fraud scheme altogether).

2. It Hurts Your Marketing Efforts

When you spend money on online marketing channels that don’t produce results, you waste something that is more valuable than that money—you waste your time. 

While you could, conceivably, recover a portion of your money if you could find the fraudster or get the bank to reverse the charges for the fraudulently-billed ad spend, you can never get back the time you spent on that ad campaign.

During the time that the fraudster was stealing your ad budget, your competitors were putting out ads on websites with real domain authority—getting their products and services out in front of real people who were interested in their products. This gives your competitors an advantage with those consumers by letting them build an uncontested relationship.

Drawing consumers away from a service or product provider that they trust can be incredibly difficult. Unless the competitor provides a bad experience, customers aren’t likely to change to a new brand on their own. However, some studies have indicated that 72% of customers are likely to switch brands after a single bad experience, so there is a chance to catch them if the competitor messes up!

Despite the chance of converting customers if the competition messes up, it’s still better to be the first company to offer your product or service to an interested consumer. So, wasting money on ineffective ads that aren’t going to be put in front of interested consumers means losing your competitive advantage.

3. It Hurts Your Brand Reputation

No company wants its brand to be associated with fraud. Falling for a domain spoofing trick can lead to a damaged reputation for the business.

For example, consumers could start to associate your ads with fraudulent, spoofed websites. In this case, they may come to believe that your products and services are fraudulent—just like the website they were found on. Even well-known companies could end up looking like they endorsed the fraudster simply by having their ads appear on the spoofed website.

Another issue that can hurt your brand reputation is if your ads are appearing next to unsuitable content. This is actually one of the reasons that Uber eventually discovered that they were losing millions of dollars to ad fraud—they received complaints about their ads appearing on questionable websites (which they had actually blacklisted).

The backlash from appearing to endorse these sites had hurt the company’s reputation. So, Uber moved to drop the marketing partners that put the ads there. After eliminating millions of dollars of ad spend, the company realized that it hadn’t seen a meaningful drop in their total monthly app installs. This indicated that the misplaced ads had been wholly ineffective for driving customer growth.

By appearing next to questionable content, ads can drive away potential consumers instead of attracting them. However, domain spoofing makes it difficult to control whether your ads appear next to suitable content. As it turns out, what you don’t know can hurt you.

Tips for Domain Spoofing Detection

So, what can you do to spot domain spoofing before you buy advertising space on a bad website (or determine if one of the websites you’re already advertising on is fraudulent)?

Here are a few quick tips for domain spoofing detection and prevention to get you started:

Check for Inconsistencies in the Website Domain Name

In some cases, a fraudster might substitute a letter in a domain name for a character or symbol that looks very similar, but isn’t the same. They may also add a number or letter where one doesn’t belong. For example, if the name ABCollectors.com is the real website name, then a spoofed version might have the name ABCCollectors.com or ABColIectors.com. In first spoofing example, an extra “C” was snuck in while the latter replaces one of the “L” letters in “collectors” with an uppercase “i” (which is very similar to a lowercase “l” in sans serif fonts.

Look at the Website’s Registry Data 

Who owns the website and what is their email address? If the email address doesn’t match with the registered owner of the site, then it might be a spoofed website domain. For example, if a website is supposed to be owned and operated by a major entertainment company, but the email address for the owner is some random free email account, it could be fraudulent.

Check Your Marketing Performance

 If you notice that all of the ads bought through a specific marketing platform or website aren’t generating results, that could be a sign of ad fraud. It helps to look at actual conversion data and not just impressions or clicks. You want to see a reasonable number of real customers come through the pipeline. If a channel claims to send you 100k leads, but not one of them completes a transaction, odds are good that there’s something wrong. This basic domain spoofing test might be reactive rather than proactive, but it’s better than missing the fraud activity entirely.

Consult a Third Party & Watch for News

Most fraudsters get found out sooner or later. When purchasing ad space through a demand-side platform (DSP) service provider, consult with others to learn more about the marketing partner. How effective were the ads they placed? Did other companies have problems getting their blacklists honored? This information can help you avoid bad marketing partners so you can focus on more effective ones.

Use an Ad Fraud Solution

By logging fraudulent activity from your ad campaigns, an ad fraud solution can make domain spoofing detection almost trivial. Simply check your reported fraud sources and see which URLs have the most fraud. If one domain is providing a significant amount of fraud and few actual leads, that’s a great indication that you need to drop that domain (or the marketing partner who sold you the ad space).

Need help protecting your marketing campaigns from domain spoofing and other fraud techniques? Reach out to Anura today to learn how to prevent ad fraud while saving time and avoiding false positives.

request a trial