DoubleVerify Fraud Lab discovers that, for the first time, smart audio speakers were spoofed by fraudsters
Sydney, AUSTRALIA – May 8, 2024 – DoubleVerify ("DV"), a leading software platform for digital media measurement, data,
and analytics, today announced the discovery of “FM Scam,” the latest audio fraud scheme to date that was identified and
mitigated by DV’s Fraud Lab using a proprietary combination of AI-powered technology and human review.
FM Scam represents the second significant global scheme targeting audio spending, emerging shortly after the DV Fraud
Lab protected advertisers from BeatSting, the first major invalid traffic (IVT) scheme aimed at audio traffic. During
the peak of both schemes, the combined financial impact on unprotected advertisers exceeded $1 million in spend monthly.
FM Scam perpetrators falsify audio traffic using dedicated servers. They also spoof a wide range of devices typically
used for playing audio content. This tactic enables fraudsters to blend their invalid traffic with legitimate traffic in
attempts to remain undetected. DV estimates that the fraudsters behind the scheme spoofed over 500,000 devices,
including mobile phones, tablets, connected TV (CTV) devices, audio players, smartwatches and, for the first time, even
smart speakers.
Fraudsters auction their invalid traffic through supply-side platforms (SSPs), exchanges and ad networks. DV’s impact
analysis indicates that FM Scam generates up to 100 million ad requests monthly. In addition to defrauding advertisers,
the fraudsters also are impacting the yield of quality audio sellers by siphoning money away from legitimate audio
channels.
“Audio is rapidly becoming a lucrative target for fraudsters,” said Jack Smith, Chief Innovation Officer at
DoubleVerify. “The range of players and devices used to stream audio content sets this environment apart from other
media types. Fraudsters tend to focus on emerging media, like audio, that attracts advertising investments but lacks
comprehensive measurement standards.”
FM Scam further blends in with legitimate traffic by mimicking the behavior of a typical continuous ad session. Unlike
BeatSting, which switches between devices after generating a certain number of impressions, FM Scam creates longer,
uninterrupted sessions. This randomises the traffic pattern to appear more human-like, as opposed to delivering a
consistent, fixed amount of impressions across devices.Traffic Patterns in BeatSting vs. FM Scam
When FM Scam emerged, the Fraud Lab quickly tied IP addresses used by the attack to a CTV scheme first detected in 2019.
Some IPs were also associated with various malicious activities, including the spread of malware. The DV Fraud Lab
immediately mitigated FM Scam’s attacks and has been continuously shutting down new variants of this scheme leveraging a
proprietary combination of AI-powered technology and human review.
DV’s Fraud Lab — powered by a dedicated team of data scientists, mathematicians and analysts — performs ongoing
detection and analysis of new types of digital ad fraud to uncover the latest schemes as they occur. Through continuous
analysis, scenario management and research, the Fraud Lab pinpoints the sites, apps and devices responsible for
fraudulent activity and updates protection for DV clients in real time.
Full report: https://doubleverify.com/audio-fraudsters-get-smarter-with-latest-scheme-fm-scam/