How AI is reshaping the dynamics of ad fraud

While AI assistants like ChatGPT and DeepSeek offer many benefits, their popularity has fuelled the proliferation of AI-powered web crawlers used to gather data for large language models, contributing to a significant increase in invalid web traffic.

New research from measurement giant DoubleVerify (DV) found an 86% year-over-year increase in General Invalid Traffic (GIVT) rates in late 2024, which they attribute to the rise in AI-powered crawlers and scrapers. While GIVT lacks malicious intent, it can distort campaign metrics, inflate impression counts, and undermine trust in the digital advertising ecosystem. 

"The surge in GIVT has significant implications because, if unidentified, it distorts campaign metrics, inflates impression counts, and raises concerns about discrepancies," says Conrad Tallariti, managing director, APAC, DoubleVerify. "This compromises the accuracy in campaign performance measurement, making it harder to assess genuine audience engagement."

DV data showed that a record 16% of GIVT from known-bot impressions in 2024 were generated by those that are associated with AI scrapers, such as GPTBot, ClaudeBot and AppleBot. 

"While GIVT is excluded from billable activities, inflated campaign metrics can still cause confusion and discrepancies, reducing overall trust in the ecosystem," adds Tallariti. "Accurate detection and filtration are essential for maintaining trust and transparency in digital advertising; this is why DV has endeavoured to be the first verification company to offer pre-bid avoidance for GIVT, helping advertisers avoid GIVT wherever supported by media-buying platforms." 

Ad fraud has reached unprecedented levels

Moreover, there has also been a sharp rise in AI-powered Sophisticated Invalid Traffic (SIVT) schemes. Unlike GIVT, SIVT schemes are intentionally designed to evade detection. Fraudsters use SIVT schemes and intentionally disguise themselves as human visitors, making tactics more damaging for advertisers. For example, SIVT can be caused by scrapers that conceal their nature by hiding behind seemingly benign user credentials.

"Fraudsters have become highly skilled at using AI to create bots that closely mimic human behaviour, making them difficult to detect," says Matt Sutton, CCO at TrafficGuard. "These bots are able to generate large volumes of ad impressions and clicks that mirror and mimic human interactions in real time. This creates the illusion of high volume, genuine traffic performing in human ways, deceiving advertisers into believing their campaigns are performing well." 

Sutton ads that the sophistication of ad fraud has reached unprecedented levels, with fraudsters leveraging advanced AI tools to exploit vulnerabilities.

"Everyone is aware of the phenomena of click farms, this can now all be automated and orchestrated using generative AI that evolves where, when and how automated scripted traffic is being generated and how it behaves," says Sutton. 

Other emerging trends in ad fraud include sophisticated domain spoofing bots that can splice together non-existent URLs, making fraudulent sites appear legitimate. Bots are also being used to scrape websites, which can be exploited for competitive advantage or other malicious purposes. 

"At TrafficGuard we have also seen a huge rise in how applications using AI are being used to scrape websites for information on deals and promotions, which can be exploited by competitors or for other malicious purposes," says Sutton. "In addition, applications using AI can complete actions within apps, such as making purchases, further complicating the detection of fraudulent activity. Malvertising, which involves injecting malicious ads into legitimate advertising networks as they grow, is another tactic used to target specific devices with malware."

Detecting ad fraud

However, just as fraudsters are exploiting AI tools to create more convincing and scalable fraud schemes, verification companies like DoubleVerify and TrafficGuard are leveraging AI to identify the constantly evolving landscape of bots and their sophisticated behavioural nuances. 

"We use machine learning algorithms to capture and analyse vast amounts of data in real-time, enabling us to detect patterns indicative of fraudulent activity," says Sutton. "Detecting ad fraud is a constant game of cat-and-mouse and as bad actors increasingly leverage AI to evade detection, in turn our machine learning and generative AI models continue to evolve to identify new anomalies in advertising traffic that become new, known ad fraud techniques."

However, Dr Augustine Fou, an independent cybersecurity and ad fraud researcher, disputes the rise of AI-powered ad fraud, saying that ad fraudsters are not using AI, or AI agents that can buy stuff for you, to enhance SIVT fraud schemes, because it's entirely unnecessary. 

"Simple bots are already enough to bypass the fraud detection of the largest two legacy verification vendors," claims Fou. "Ad fraudsters don't need the expense or hassle of AI to accomplish the ad fraud, as has been the case for the last 15 years."

He adds that ad fraudsters were using simple python code to remix plagiarised content (text and images) for their Wordpress-templated sites more than 15 years ago. 

