Rocky and I exchanged emails for this interview and it has been slightly condensed and edited.
Marc Goldberg : Rocky we connected on Linkedin long ago when either you liked an fraud article I posted or I liked an ad fraud post you posted! Tell us about where you have been and where you are now?
Rocky Moss: When we connected I was just cutting my teeth in advertising and ad-fraud as a Traffic Quality Specialist at Conversant (previously dotomi & valueclick). I learned so much in that role about ad-fraud, and also about the tools that marketers use to prevent it at scale.
I took it upon myself to learn as much as possible about the topic, and part of that was engaging with more professionals on LinkedIn; that’s likely how we came to connect!
Since then I spent several years as a dedicated ad-fraud researcher, and have uncovered numerous publisher fraud exploits as part of that role. After doing that for ~3 years, i felt ready to branch off and start my own consultancy / research tools, and that’s how DeepSee was born.
MG: So you have seen the underbelly. Can you share some examples of what most folks don’t see?
RM: On the amusing side of the underbelly, I remember being surprised just how many ads I was served when looking at dog TV channels on roku & amazon fire. Seriously, they have ad breaks every 8-15 minutes on content meant to be played for your pets when you are away.
Since I’ve been working on DeepSee, I’ve gained a much deeper understanding of what entities are involved in the traffic laundering process, and a deep appreciation for just how nimble these companies are.
To use an example of something I’m researching now, I’ve been tracking a network of pop-traffic directed at e-commerce sites in order to stuff the user with cookies; bad-actors do this so that they get credit for attribution if that user ever makes a purchase. When you think of pop-traffic, you might think of streaming or torrent sites, but these pop vendors create niche sites which rank highly for certain keywords, and turn those real users who visit the pages into vehicles for attribution fraud. In this case, traffic originates from sites which rank highly for “piano sheet music” & related terms, and even uses a secret link from a functioning piano sheet music site to bounce users towards their eventual e-commerce destination.
MG: When I think of pop traffic, I think of 2001! What other examples do you see of malicious intent.
RM: This stuff has some real sticking power! It’s definitely still used to pad impressions and reach stats for a rotating cast of publishers, but it also funds sites that have a hard time otherwise monetizing. One good example of this symbiosis, which I can cite from our blog, involves a tech news site who bought users from AdSupply, one of the leading sellers of pop traffic. AdSupply supplied code to therightscoop[.]com, which had an article trending on twitter titled “WATCH: Despicable feminazi thugs attack mother and 7-yr-old son outside DNC for supporting Trump.” This code allows AdSupply to send the right scoop’s visitors to any number of destinations. In this case, when someone clicked that link from twitter, and interacted with the page, they would be sent to techandgeek[.]com, resulting in that publisher getting a visit from a real user! The landing page, of course, was stuffed to the gills with ad units.
Because of the content of the article, and with the variety of brand safety tech out there, therightscoop[.]com might have had a hard time monetizing their users, but AdSupply paid for their users to be sent elsewhere, thus benefiting everybody but the advertiser.
MG: So at Deepsee, what problem are you trying to solve.
RM: We are trying to arm digital advertising professionals with the tools they need to avoid suspicious partners at scale.
We see risk as more than just the aggregate of advertising / measurement events. It’s about the relationships between websites that are purposefully hidden in order to perpetuate fraud.
You can’t find those things by measuring traffic on the most popular sites on the web, you have to get dirty and test the worst & most exploitative sites. We specialize in doing that type of auditing; thinking like a bad guy, and provoking websites into giving up their secrets is at the core of our value. This type of auditing could easily take hours of labor per-publisher, and we make that info available at the push of a button.
MG: So are you a verification vendor like me? This is the area at Method Media Intelligence (where I am CRO) plays. Because if you are, I don’t want to kick your ass.
RM: Haha, no worries Marc, we will stay in our own lane! We aren’t a verification vendor in a traditional sense, because we don’t monitor your advertising events in real time. We schedule our own independent audits, millions of times per day, throw those results in our database, and let you use them in some interesting ways.
We offer the ability to create targeting / block lists based on our risk types which are derived from the behavior of the site when you interact with it, like: does it create hidden pop ups?
Is the user forcibly redirected? Is the page suspiciously embedded on other sites? Is it bloated, therefore resulting in a bad user experience?
I think the product works great as part of the business partner qualification process, so I’d be tempted to define it as a compliance tool. I envision it being used as a kind of checklist before you work with someone, and then as a constant monitoring tool after you ARE working with someone.
MG: All good, All love, love you are fighting the fight. You are a start up now, self funded or looking for funding.
RM: We are completely self-funded, which is terrifying but fulfilling. We wouldn’t thumb our nose at the right strategic partner, but our priority is building a best in class hybrid risk analysis system for digital advertising professionals. There aren’t many comps in the lumascape, which I think scares the usual types of investors.
MG: Assuming you have a home office, where is home and does anyone else live there?
RM: My one-bedroom home/office in LA comes complete with a very understanding, and supportive, wife.
MG So imagine a world where everything is back. Where are you going first? Are you going to a Rams, Dodgers, Lakers, Kings , Kendrick concert?
RM: One of the first quarantine bummers for me was the cancellation of a Devin Townsend show I was supposed to see with a friend. I’d love to see that rescheduled! My first dining excursion will be to Quarters in Koreatown, where the bulgogi is as fresh and delicious as I’ve ever had. COVID really put a damper on communal dining experiences.
MG: I know, I can’t wait to eat dinner inside with..well anyone! How has quarantine life been for you? Professionally and personally.
RM: Personally, it’s been very hard to live and work in the same one bedroom for months on end, but I guess that’s a pain I shoulder with millions of other folks.
Professionally, it has certainly been harder to develop a product at a distance. Small companies need to be agile, and not being in the room with all our developers & team has been an interesting thing to adapt to.
Not to mention, it’s harder to grow one’s professional network in the absence of in-person networking events. That being said, I’ve attended numerous online conventions / webinars which I thought managed to be highly educational & conversational.