Preventing Clickbait Advertising Trends: April Landscape

Clickbait advertising is a one-sided deal. It fails to deliver on promises and doesn’t hold up its side of the bargain. Beyond just fraudulent, clickbait campaigns are pervasive, making a page look cheap and exploiting current trends.

With 56% of publishers today regularly facing clickbait on their sites, publishers need to know the enemy. What do clickbait campaigns look like, what are their strategies, and what is their end game? This month, we’re analyzing four widespread deceptive clickbait campaigns that have been identified across the ad ecosystem. We clicked so you don’t have to. Here’s what we learned:


False claims that Elon Musk is paying Canadian families’ debts

Elon Musk, entrepreneur, investor, business magnate, and new owner of Twitter, is the latest target of fraudsters’ financial scams. GeoEdge has identified a financial scam that exploits users’ curiosity about this public figure currently trending on the internet.

A familiar pattern emerges in this scam. The fraudsters behind it cloak the creative and landing page URL. The user sees a clickbait ad featuring a high-profile celebrity. When the user clicks on the ad, they’re led to a landing page masquerading as a trusted news source, in this case, The Toronto Star. The headline reads, “Special Report: Elon Musk’s Latest Investment Has the Government and Big Banks Terrified.”

This is #fakenews about a non-existent event. It’s also a form of brand infringement, exploiting the name and design of a highly-regarded publication. In this case, the landing page copy tries to convince the user to invest in a fraudulent bitcoin trading scheme as opposed to a verified product.

The cloaked landing page is designed to hide the scam from ad security vendors like GeoEdge. It has nothing to do with Elon Musk or any financial debt relief program. Instead, the user lands on a blog post promoting “11 Ideas for Purchasing for Garments.”

Baseless rumors that Kelly Ripa is leaving the show Live with Kelly and Ryan

This is a classic clickbait campaign, piggybacking on a celebrity’s status to spread fake news and lead unsuspecting users to listings for deceptively-marketed products. Neither Kelly Ripa nor any authoritative source have announced that she’s leaving Live with Kelly and Ryan. This story is entirely false, and it’s being used to peddle products that have nothing to do with Kelly Ripa or her career.

When the user clicks through to the ad, they arrive at a landing page resembling a new feature, with an article titled “Kelly Ripa announces she is leaving the ‘Live’ show after 18 seasons.” The article claims that Ripa is leaving the show to promote her new anti-aging cream, while no such product exists in her name.

The page advertises a line of skincare products using Ripa’s name and image in a completely unauthorized way. It’s effective in convincing users to click on it, employing a common social engineering tactic. Kelly Ripa does not have a skincare line, and she hasn’t announced any plans to launch one. This campaign is engineered to draw users down a rabbit hole to a #phishing scam. It prompts them to share their credit card information, which cybercriminals can then use for their own malicious purposes.

The scammers behind this clickbait campaign used a cloaking mechanism to hide the real ad creative and landing page code from scanners in non-human environments. The cloaked landing page is titled “Kelly Ripa makes surprising revelation about domesticity as she celebrates special celebration,” saying nothing about her leaving the show or promoting skincare products.

Once the mechanism detects a human (end-user) environment, it swaps out the innocuous creative it’s shown ad scanners for the clickbait creative and URL of the scam landing page.

In an attempt to avoid text-recognition mechanisms like the one we use at GeoEdge, scammers have altered the text replacing English characters with special symbols. Note the K, R, P, W, and V as shown in the ad below:

Despite their many attempts to hide this scam, GeoEdge caught on to this malicious campaign and blocked it from reaching publishers’ sites across the US.


Anna and Samantha Martin – Fake Shark Tank story

Remember Anna and Samantha Martin from Shark Tank? These two sisters hit it big on the most-watched episode in the show’s history. Doesn’t ring a bell? There’s a reason for that. It never happened. The Martin Sisters don’t exist and were never contestants on Shark Tank.

This misleading product offer is a variation on a #scam that’s been around for years. The fraud campaign claims that these two sisters won the support of the show’s investors for developing fat-burning, wellness-enhancing dietary supplements.