"We just didn't call it AI back then. That's how they could create 100s of thousands of fake websites so easily," says Fou. "Ad fraudsters were using simple JavaScript code to fake mouse movements on the page to defeat fraud detection."

He remains unconvinced that machine learning and AI systems are being used to combat evolving ad fraud schemes. 

"Neither of the legacy fraud detection vendors can catch even the simplest bots, including ones that declare themselves as bots. So they are definitely not catching slightly more advanced bots," he says. "Also, when these vendors claim they are using AI to catch fraud, it's basically marketing materials and PR. Good guy's AI will always lag behind bad guys' AI, just like good guys detection algorithms have always lagged behind bad guys' algorithms designed to help them evade detection."

Yet Tallariti at DoubleVerify argues that a comprehensive and cohesive strategy is critical to combat SIVT and GIVT, especially as AI introduces more campaign sophistication. 

"Advanced verification tools are essential; pre-bid filtering can help block invalid traffic before ad spending is committed, while post-bid monitoring can identify fraudulent activity that bypasses initial defenses," says Tallariti. "Optimising campaign settings is equally important—enabling GIVT and SIVT blocking while refining targeting criteria helps avoid high-risk traffic."

Additionally, Tallariti recommends that regular analysis of campaign data can help in detecting anomalies, such as sudden spikes in clicks or impressions, and predictive analytics can forecast emerging fraud trends to inform proactive adjustments. "By combining these strategies, advertisers can combat both GIVT and SIVT, reduce wasted ad spend and maintain the integrity and performance of their digital campaigns."

Emerging AI ad fraud trends

Meanwhile, Geoff Stupay, VP of strategy at Human Security, says critical ad fraud trends are emerging that advertisers need to be particularly vigilant about, especially as AI technologies continue to advance. 

"Generally speaking, we anticipate that AI will make attack orchestration easier for fraudsters," says Stupay. "With advancements in agentic AI, it can now orchestrate broader attacks against systems and the internet as a whole. A sufficiently advanced system should realistically be able to run a suite of tests or tools to check for vulnerabilities and then make subsequent decisions based on the results of those tools, emulating a process that a human attacker may take."

Furthermore, in the connected TV (CTV) space, Stupay says they are seeing a significant surge in fraudulent activity that correlates directly with the channel's continued growth. The combination of high CPMs and signal-limited environments make CTV an increasingly attractive target for sophisticated fraud operations. 

"What makes this particularly concerning is that CTV fraud rates are consistently tracking 2-3 times higher than traditional desktop and mobile channels," says Stupay. "This elevated risk is largely due to fundamental infrastructure challenges: the lack of standardised device-level attestation tools and persistent gaps in SSAI verification capabilities."

Stupay explains that both CTV and audio share a common technical vulnerability that fraudsters were actively exploiting.

"Both CTV and audio have the inability to execute JavaScript and lack of direct device access," says Stupay. "These limitations create significant blind spots in verification processes, making it easier for bad actors to manipulate inventory and inflate impressions."

Buy from real publishers

However, rather than invest in advanced verification tools to mitigate the increasing sophistication of AI-driven ad fraud schemes, Fou argues that advertisers instead just need to buy direct from real publishers with real human audiences (as opposed to large quantities of ads through programmatic ad exchanges).

"If you've never heard of a website or app before, most likely other humans have not either. So those sites will not have mass audiences of humans," says Fou. "Similarly, if you've never heard of a mobile app before, those mobile apps should not be generating massive quantities of ad impressions for you to buy. If you just look more closely, you can see the obvious fraud to avoid. Advertisers are starting to do this and dispensing with the legacy verification vendors who have failed to detect more than 1% of the fraud for the last decade straight."

Fou argues that some of the top verification vendors are public companies and their top priority is to increase revenues and profits. 

"The best thing advertisers can do is turn off fraud detection (pre-bid blocking and filtering, post-bid detection) so they can see there is no change," adds Fou. "They should also ask the vendors to explain why they marked something as fraudulent or why they failed to detect even the most simple of bots. This should help inform advertisers that they have been wasting money on fraud verification for years."

However, Sutton at TrafficGuard maintains that much like the scourge of phishing emails, the industry must accept that AI bots are here to stay.

"As AI becomes more capable and accessible, the threat of AI-driven bots stealing ad budgets will become more acute," says Sutton. "Advertisers no longer have the luxury of ignoring ad fraud and need to implement systems that protect them from this activity."