Gannett advertisers hit by domain spoofing, spotlighting programmatic issues
Dive Brief:
- Brands placing ads on Gannett properties were impacted by domain spoofing, a practice where ad inventory is misrepresented as being from a different site than where it actually runs, according to independent researcher Braedon Vickers, who published the findings on his blog. The Wall Street Journal first reported the news.
- Gannett owns USA Today and a wide array of newspapers and uses header bidding for its online ad auctions. Vickers dug into the code informing this process and found that stories on sites like the Detroit Free Press sent requests to multiple ad exchanges that labeled the page as a different piece in USA Today.
- This issue was widespread across Gannett and lasted for around nine months without being detected by ad-tech watchdogs and exchanges, Vickers concluded. Beyond potentially damaging Gannett’s credibility, the problem speaks to ongoing transparency troubles in the programmatic supply chain.
Dive Insight:
Vickers noted in his research that domain spoofing is viewed in some circles as a less substantial problem than it once was thanks to industry solutions like the IAB Tech Lab’s ads.txt, a tool publishers can implement that only allows authorized parties to sell inventory on their sites. While ads.txt may help prevent the intrusion of fraudulent third parties on the auction process, the story is different when the sites being spoofed are owned by the same publisher and share direct ad accounts. Vickers’ referred to this scenario as “authorized spoofing,” though he refrained from describing it as a deliberate move on Gannett’s part.
In one example, an advertiser looking to market itself around a sports story in a publisher with national reach — USA Today — might have instead appeared on a regional paper’s reporting on mistreated dogs, a less brand-safe topic.
Still, many advertisers may have questions for the publisher around why their ads were misplaced. Sears, Nike and Adidas were among the blue-chip marketers that were affected by the domain spoofing, per the Journal’s reporting. Gannett is weighing whether to give out refunds, the paper said.
The issue demonstrates how programmatic media-buying continues to experience transparency gaps that could lead to wasted ad spend and raise brand-safety red flags. As marketers contend with the deprecation of third-party cookies, a key ad-targeting tactic, many are adopting alternative methods like contextual targeting, where ad placements are informed by factors like keywords and topics. More than half (52%) of marketers surveyed by Winterberry Group last fall said they expected to increase their spending on contextual targeting over the next 24 months. The Gannett domain-spoofing was more nuanced than merely misrepresenting the domain page, factoring in information like article subsections, keywords and brand safety measures.
While looming changes to cookies have turned digital marketing on its head, some publishers have expressed optimism. Sixty-four percent of those in the industry surveyed by DoubleVerify said they expect revenue will increase, as the transition could spur more advertisers to broker direct relationships. The Gannett domain-spoofing dustup suggests many brands will still need to be on guard and keep close tabs on where their ads actually end up online.
