I shot up straight in bed sometime in the 3 o'clock hour, sweaty and frantic with the text of an email I received earlier that day racing through my mind.
"Action Required | (Our Client's) Google Ads Account" was the subject line.
Aside from my own, I didn't recognize the addresses in the recipients' field. The message was from "Fred," our supposed new Google Ads Digital Strategist, claiming he had found several optimizations after reviewing our account. Inserted into the text body was an image promoting a new optimization product that looked alien and off-brand for Google, with a "click here to get started" link below. In the signature, I noticed that though Fred's email address featured the Google domain, it appeared that he worked for a third party.
Could this "I'm your new account manager" email be the new "Nigerian prince" scam targeting digital marketers?
We all know user privacy and security are big deals these days, rightfully so. Big tech has responded with sweeping changes to their online advertising platforms, leaving digital marketers scrambling to drive the same results without the almighty third-party cookie.
But what about advertiser privacy and security?
Businesses entrust in-house teams and digital marketing agencies with confidential information that gets eagerly plugged into the backend of these platforms without much thought as to whether that information is secure. The marketers' job, after all, is to produce results quickly, right?
Not entirely. At Anthroware, we believe that privacy is everyone's responsibility. As an agency that builds and markets digital products, we want our clients to know that privacy is a priority at every step in every engagement with them and their business.
On the product side of our business, we have two testing standards: is it secure, and does it work? Though the product itself may be super-sophisticated, simply answering "yes" to those two questions lets us know we've done our jobs well.
So, how can we apply that same methodology to our marketing efforts? "Does it work" is an easy task with outcomes we can affect – set KPIs around a strategy, track and report results, and make tactical shifts to ensure things are on-plan. "Is it secure" is a horse of a different color, as we, just like any digital firm or brand team, are bound to the Googles and Facebooks of the world since they dominate the programmatic advertising game. And, unfortunately, their privacy policies and security measures we cannot control.
Still, it's not enough to sit on our hands. We owe our clients to think of and act on advertiser privacy and security, even if ad tech, their internal teams, or other agencies are not. We can continuously improve our internal processes around client privacy and security; guarantee confidential information storage; provide training on cyber-attacks; create best practices around warding off malicious activity that could affect budget and performance, and so on.
The morning after my midnight panic, I resolved to report the suspicious email as spam. A couple of weeks later, Fred reached back out, insisting he certainly was with Google, and after I peppered him with some improvised security questions, I came to trust him, and he proved to be quite helpful.
My story ends well, and this is all conjecture, but how hard would it be for a digital fraud factory to imitate ad tech reps or concoct similar nefarious schemes? After researching the subject thoroughly, I found little information published on advertiser protections or any documented digital thievery of this kind. However, with wanton disregard for click fraud, bogus inventory scams, and shady monopolizing deals, trust is at an all-time low for the major digital advertising platforms. Can you blame me for being wary?
We at Anthroware are a curious and rebellious bunch who like to poke holes in existing norms and exist to make our world a better place through digital experiences. So, on behalf of our clients and the countless agencies and brands who use these platforms every day, we demand that the tech giants take a stand against these potential vulnerabilities and thus want to know... @Big Ad Tech: what are you doing to protect advertisers?