It’s the next gold rush… or is it a feeding frenzy? South African advertisers are pouring growing budgets into connected television (CTV).
Analysts have earmarked CTV as a R28bn advertising opportunity [1] for the local market.
With more than 26 streaming platforms now legally available in SA, the appeal is obvious: big-screen reach, digital-grade targeting, and audiences that choose to be there. Naturally, advertisers rushed in, and CPMs followed.
The problem is that a meaningful share of what gets sold as ‘premium CTV inventory’ has never been near a living room, let alone a big-screen TV. It is fabricated through spoofed device profiles and mobile apps quietly cosplaying as 65-inch screens, often slipping past detection altogether because CTV video runs on Vast, a static tracking standard that cannot carry the JavaScript-based measurement tags used to verify display and desktop video.
Your high-definition creative may be playing on a powered-off television, a cracked Android build, or a smart refrigerator, as well as other smart devices that generate fake bid requests. Even direct buys are not immune.
This is a coordinated technical exploit, and it is accelerating. DoubleVerify's 2026 Global Insights report [2] found a 140% surge in CTV fraud schemes in Q1 2026 compared to the same period in 2025, with more than 50 distinct bot attacks identified in 2025 alone and a tenfold increase in fraudulent CTV apps. The report claims that, conservatively, the financial toll of unprotected campaigns is approximately $1.8m (around R30m) per billion impressions served.
How the shell game works
Programmatic ad servers rely on self-reported device identifiers passed through the bidstream. Fraudsters simply lie about those identifiers. A hidden mobile background process declares itself a Samsung Smart TV in an active household, collects a premium CPM, and moves on.
There are several variants of this. Server-side ad insertion (SSAI) stitches ads directly into streaming content at the server level: technically elegant but, measurement-wise, disastrous because it bypasses client-side verification entirely. Operations like SneakyTerra exploited this to simulate millions of device profiles daily. Then there is ad stacking: the Vastflux scheme, [3] for example, layered up to 25 video ads in a single hidden slot, spoofing 1,700 apps simultaneously. Every one of those impressions was recorded as a completed view.
There is also the hardware measurement gap that almost nobody talks about. Many CTV environments measure the streaming device rather than the physical screen. When a viewer switches off the television but leaves the streaming box running, the ads keep serving, [4] and the system keeps counting. Your brand is addressing a dark room; the report marks it as full delivery.
The direct-deal myth
Here is the assumption that tends to catch even experienced media buyers off guard: that direct deals and private marketplaces are immune. They are not.
The same DoubleVerify research found bot activity in direct CTV purchases by major global advertisers, including a consumer healthcare campaign in which 34% of impressions were served to bots and a CPG campaign with a 25% bot rate. [5] Both were direct deals. “I bought it directly” is the advertising equivalent of assuming restaurant food is safe because you didn't order it from a street corner. Fraud follows the money, and CTV money is plentiful.
Why legacy tools keep missing it
Legacy verification platforms were not built for this environment. They typically sample a fraction of impressions rather than measuring the full campaign volume. When a sophisticated bot strips or blocks a measurement tag, the system records no data and marks the impression clean. 'No data' does not mean 'no fraud', but that is precisely how it gets reported. The result is a false sense of security that benefits everyone in the supply chain except the advertiser.
What forensic measurement actually shows
At TruthsetsOnline, [6] working with the FouAnalytics platform, we take a different approach. Rather than generating a single fraud score from sampled data, on display, mobile web, and in-app inventory, where JavaScript measurement is possible, our tags capture more than 300 technical and behavioural variables directly inside the creative, including touch events, scroll behaviour, and mouse movement, all of which carry distinct human and bot signatures. When those signals are absent, we can show you exactly why, as auditable forensic evidence, not a probabilistic estimate.
CTV is a different problem, precisely because the channel cannot carry that kind of tag. Here, forensic detection means checking what Vast tracking calls can verify: whether bid requests, ad serving, and ad rendering actually line up. A campaign that wins 800,000 bids but renders only 550,000 ads on actual screens has a 31% drop-off, and that gap is where the fraud lives. We also look at hourly impression volume patterns for distributions no human audience could produce, as well as at device and app concentration to flag spoofed inventory passing itself off as thousands of different smart TVs. None of it is a single fraud score from sampled data. It is auditable evidence specific to what each channel can actually show you.
The Association of National Advertisers (ANA) Q2 2025 Programmatic Transparency Benchmark [7] found $26.8bn (around R442bn) in global programmatic waste, and CTV, now accounting for 44% of all programmatic spend, is a growing share of that figure. In our experience dealing with real-world brands, those that shift from volume metrics to verified human attentiveness typically recover between 20% and 60% of their media budgets: real money that can be redirected from ghost impressions to audiences that actually exist.
If you would like to see what a forensic analysis reveals about your active campaigns, I am happy to arrange a free two- to four-week benchmarking audit. Reach me directly, [8] and we can look at the data together.
Sources as linked and annotated in the copy
1. https://thecallsheet.co.za/2025/01/28/key-trends-that-will-shape-sas-streaming-landscape-in-2025/
2. https://doubleverify.com/company/newsroom/global-study-ctv-fraud-schemes-surge-140-globally
3. https://www.malwarebytes.com/blog/news/2023/01/vastflux-ad-fraud-massively-affected-millions-of-ios-devices-dismantled
4. https://www.linkedin.com/posts/maurantoniom_ctv-ctv-adfraud-share-7443336070198599680-43tC/
5. https://securitybrief.com.au/story/ctv-fraud-surges-140-as-ai-schemes-spread-globally/
6. truthsetsonline.com/
7. https://www.ana.net/content/show/id/pr-2025-08-programmatictrans/
8. https://www.linkedin.com/in/marc-dhalluin/