Definition
Impression fraud (Invalid Traffic / IVT) — Impression fraud, formally Invalid Traffic (IVT), is any digital ad impression generated by something other than a legitimate human viewer — including data-center bots, malware-driven hidden browsers, scraper traffic, and sophisticated bots that mimic human cursor and click signals. The Media Rating Council classifies IVT in two tiers: General Invalid Traffic (GIVT) and Sophisticated Invalid Traffic (SIVT).
Every CPM-based digital ad campaign rests on one assumption: that the impression the advertiser pays for was rendered to a real human. Impression fraud breaks that assumption at scale. A bot, a scraper, or a malware-controlled hidden browser loads an ad-bearing page, fires a measurable impression event into the bid stream, and the advertiser is billed exactly as if a person had seen the ad.
The mechanics are well-documented. The 2018 takedown of the 3ve botnet — coordinated by Google, White Ops (now HUMAN Security), and the FBI — disclosed an operation that infected more than 1.7 million consumer and business devices, ran hidden browsers to load fabricated webpages, and falsified billions of ad views, costing advertisers over $29 million before it was dismantled. The earlier Methbot scheme generated $3–5 million per day in fraudulent ad revenue at its peak by impersonating premium publisher domains like ESPN and CBS Sports.
Both schemes are old. The pattern is not. DoubleVerify's research has continued to surface successor operations every year since.
The MRC's Invalid Traffic Detection and Filtration Standards split IVT into two categories. The distinction matters because most basic ad-platform fraud filters catch only the first tier.
| Category | What it is | Detection | Examples |
|---|---|---|---|
| GIVT — General Invalid Traffic | Easily-identifiable non-human traffic. Behaviorally obvious — switching between pages every few seconds for hours, requesting from known data-center IPs, identifying as a known crawler. | Routine filtration; identifiable through standard list-based and rules-based filters. | Search-engine crawlers, AI scrapers (GPTBot, ClaudeBot, AppleBot), data-center bots, declared spiders. |
| SIVT — Sophisticated Invalid Traffic | Bots and schemes that actively mimic human behavior — cursor jitter, scroll dwell, click cadence — to evade filtration. | Requires advanced analytics, multi-point corroboration, and human investigation. | Hijacked devices running hidden browsers, ad-stacking, pixel-stuffing, domain spoofing, SDK spoofing in mobile apps, server-side ad insertion (SSAI) abuse in CTV. |
There is no single industry number — fraud rate varies by environment, by quarter, and by whether the campaign was running with anti-fraud protection. The most reliable benchmarks come from independent measurement vendors with MRC accreditation.
Q3 2025 — share of web ad traffic flagged as invalid
Pixalate Q3 2025 Global IVT & Ad Fraud BenchmarksQ3 2025 — highest of the three environments
Pixalate Q3 2025 Global IVT & Ad Fraud BenchmarksQ3 2025 — bots account for 65% of all CTV fraud
DoubleVerify 2025 Global Insights — CTV bot fraudDriven partly by AI scrapers (GPTBot, ClaudeBot, AppleBot)
DoubleVerify 2025 Global Insights ReportNorth America +101%; Q4 2024 was the peak quarter
DoubleVerify 2025 Global Insights ReportFraud rate is 14× higher on campaigns without anti-fraud protection
IAS Media Quality Report, 19th EditionFraudulent impressions are not free. Every billed impression that lands on a bot is real dollars moving from an advertiser's bank account into the ad-tech supply chain — DSP, exchange, SSP, fraudulent publisher (or a fraudster impersonating one), and any rebrokered intermediaries in between.
The cumulative scale is what makes impression fraud the largest single line item in the Middleman Tax. Three independent estimates, three different methodologies, all in the same neighborhood.
