Link to home

News from the open internet

Office Hours

What the Tech is domain spoofing?

What the tech is domain spoofing?

Whenever there’s lots of money to be made in an industry, there are bound to be some bad actors who try to take advantage, and the digital advertising industry is no exception.

Fraudulent activity can range from the minor (such as publishers that have poor viewability standards) to the egregious (such as publishers creating sham websites for the sole purpose of selling ads that will likely never be seen by consumers). One of the most common schemes on the egregious end of the spectrum is domain spoofing, which is when websites are designed to look like legitimate publishers but only exist to sell fraudulent ad inventory.

To help you understand what domain spoofing is, how it works and why it’s a major issue for advertisers, we’ve assembled this explainer.

What is domain spoofing, exactly?

What makes domain spoofing so insidious is that to the untrained eye, a domain-spoofing website appears to be entirely legitimate.

In domain spoofing, a scammer will design a website that resembles the website for a reputable publisher, even using a URL that closely mimics the reputable publisher’s domain. The faulty domain might have an extra letter or number added or have a different URL extension (“.co” or “.org” instead of the more common “.com”). The domain-spoofing website will have all the appearances of a trusted web publisher, and if you don’t notice the subtle difference in the URL, you might never know it’s illegitimate.

Most people have experienced something similar in the realm of spam emails. For example: You receive an email stating that you have an unpaid bill and that you need to send money immediately through PayPal. Upon closer inspection, you find that the email didn’t come from PayPal, but from a fraudulent email address whose name and registry are similar to PayPal’s. This is referred to as email spoofing.

Domain spoofing is the same concept, but with websites.

How does it work?

In some cases, domain spoofing exists to distribute malware to consumers or to sell them an illegitimate product. A consumer visits a domain-spoofed consumer-review website, for instance, that extolls the virtues of some breakthrough health supplement. Problem is, the spoofed website was created by the company selling the product, and only appears to look like an objective third-party publisher.

Other domain-spoofing scams try to make money off of advertising. By creating a page that appears to be legitimate, a domain spoofer can trick marketers into buying ads on its page. Because these websites seem valid, domain-spoofed websites are often able to attract a fair number of visitors, allowing them to accrue substantial advertising revenue.

Why is this an issue?

Because it’s a bad experience for the consumer and it’s wasted ad spend for the advertiser. While domain spoofing has been noted as a threat for several years, it was recently in the news when advertising transparency vendor Adalytics called out Forbes for running a made-for-advertising (MFA) site as a subdomain. Advertisers were none too happy.

Domain-spoofed websites are often overloaded with ads — more than the average consumer would care to tolerate and more than any advertiser would care to be associated with — to maximize revenue for the scam website.

Even if the consumer experience isn’t terrible, advertisers don’t want to spend their budgets on spammy websites. They’d rather place their ads with reputable publishers, where they know their advertising will provide a positive experience for the consumer and have a positive effect on their brand perception.

Is domain spoofing the same as a made-for-advertising website?

Good question. And not exactly. Most domain-spoofing websites are also MFA sites, but not all MFA websites involve domain spoofing.

MFA is a broad term to describe websites that offer little to no value to consumers and whose only purpose is to generate ad revenue. MFA sites include all kinds of shady ad tech behavior, such as pixel stuffing, click fraud and domain spoofing. Domain spoofing is one example of an MFA scheme.

How do advertisers address the issue?

One of the best ways to combat domain spoofing, and all other kinds of ad industry chicanery, is through supply-path optimization (SPO). (If you want to go deeper on SPO, the Edge Academy has a whole lesson on this.)

Domain spoofing works because the ad delivery process is so complex. It can be hard to spot a domain-spoofed URL when sifting through billions of pieces of individual ad inventory available on the various ad networks and buying platforms that make up the digital media ecosystem.

SPO can help solve this problem by bringing buyers and sellers closer together, and giving marketers a clearer idea of where their ads end up thereby minimizing extraneous fees. In using SPO, marketers are much less likely to engage with a domain spoofed website and thus much less likely to waste their ad spend — no matter how convincing the domain spoofing is.