A little more than a year after DoubleVerify revealed it had detected the first large-scale ad impression fraud scheme to target digital audio inventory, it says it has turned up another. DV’s Fraud Lab has discovered a new fraud called FM Scam, whose users falsify audio traffic using dedicated servers.
DoubleVerify says perpetrators can also spoof a wide range of devices typically used for playing audio content. The result is the fraudsters are able to blend their invalid traffic with legitimate traffic in attempts to remain undetected. DoubleVerify estimates the fraudsters behind the scheme have already spoofed more than 500,000 devices, including audio players, mobile phones, tablets, connected TV devices, smartwatches and, for the first time, smart speakers. In March 2024 alone, FM Scam spoofed over 500,000 devices, according to DoubleVerify.
The money-making part of the scheme comes in when fraudsters auction their invalid traffic through supply-side platforms (SSPs), exchanges and ad networks. DoubleVerify says its analysis indicates that FM Scam generates up to 100 million ad requests monthly. It says that in addition to defrauding advertisers, the scammers are also impacting the yield of quality audio sellers by siphoning money away from legitimate audio channels.
“Audio is rapidly becoming a lucrative target for fraudsters,” said Jack Smith, Chief Innovation Officer at DoubleVerify. “The range of players and devices used to stream audio content sets this environment apart from other media types.”
DoubleVerify’s Fraud Lab — which is made up from a dedicated team of data scientists, mathematicians and analysts — discovered FM Scam by using a proprietary combination of AI-powered technology and human review. It is the same team that first discovered the BeastSting scam last year, which was the first time a major invalid traffic scheme aimed at audio traffic had been discovered.
One reason fraudsters are focusing on digital audio is it is becoming a bigger business. During the peak of both schemes, DoubleVerify says the combined financial impact on unprotected advertisers exceeded $1 million in spend monthly.
“Fraudsters tend to focus on emerging media, like audio, that attracts advertising investments but lacks comprehensive measurement standards,” Smith said.
The latest fraud works a bit differently, according to DoubleVerify. FM Scam blends in with legitimate traffic by mimicking the behavior of a typical continuous ad session. Unlike BeatSting, which switches between devices after generating a certain number of impressions, FM Scam creates longer, uninterrupted sessions. This randomizes the traffic pattern to appear more human-like, as opposed to delivering a consistent, fixed amount of impressions across devices.
When FM Scam emerged, the Fraud Lab quickly tied IP addresses used by the attack to a CTV scheme first detected in 2019. Some IPs were also associated with various malicious activities, including the spread of malware. The DV Fraud Lab immediately mitigated FM Scam’s attacks and has been continuously shutting down new variants of this scheme leveraging a proprietary combination of AI-powered technology and human review.
Download DoubleVerify’s report on FM Scan HERE.