New Edelman Report Exposes Seedy Side of Ad Serving

Visiting the AOL sign-up page or a dating site shouldn’t prompt pornographic pop-ups. Yet that’s what independent spyware researcher Ben Edelman says occurred while he was conducting studies of click and affiliate fraud recently. In documenting a series of adware- and spyware-initiated porn ad serving scenarios, he implicates a handful of lesser-known ad networks as well as some well-recognized companies, namely ad serving technology provider Falk eSolutions and behavioral targeting firm AlmondNet.

“[Edelman] has absolutely done a public service in highlighting the complexity of the issue,” commented Brooks Dobbs, VP of data protection and government affairs for DoubleClick, which recently acquired Falk. “This is a problem, which as a legitimate company, is very damaging to us,” he stressed, noting that the firm has client guidelines prohibiting such activity and is examining ways to alleviate it.

The “Spyware Showing Unrequested Sexually-Explicit Images” report details the sometimes labyrinthine trails of intermediaries interacting as user traffic is handed down from one server to another, sometimes resulting in a multitude of pop-ups, many, in these cases, displaying graphic images that would make some users blush. The goal of the exposé, claims Edelman, is to spur the ad industry to pay more attention to partnerships and affiliate relationships that are leading to poorly-targeted ads and negative user experiences. “The big thing that’s new here is the porn angle,” he suggested.

“What Edelman really proved to us is we were right,” said AlmondNet CEO Roy Shkedi.

In May, Edelman visited dating site, and according to his report, he was soon served a lascivious pop-up by ZenoTecnico, which he refers to as a “notorious spyware” outfit. His analysis shows that user traffic was delivered from ZenoTecnico to AlmondNet’s Pro-Market ad server to the offending AdultFriendFinder ad. It’s “very typical” for a spyware server to send traffic to an ad server, said Edelman, though usually there is at least one less questionable server acting as a bridge between the two.

AlmondNet says it suspected something was awry. As of June 9, the company severed its relationship with IronTraffic, a media brokerage Shkedi said was distributing its traffic to ZenoTecnico. IronTraffic was using AlmondNet’s ad serving technology. Though Shkedi said AlmondNet had no specific indication that the IronTraffic relationship was connecting his company to nefarious adware or lewd ads, the firm decided to cut loose the client after learning from IronTraffic that ZenoTecnico didn’t control the distribution channels through which it disseminated its adware. In other words, there was a chance that the adware may have been downloaded unwittingly by users without their express permission It was the first time AlmondNet ever terminated a client relationship for this reason, according to Shkedi.

“We had a suspicion that something like this could have happened…and decided that it was doing the right thing for consumers,” added Shkedi, who thinks, “If others would do the same I would imagine that it could help minimize the problem.”

Edelman agreed that it’s possible that IronTraffic was the liaison between Pro-Market and ZenoTecnico; even though IronTraffic server doesn’t show up by name in his log.

Both Shkedi and Brooks said that it’s nearly impossible for ad servers to track what goes on as site traffic is shifted from one entity to another. “When these redirections occur it becomes technologically impossible for the intermediary party to know the physical display of the advertising,” said Brooks. He noted that developing a technical means of tracking bad players would be one way to curb the problem, along with consumer education regarding spyware, and legislative action or enforcement of laws already in place.

In one of the four examples Edelman provides in the report, Falk’s ad server came in a line of seven different servers between search ad network InstantNavigation, which is owned by Innovation Interactive, and Right Media’s media management platform, YieldManager. The path eventually delivered an especially vulgar ad for Naughtyplay, Edelman said.

Other companies Edelman named in his report are Direct Revenue, Deskwizz, SearchingBooth,, Zedo, Vitalix, Look2me,, Intern-etadvertising, Firstadsolution and MyGeek.

“The number of middle men who can get into these transactions is extraordinary,” marveled Edelman, adding, “The middle men don’t necessarily have to be paid that much because they’re not doing that much.”

Related reading