Roughly 22% of $382B global digital ad spend
Juniper Research — Quantifying the Cost of Ad FraudRoughly 23% of projected $747B global digital ad spend
Juniper Research — Cost of Ad Fraud 2023–2028Programmatic only, single quarter
Pixalate Q3 2024 Global IVT BenchmarksProgrammatic only, single quarter
Pixalate Q3 2024 Global IVT BenchmarksFraud rate varies sharply by environment. Three patterns repeat across measurement vendors: mobile-app inventory carries higher IVT than web; Connected TV is structurally vulnerable through server-side ad insertion (SSAI); and the further inventory sits from a first-party publisher relationship, the worse the fraud rate gets.
Both Google and Meta run substantial Ad Traffic Quality teams and reject billions of invalid requests. They still don't catch everything, for three structural reasons.
The auction is incentivized to fill, not to refuse. Every refused impression is foregone revenue for the platform. The platform's fraud filters are tuned to a tolerance, not to zero — and the tolerance is set where the platform's revenue and the advertiser's anti-fraud appetite meet.
SIVT actively evades detection. Sophisticated bots simulate cursor jitter, scroll dwell, and click cadence well enough that filtration based on behavior alone misses them. The MRC standard explicitly calls out that SIVT detection requires advanced analytics, multi-point corroboration, and human investigation — not the kind of work an exchange does in 100 milliseconds at auction time.
The supply chain is opaque end-to-end. The ISBA / PwC programmatic supply chain audit found 15% of advertiser spend was unattributable across the chain. If neither side of the auction can fully reconstruct where a dollar went, neither side can guarantee no fraud reached it.
Impression fraud exists because the advertiser pays for an inferred event — an impression — generated upstream by infrastructure the advertiser does not control. Every layer between the advertiser and the human is an opportunity for fraud to be inserted and billed.
WilDi Maps replaces the impression-and-auction model with Cost Per Verified Delivery (CPVD): $0.20 per delivery to a real driver phone moving through a corridor the advertiser leased. Three architectural choices remove the bot-fraud surface area entirely.
The product
WilDi Maps is not a single flat-rate product. You pick the tier that matches how local you need to be. All three are GPS-verified per claim — no auction, no exchange rake, no Middleman Tax.
1-mile road strip
Premium
Hyper-local, just-in-time
Lease a one-mile stretch. When a driver enters the strip, they get a just-in-time message — perfect for emergency services, on-route specials, and anything where being right there now beats brand awareness later.
Best for
1-square-mile area
Premium
Hyper-local, area-based
Lease a one-square-mile block — not tied to a single road. Catches the residential cluster, retail district, or industrial park where your work actually lives. Same just-in-time delivery as tunnels; different geometry.
Best for
City-wide rotation
$0.20
per claim, fixed
City-wide brand presence on rotation. Highest reach for the budget — best when familiarity beats precision. The $0.20 fixed rate is the only flat-rate tier WilDi sells.
Best for
What the driver gets when an ad is claimed
If the driver wants to act on the ad, the app navigates them straight to the advertiser's location.
Click-through to any URL — ordering page, brand site, blog post, lead form.
Open a specific page inside the WilDi app — promo details, daily specials, claim instructions.
See the full pricing breakdown on the pricing page.
Impression fraud is the practice of generating digital ad impressions that no real human ever saw — using bots, scrapers, malware-controlled hidden browsers, ad-stacking, pixel-stuffing, or domain spoofing — and billing the advertiser as if the impressions had been served to legitimate viewers. The industry term is Invalid Traffic (IVT). The Media Rating Council classifies IVT into two tiers: General Invalid Traffic (GIVT), which is easy to detect, and Sophisticated Invalid Traffic (SIVT), which actively mimics human behavior to evade filtration.
Pixalate's Q3 2025 Global Invalid Traffic Benchmarks reported a 21% IVT rate on web, 33% in mobile apps, and 19% in Connected TV — meaning roughly one in three mobile-app impressions globally is invalid. DoubleVerify's 2025 Global Insights Report measured an 86% year-over-year spike in general invalid traffic in the second half of 2024, with U.S. bot fraud up 106%. The number is not constant; it varies by environment, quarter, and whether the campaign is running with anti-fraud protection.
