- Application Security and Fraud Prevention
- Advertising and Marketing Security
- New York City
- Washington DC
Cybercriminals are increasingly getting in the way of how companies conduct digital business. If allowed to prosper, malicious bots can defraud companies and impact the bottom line.
For instance, they employ sophisticated attacks on digital marketing across every stage of the funnel, mimicking human engagement in marketing to monetize fake clicks on paid ads and search results, fake site traffic and form fills, and retarget bots. Sophisticated bots also defraud companies with tactics like credential cracking and stuffing that can lead to wire transfer fraud and costly theft of sensitive data.The result is costly for companies that don’t get serious about implementing advanced protections that go beyond CDNs and WAFs.
A couple of the specific threat models fraudsters use include:
The PARETO botnet accounted for an average of 650 million daily bid requests, as 29 Android apps spoofed more than 6,000 CTV apps. The botnet spread across nearly a million infected Android phones—and involved a similar operation within the Roku Channel Store—as PARETO operators spoofed Roku players, Apple TVs, Amazon Fire TV Sticks, LG Smart TVs, and Google Chromecast players.
HUMAN developed algorithms to protect customers and partners from PARETO attacks, worked with device manufacturers impacted by PARETO to develop new standards that will make it a lot harder to successfully run such operations in the future, and worked with Google Play Store and Roku Channel Store to get the apps taken down.
During the final week of June 2020, a family of Android apps distributed a new ad fraud botnet that found its way to 65,000 devices, spoofing over 5,000 apps and accounting for more than 2 billion bid requests. How? By enticing downloads with a simple—and fake—offer: download the app, enter a few details, and receive a free pair of shoes.
HUMAN’s Satori Threat Intelligence & Research team identified the attack and has been actively defending against it, in collaboration with Google, since late last year. HUMAN customers today are fully protected against TERRACOTTA.
Lower fraud loss and preserve customer trust and experience by mitigating credential stuffing, credential cracking, account takeover, account creation fraud, payment fraud, and content and experience abuse.