Lately, we’ve seen this scam gaining traction, as the criminal entities behind it have made a bigger push into the video ad space. Their clickbait video efforts have been very effective. This is a brazen move by scammers: a fake news campaign that barely uses any cloaking methods to hide its deceptive landing pages along the supply chain. That’s how confident these scammers are that their efforts will succeed.

The two women in these images are actually sisters, and they actually have been on Shark Tank. Their names are Megan Reilly and Sarah Nurse, and their pitch on the show was for a business called Tippi Toes that offers dance lessons for kids. They won a small deal from the investors.

It’s a low blow for scammers to steal Megan and Sarah’s likenesses to sell a fraudulent “magic pill,” taking advantage of users’ interest in the well-known keto diet trend.
What’s more, after a user pulls out their credit card and pays for these products, the odds are that the goods will never arrive. Once scammers have a user’s financial details, they have all they need to wreak havoc. If the defrauded user ever does receive anything, it will likely be of low quality, delivering on none of the unrealistic promises made in the ad and landing page, and with no hope for a refund.

Consider this a personal reminder from GeoEdge’s security research team: If it sounds too good to be true, it probably is.

A Fake Bored Ape is “giving away” a (non-existent) $70,000 NFT

Over the past year, NFTs have been a huge source of interest for cryptocurrency enthusiasts. These unique tokens are built on blockchain technology and can be bought and sold, sometimes for outrageously high sums of money.

On Monday cybercriminals hacked the NFT brand’s Instagram. They posted a link to a supposed airdrop, which would give existing Bored Ape holders a free allotment of land in the upcoming Otherside #metaverse.

Instead, the link was a phishing scam. People who opened it and connected their crypto wallet had their Bored Ape Yacht Club NFTs stolen. In total, $2.5M of Bored Ape Yacht Club NFTs were stolen in the hack. Riding off the NFT hype this week, GeoEdge revealed cybercriminals exploited the #programmatic ecosystem to push a fraudulent ‘Bored Ape’ Ad Scam giving away a non-existent $70,000 NFT.

The Bored Ape line of NFTs has received more attention than many other NFTs to date. Their iconic ape design is easy to spot. Some Bored Apes have sold for as much as $300,000 each. NFTs market have been trending in the news, and many online users recognize the Bored Ape name and look. People are naturally curious about how they can get in on what so many large companies and celebrities have actually invested in.

Who wouldn’t want to check out a $70,000 Bored Ape “give-away”? The reality is that this clickbait scam has nothing real to check out. Despite what the ad’s text says, the actual offer you’ll find on the ad’s landing page will not “shock and delight you.” There’s nothing on it that’s related to crypto or finance at all. Instead, it’s a page for what’s described as a “Bored Ape–inspired wellness company.”

The user is prompted to enter into a fraudulent sweepstakes with a $70,000 “Mutant Bored Ape” NFT as its grand prize. Meanwhile, the landing page promotes – you guessed it – yet another line of unverified miracle-cure health supplements. There’s not much that sets these products apart from other deceptive offers, except for the fact that these products are chewable.

This scam is another clear case of brand infringement, designed to target audiences on the lookout for crypto and tech trends, and lead them to believe that these illegitimate, counterfeit product offers are connected to the Bored Ape brand.


Cutting Out Clickbait

These examples may seem bizarre and far-fetched on the surface, but that’s part of what makes clickbait campaigns so sinister: They’re very eye-catching, with little in their creative to indicate that they conceal phishing schemes, bait-and-switch offers, or counterfeit versions of real publishers’ sites. The risks to users’ safety are too great to ignore. Nor can we overlook publishers’ mandate to ethically monetize audiences’ engagement and retain trust over time.

Reach out to GeoEdge now to learn how to protect your site and users from clickbait. Hear how we’re helping publishers maintain optimal ad revenue without worrying about cybercriminals hurting their audience and business.



Alisha is a Technology Writer and Marketing Manager at GeoEdge. Her writing focuses on current events in the AdTech ecosystem and cyberattacks served through the digital advertising supply chain. You can find Alisha on LinkedIn to discuss brand building and happenings in AdTech.

Malvertising, the practice of sprinkling malicious code into legitimate-looking ads is growing more sophisticated. GeoEdge’s holistic ad quality solution has you covered.


450+ Publishers & Platforms