- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
Network World - Rogue web plug-ins that inject their own content over the top of legitimate ads are still in widespread use by unscrupulous advertisers – and Google, Yahoo and other major networks are keeping them in business, according to a recent study.
An ad injector is usually installed on an end-user’s computer as part of a bundle in a free software download, according to Harvard Business School associate professor Ben Edelman and the founder of fraud detection service iPensatori, Wesley Brandi. Once active, the injector can modify the way the user’s browser displays web pages, allowing advertisers to slap their own content onto any website they want – even if it blocks out existing ads or violates a site’s ad policies.
[MORE GOOGLE: Google fixes lengthy, widespread Gmail malfunction]
The companies behind the injectors have substantial advantages over legitimate advertisers, the authors noted – injected ads tend to rate well on click-through and conversion analytics, and the fact that the injectors don’t have to spend any money creating content of their own makes them even more profitable.
Moreover, the complexity, automation and large number of intermediaries present in the online ad market mean that it can be difficult to detect injector traffic, which means that both those intermediaries and the advertisers themselves may inadvertently contribute to the problem.
“For example, if traffic flows from an injector to intermediary A to B to C to D to an advertiser, the advertiser may never be told that it is actually buying injector traffic rather than (or in addition to) placements in genuine web sites,” the study said.
Mainstream exchanges, advertisers and networks generally claim that they do not do business with injectors – but Edelman and Brandi found that this claim is frequently untrue. The authors’ observations of Google, Yahoo, AppNexus and Advertising.com, among many others, demonstrated that they do indeed handle injector traffic.
“Our data reveals a stark disconnect between advertising industry claims and actual practices,” they wrote.
Speaking to Network World, Edelman urged ad exchanges to take a firmer stand against injectors, characterizing the practice as “stealing from publishers.”
“There are more things they could be doing,” he says. “One, having an official policy. Two, bringing that policy to everyone’s attention – any ad network selling any inventory through a Google ad exchange or an AppNexus ad exchange, they’re privy to all kinds of terms and conditions.”
While the sums of money involved in ad injection likely don’t mean much to Google – court filings show that one major ad injector called Sambreel was taking in about $8 million a month as of November 2011 – they’re hardly small potatoes to most other companies.
“This is still just an annoying flea to Google, it’s not an important part of their business. But to an advertiser, it can be very important,” Edelman says.
Google had not responded to requests for comment at the time this article was published.
Email Jon Gold at email@example.com and follow him on Twitter at @NWWJonGold.
Read more about security in Network World's Security section.