How to help sites avoid ads.txt fraud? #49
Description
Is your enhancement related to a problem? Please describe.
Inside the fight against 404bot, the ad fraud scheme exploiting ads.txt
https://www.thedrum.com/news/2020/02/25/inside-the-fight-against-404bot-the-ad-fraud-scheme-exploiting-adstxt
Here’s some background research by the great Dr. Augustine Fou:
How Ads.txt is Being Exploited by "Baddies" for Fun and Profit
https://www.linkedin.com/pulse/adstxt-zero-day-exploit-wild-brief-history-fraud-ad-fraud-historian/
Not much 10up’s plugin could do to help at this point, except maybe even sites that don’t advertise should consider a (non-empty) ads.txt file to prevent domain spoofing:
https://api.adstxt.com/blog/adstxt-without-authorized-advertising-systems
So your plugin could start users with a default ads.txt containing this valid “placeholder” record:
placeholder.example.com, placeholder, DIRECT, placeholder
Describe the solution you'd like
Opening this issue to discuss how best to handle this within Ads.txt Manager.
Designs
TBD, but n/a currently
Describe alternatives you've considered
n/a
Additional context
Props to @hearvox for the issue reporting and background info, we'll want to credit him in an PR/release/CREDITS.md updates that come from this issue.