Invalid traffic is defined as traffic that is not generated from a real user or from genuine interest. Fake traffic might be another way to conceptualize it. This is yet another term in the modern day’s growing cybersecurity vernacular. Let’s demystify what exactly is invalid traffic and the different types of invalid traffic. Spoiler alert: not all invalid traffic is bad, in fact, some serve a genuine and beneficial purpose. However, when it does become an issue is when results in fraud, such as mobile ad fraud. We’ll delve into those topics too.
What is General Invalid Traffic (GIVT)
The least harmful form of invalid traffic is general invalid traffic (GIVT). This traffic is not intended to be malicious or fraudulent and is generally conducted by known industry bots and web crawlers from benign sources. Of course, this definition and usage could change in the future. The most common forms are search engine crawlers, data centers, or proxy traffic coming through a virtual private network (VPN). GIVT does not simulate human behavior and generally does not generate fraudulent revenue, thus, it is currently not categorized as fraud or mobile ad fraud.
However, there can be several potential negative impacts from GIVT if not monitored and accounted for accurately. For example, not accounting for this increased invalid traffic can altere publisher data, and affect their measurement analytics. For example a sharp increase in website traffic might seem like the result of hard work and SEO, however, it might actually be due to GIVT traffic such as web crawlers.
Luckily, GIVT traffic patterns are easily identifiable due to their simplistic nature and can often be filtered out. Such filtration methods can be regularly using lists and/or standardized parameter checks.
What is Sophisticated Invalid Traffic (SIVT)
As one might guess, sophisticated invalid traffic (SIVT) is more sophisticated and therefore, more difficult to detect. The general calling-card of SIVT is that it is a genuine attempt from fraudsters to generate revenue through fraudulent traffic. As such, the patterns of SIVT tend to be more difficult to detect as it often avoids generating simple patterns that may raise a red flag.
This is an evolving form of traffic, as fraudulent traffic is constantly being updated to evade detection. Thus, detection, analysis, and prevention requires multi-point corroboration/coordination, sophisticated analytics, and substantial human resources.
Different Types of SIVT
SIVT can take many varied forms that often lead to different types of ad fraud, such as mobile ad fraud. Additionally, fraudsters constantly evolve to evade detection. Some common forms and methods of SIVT include adware, malware, spiders and bots that mimic human traffic, fraudulent incentivized promotional traffic, hijacked devices and sessions, invalid proxy traffic, falsely represented sites that present themselves for legal purposes, cookie stuffing and more.
Essentially we can think of SIVT as a wide array of methods that fraudsters use in order to deceive advertisers, publishers, MMPs and ad networks into seeing the fraudulent traffic as genuine. This often leads to mobile ad fraud, attribution fraud, and other cybersecurity threats. Such invalid traffic has contributed to the estimated losses in H1 of 2024, which is forecasted to have cost advertisers $84 billion in 2023 according to AdFixes.
GIVT vs. SIVT: The Differences
GIVT is benign and generally harmless. The intent is not malicious, although there may be some negative effects such as altered data and potentially misled business decisions and analytics. In fact, not all GIVT is bad. Search engine crawlers, which is one of the most common forms of GIVT is the building blocks of search engines and is partly responsible for search engines being able to find your, and other websites. Thus, they perform a necessary task.
SIVT, contrastingly, is intentionally bad and fraudulent. The aim is to generate fraudulent revenue from this invalid traffic. Thus, SIVT will often attempt to mimic genuine or human traffic in order to evade detection. For this form of invalid traffic, it is best to employ third-party providers to deal with this.
Why Does Fraudulent Invalid Traffic Exist
Invalid traffic exists as people profit from it. If there was little gain, there would be little incentive. The most common incentive is the fraudulent revenue generated from ad fraud. This exists on both desktop and mobile ad formats. Often when it comes to desktop or web ad fraud, publishers may fraudulently inflate their website traffic and clicks in order to receive better ad revenue from advertisers.
Various cases have often been reported in the media. Recently The International Business Times India was caught again falsely inflating their views. Thus, there must be a considerable benefit if a branch of a reputable publication is willing to risk its brand credibility for the sake of invalid traffic. Furthermore, this risk was taken more than once. Bearing in mind, that brand credibility is the lifeblood of news-outlets. Additionally to this, numerous platforms that service web ads have policies against this, such as Google Ad-sense, and your publisher account can get banned for such activity, such as invalid traffic.
On the mobile ad fraud front, there too is much to gain. SIVT is generated in order to imitate genuine installs and post-install actions. This, of course, all leads to fraudulently generated revenue for the fraudster is successful. Some of the most common forms of mobile ad fraud are click spamming, click injection, SDK spoofing, bots, and emulators and incent abuse.
Final Thoughts on Invalid Traffic
Although many might be new to this topic, this practice is not new. Perhaps you might be a budding e-Commerce business, that is just discovering ad fraud, and wants to get a handle on it. Unfortunately, invalid traffic generators can have years of experience and results. AdAge estimated that for every three dollars spent on digital advertising, one-dollar is lost to ad fraud. Invalid traffic is responsible for a large portion of these forecasted losses. Additionally, businesses should consider GIVT when making business decisions based on such data points as web traffic, as this can be falsely inflated by bots and web crawlers.