DoubleVerify, a digital media measurement and analytics provider, has released an advisory via its Transparency Center addressing a surge in fraudulent activity targeting ads.txt files, tools used by publishers to disclose authorised sellers of digital ad inventory.
The company’s Fraud Lab has uncovered over 100 instances of ads.txt manipulation since the protocol’s introduction in 2017.
These cases have notably accelerated in recent years, with fraudsters leveraging the format to appear as legitimate vendors and misdirect advertising budgets.
AI-driven deception
One of the most significant examples, termed Synthetic Echo, involves a network of more than 200 AI-generated websites.
The sites mimic reputable domains (such as espn24 instead of espn, nbcsportz instead of nbcsports, and cbsnewz instead of cbsnews) and are monetised through multiple supply-side platforms (SSPs).
These properties host low-quality, AI-produced content while using cloned ads.txt files to create a veneer of legitimacy.
“Bad actors are exploiting ads.txt and advertisers often have no idea it’s happening,” said Gilit Saporta, Head of the DV Fraud Lab. “It’s a growing risk that demands more scrutiny from buyers, sellers and vendors.”
DV’s investigation revealed near-identical ads.txt files across the Synthetic Echo sites, underscoring how fraud operations scale by replicating authorised seller lists.
Following DV’s exposure of the network in January, several misrepresented publishers indicated their intent to take legal action, as reported by Wired.
The full public alert and recommended best practices are available through DoubleVerify’s website.