GIVT — General Invalid Traffic — is non-human traffic that is easy to identify: known crawlers, data-center bots, AI scrapers like GPTBot or ClaudeBot, and bots whose behavior is obviously inhuman. The MRC says GIVT can be filtered through routine means. SIVT — Sophisticated Invalid Traffic — is the harder problem: bots and schemes that actively mimic human behavior (cursor jitter, scroll dwell, click cadence) and require advanced analytics, multi-point corroboration, and human investigation to detect. SIVT accreditation by the MRC includes GIVT accreditation, because it is the stricter standard.
Three practical signals: (1) impression and click rates that are wildly inconsistent with viewability or post-click engagement — bots will fire impressions and clicks, but they don't convert, scroll, or stay on the landing page; (2) a high share of traffic from data-center IP ranges or anonymizing proxies, which a third-party verification vendor (DoubleVerify, IAS, HUMAN Security, Pixalate) can flag; (3) sudden spikes in impressions or clicks without a corresponding spike in real-world business outcomes (form fills, calls, purchases). IAS data shows fraud rates on unprotected campaigns run 14× higher than on protected campaigns, so the simplest first step is turning on anti-fraud verification.
Google's Ad Traffic Quality team rejects billions of invalid requests, but does not catch all bot traffic for three structural reasons. First, the auction is incentivized to fill — every refused impression is lost revenue, so filters are tuned to a tolerance rather than to zero. Second, sophisticated invalid traffic (SIVT) actively evades detection by mimicking human cursor and scroll behavior, and the MRC standard explicitly says SIVT requires investigation that exchanges cannot do at auction speed. Third, the programmatic supply chain is opaque — the ISBA/PwC audit found 15% of advertiser spend was unattributable end-to-end, meaning neither side of the auction can fully reconstruct where every dollar went.
Juniper Research estimated $84 billion in global digital ad fraud in 2023 — roughly 22% of total worldwide digital ad spend — and projects the figure to reach $172 billion by 2028. Pixalate's Q3 2024 benchmarks attributed $1.5 billion in mobile-app and $1.4 billion in CTV ad spend lost to IVT in a single quarter. The 2018 takedown of the 3ve botnet alone disclosed more than $29 million in fraudulent ad revenue across roughly 1.7 million infected devices, and the Methbot scheme generated $3–5 million per day at its peak.
CPVD — Cost Per Verified Delivery — is a tiered ad pricing model where the advertiser pays from $0.20 each time a message is delivered to a real driver phone moving through a corridor the advertiser has leased. The delivery is GPS-verified at the device, not inferred from a bid stream. Because the location signal comes from the driver's own phone, the event log is written by infrastructure WilDi controls end-to-end, and the driver is a known operator with a paid-out earnings record, there is no programmatic auction surface for bots to attack. The corridor membership check is geometric, not statistical — a delivery only counts if the device's GPS position is inside the leased corridor at the moment of delivery.
DoubleVerify's 2025 Global Insights Report found that 16% of the 86% YoY spike in general invalid traffic in 2H 2024 was tied to bots linked to legitimate AI tools — GPTBot, ClaudeBot, AppleBot, and similar. These crawlers are not malicious in intent; they index the web for AI training and retrieval. But under the MRC standard they qualify as GIVT — non-human traffic — and any ad impression rendered to one of them is, by definition, invalid. Whether the advertiser was billed for that impression is an ad-tech-stack question, not a definitional one.
About this analysis
Written by Timm Ross, founder of WilDi Maps · Jacksonville-based · Veteran-owned. Sources are cited inline; we update the numbers when the underlying research updates.
More about WilDi MapsFixed $0.20 per GPS-verified delivery. No auction, no bid stream, no Middleman Tax.
