Domain spoofing, what is it and how can it harm your company?
source: own elaboration
We recently wrote about Brand Safety, i.e. activities aimed at protecting the brand’s image against threats related to their online visibility, this time we want to discuss the Domain Spoofing phenomenon, which is one of the key problems that effective Brand Safety has to face. Domain Spoofing can be a whole range of online marketing scams. What does this term mean and what ad frauds fall within its scope?
What is Domain Spoofing?
Domain Spoofing is often associated with phishing, specifically its form consisting in impersonating the domains of companies or well-known brands, most often when sending mass emails, in order to encourage recipients of the message to click on the link included in it. As a result, the fraudster can gain access to the recipient’s device or get onto company servers. But this is only one form of scam that falls under the Domain Spoofing category, so we need to think about a much broader definition.
It can be assumed that Domain Spoofing is „a scam to pretend to be a high-quality website, an existing Internet domain, or a well-known brand”. For the purposes of the text below, such a general definition will be the most appropriate, as it will discuss many frauds that can be classified as Domain Spoofing.
Ad Frauds categorized as Domain Spoofing
The simplest form of domain spoofing is to replace the URL. This fraud can be found in affiliate marketing, and it consists in the fact that the publisher, during real-time bidding (RTB), declares that the ad will be displayed in a specific domain, when in fact he intends to use a different, less advantageous website. So ad will appear on a different site than the one the advertiser agreed to pay for at the time of the bidding. An example of a fake URL could be Arnazon.com pretending to be Amazon.com - a small „rn” looks like an „m”, which at first glance might not be noticed by the recipient. False publishers using this form of scam count on advertisers not checking their work, but if caught they are quickly blacklisted by publishers. Although this is an obvious scam, the traffic coming from this type of fraud doesn’t have to be useless - the recipients are still potential consumers and may be interested in the offer, although they will probably not coincide with the target set by the advertiser.
Another scam that uses the Domain Spoofing technique is the simultaneous placement of an ad on multiple domains, although the advertiser only knows about one, usually the best-quality one, in which case scammers link two (or more) websites together, the first of which is devoted to controversial content (such as gambling, pornography, extreme beliefs, etc.), which generating a lot of traffic on the website, while the other one contains valuable content, but has little site visits. It is difficult for them to attract well-known brands as advertisers, on which they can make the best profit, so they create a facade or cooperate with another, better associated website.
Of course, fraudsters pretending to be a domain can also use technologically advanced BOTs. They can make the URL of the website you are visiting look like another page, such as a well-known brand. The way it works is that malware deceives the browser about the url of the page - so it displays a different address than the real one.
Yet another type of Domain Spoofing is the placement of ads inside premium websites without their administrators knowing. Although the ad is displayed on a given site, its owners aren’t paid for it, and all profits are paid to the fraudsters.
We must also remember about the aforementioned domain spoofing related to the sending of emails. In this form of phishing, the message should appear to come from a credible source - for example, from another department in the company where the recipient works.
Less common is also the spoofing of a different IP address (internet protocol) of a comupter. Fraudsters do this to pretend to be other users or hide their true identity.
Although Domain Spoofing mainly concerns online marketing, we can also encounter it in the case of telemarketing and SMS sending. In this case, the scammer gives a fake caller ID to make the phone number appear different. Such practices are used to unfairly bypass Caller ID blockers to trick callers into answering calls that they would otherwise certainly reject, or for the recipient of the message to reply to the message or click on a link contained in it.
What are the consequences of Domain Spoofing frauds?
The obvious effect of scams using the Domain Spoofing method are much worse sales results for a given campaign - advertising messages prepared for specific recipients ultimately reach completely different people, often much less wealthy or not interested in the offer.
However, Domain Spoofing can have much more serious consequences - the goal of such actions can be to install malware or trick the user into „logging in” to his account and then copy his login and password. Such scams lead to the theft of confidential data and often even take control of a given website or hardware. The consequences for a given company can therefore be catastrophic.
After all, if your ad appears alongside inappropriate or controversial material, or simply on sites with dubious reputation, it can cause serious brand image problems. Hence, all Domain Spoofing scams are a very serious threat to Brand Safety and should be taken into account when creating its guidelines.