Google-run tests found fraudulent companies selling ad space on premium websites they did not have access to, or on fake versions of real websites, as first reported by Business Insider. The fraudulent ad space was sold through programmatic ad exchanges — automated ad sales platforms — including Google's AdX, AppNexus, Oath's Brightroll, and PubMatic. (Oath is the new umbrella brand for more than 50 media and technology brands previously owned by AOL and Yahoo.)
"Some of our publisher partners have asked us for help with understanding how their brand is impacted by counterfeit inventory and the scope of the issue across the ads ecosystem," a Google spokesperson told CNBC in a statement. "These tests have confirmed how widespread of an issue this is for publishers."
Ad fraud will cost companies around the globe $16.4 billion this year, according to ad verification company Adloox. There are a variety of ways it can occur, including fake "bot" traffic to websites meant to mimic human activity or ads so tiny that they can't be seen by the human eye.
How to combat "spoofing"
The type of ad fraud Google's test was looking at is called "spoofing."
The method is used to trick ad buyers into purchasing advertising space on websites that don't exist, or that the sellers don't have access to. Because of the speed and volume of advertising online when bought programmatically, it's virtually impossible to check if an ad ran where sellers say it was supposed to run.
Google, AppNexus, Oath and PubMatic say they are actively working to fight ad fraud. One of the main initiatives they're involved in is called ads.txt, which directly fights spoofing.
Ads.txt, which is led by the Interactive Advertising Bureau (IAB) Tech Lab, is a text file where publishers list approved ad sellers. Companies can then use it to create programs to make sure they don't buy unauthorized ad space.
Spoofing and unauthorized selling is "pervasive," and ads.text can help, IAB Tech Lab general manager Alanna Gombert explained. But it must be an industry-wide effort to help defeat ad fraud, she said.
"Everyone has an equal part in cleaning the fraud," Gombert said. "The publishers have to be aware where their inventory is showing up, or their 'fake inventory.' The buyers can't take deals. If it's too good to be true, it probably is."
Programmatic platforms also say companies need to invest in their own internal technology.
"Oath has invested in proprietary technology on our buying platforms, including BrightRoll and ONE by AOL, that aims to enforce supply transparency and prevent domain spoofing across the majority of supply partners," Oath said in a statement.
"In fact, our technology blocks hundreds of millions of spoofed bid requests on a daily basis. Combined with our longtime partnership with the IAB, industry-leading third-party fraud measurement across our platforms and human review safeguards, we're fully committed to a safe, transparent supply chain for our advertiser partners."
AppNexus vice president of corporate communications Josh Zeitz told CNBC ad fraud is an "industry-wide challenge."
"We've invested heavily in detection technology that enables us to find and shut down such bad activity; ads.txt, which we are avidly promoting, is also an important technology development that will help all exchanges, including Google's AdX and AppNexus, clamp down on this type of activity," Zeitz said.
Pubmatic chief marketing officer Jeffrey K. Hirsch said the company was trying to understand where Google's data on the "spoofing" cases came from, and declined to comment on the report. However, Pubmatic is actively working on ad fraud issues, including through the ads.txt program.
"Having the IAB support this is important for the industry and we support the effort," Hirsch said. "We have many internal and third party technology solutions for monitoring fraud and a solution such as ads.txt will surely provide additional value as the transparent connection between buyers and sellers is, based on increased brand spend in digital, perhaps more important than ever."