When advertisers talk about brand safety, they usually mean keeping their ads away from harmful content. The real risk is often quieter, though. It can be a fraudulent click from a script running in a data center, or an ad impression served to a hidden browser window, or a traffic source that looks fine on the surface but fails every behavioral check underneath.
Threat scoring is how modern ad fraud detection platforms assign a risk level to every impression, click, session, or domain before it can cause damage. It’s a model that takes in dozens of signals at once and produces a score that tells a network, an advertiser, or a verification vendor: how risky is this?
This guide explains how these models work, what signals they rely on, and where they fall short.
Contents
- What Is a Threat Score in Advertising?
- The Signals That Go Into a Threat Score
- GIVT and SIVT: Two Levels of Invalid Traffic
- How Domain and Publisher Risk Scores Work
- The Brand Safety Floor and Suitability Framework Explained
- GARM Brand Safety Floor and Suitability Framework — four risk tiers with content categories
- What Happens When Traffic Gets Flagged
- How to Customize Risk Thresholds for Your Campaigns
- Adex default scoring thresholds — signal types with their default risk levels and when to adjust them
- The Real Limits of Threat Scoring
- FAQ
- Wrapping Up
Key Takeaways:
- Threat scoring combines behavioral, technical, and contextual signals to assign a risk level to traffic and ad placements.
- GIVT (General Invalid Traffic) and SIVT (Sophisticated Invalid Traffic) are the two main categories of bad traffic, and they require different detection approaches.
- The same signal, such as a VPN (Virtual Private Network) connection, can be high-risk in one context and perfectly normal in another.
- Risk thresholds are configurable. A platform that lets you adjust what counts as “alert” traffic gives you far more control than one with fixed rules.
- No scoring model catches everything. Some sophisticated fraud is designed to pass detection, which makes layered defense necessary.
What Is a Threat Score in Advertising?
A threat score is a number that summarizes how likely a piece of traffic, a placement, or a domain is to harm a campaign. The harm can take several forms: wasted budget on non-human traffic, an ad shown on a page that violates brand standards, or a click that never had a real user behind it.
Unlike a simple blocklist (where a domain is either banned or allowed), a threat score is a spectrum. A traffic source might score low risk across most signals but trigger a warning for a specific behavior. That nuance is what makes scoring more useful than binary filtering, especially at scale.
Most scoring systems operate across three broad tiers: clean traffic, suspicious traffic that needs closer inspection, and traffic that should be blocked or redirected. The labels vary by platform, but the logic is the same across all of them.
The Signals That Go Into a Threat Score
Threat scores are built by combining many inputs, and the weight of each input depends on what the model has learned and what the advertiser’s risk tolerance is set to.
- Behavioral signals look at how a user interacts with a page: mouse movement patterns, scroll depth, time on site, and whether click timing follows a human rhythm or a mechanical one. These signals are strong evidence of real human presence, but they also take longer to collect than technical checks.
- Technical signals are faster to evaluate: IP (Internet Protocol) address reputation, device fingerprint, user agent string, browser type, operating system, and whether the reported location matches the actual one. A browser reporting itself as Chrome on Windows but missing standard Chrome fingerprint markers is a common bot signal.
- Contextual signals look at the environment around the ad: the size of the browser window, whether the ad was actually visible (or hidden inside an iframe that users never see), the time zone of the user versus the targeted region, and the domain where the ad appeared.
The weight of each signal is not fixed. For example, a VPN connection is not automatically suspicious – many real users run VPN software to access content or protect their privacy. But the same VPN signal combined with an unusual click pattern and a mismatched time zone starts to look like a problem. The combination matters more than an individual signal.
GIVT and SIVT: Two Levels of Invalid Traffic
The ad industry divides invalid traffic (IVT) into two categories, established by the IAB Tech Lab (Interactive Advertising Bureau Technology Laboratory), the body that sets technical standards for the programmatic advertising ecosystem.
- GIVT, or General Invalid Traffic, covers the most obvious cases: known data-center IP addresses, search engine crawlers, and ad monitoring tools that scan pages without representing real users. GIVT is relatively easy to detect because the sources are largely documented. Standard filtering removes most of it before it causes meaningful damage.
- SIVT, or Sophisticated Invalid Traffic, is the harder problem. This category includes bots that mimic human behavior, malware-infected devices that serve ads to hidden windows, click farms where real people are paid to generate fake engagement, and sophisticated proxy setups designed to evade detection. SIVT does not announce itself. It’s built to look clean.
The difference matters when you’re reviewing campaign reports. An advertiser who sees only GIVT-level filtering might believe their traffic is clean, while the real losses stem from undetected SIVT. From what teams running campaigns typically see, SIVT accounts for the majority of actual ad fraud losses, precisely because it’s designed to slip past basic filters.
How Domain and Publisher Risk Scores Work
Individual impressions aren’t the only thing that gets scored. Domains and publishers build a risk profile over time based on historical behavior:
- The rate of flagged traffic they’ve sent
- The content categories they serve
- Patterns of buyer complaints
- Whether they’ve been associated with documented fraud
Domain reputation scoring cross-references a site against known threat intelligence databases, checks its registration history, looks at hosting infrastructure, and flags anomalies in DNS (Domain Name System) records. A domain that was registered recently, is hosted on infrastructure tied to previous fraud activity, and shows unusual traffic patterns will score poorly even before a single ad runs on it.
This is where network-level risk assessment adds real value. A network running brand safety risk assessment across its full inventory can identify problematic publishers early, before buyers are exposed. Pre-bid filtering, which blocks a bid from going out when a domain fails a risk check, is more efficient than post-bid analysis, which catches problems after the budget has already been spent.
The Brand Safety Floor and Suitability Framework Explained
Beyond traffic quality, brand safety includes content adjacency risk: the chance of an ad appearing next to content that could damage a brand’s reputation. The industry standard for categorizing this risk is the GARM Brand Safety Floor and Suitability Framework, developed by GARM (Global Alliance for Responsible Media) and widely adopted by advertisers, platforms, and verification vendors.
The framework defines 13 content categories that carry risk for advertisers. Each category has four risk levels. The “Floor” level covers content that is never appropriate for advertising under any circumstances. Above the floor, “High Risk,” “Medium Risk,” and “Low Risk” categories let advertisers define their own tolerance.
GARM Brand Safety Floor and Suitability Framework — four risk tiers with content categories
The IAB Tech Lab’s Content Taxonomy 2.2 integrates directly with this framework, providing a shared vocabulary that publishers, SSPs (Supply-Side Platforms), DSPs (Demand-Side Platforms), and verification vendors can all use when describing a content environment. Without a shared taxonomy, a “safe” label from one party can mean something different to another, which makes consistent enforcement impossible.
For advertisers buying through ad networks, this taxonomy is the foundation of any meaningful brand safety configuration. A network that maps its inventory against these categories gives buyers a consistent reference point.
What Happens When Traffic Gets Flagged
A threat score doesn’t automatically delete a bid or a session. What happens to flagged traffic depends on how the network or the advertiser has configured the system.
The most common outcomes are:
- Blocking the traffic before an ad is served
- Redirecting suspicious sessions to a blank or neutral page instead of the advertiser’s landing page
- Logging the event for post-campaign analysis
Networks that support real-time redirects give advertisers more control: a session scored as an alert goes somewhere other than the campaign, protecting the landing page from bot interference without discarding the impression slot.
Reporting is where this becomes actionable for buyers.
Granular reports broken down by traffic classification, signal type, and source let teams identify patterns that a single blocked impression would never reveal. A publisher sending mostly good traffic except for one sub-placement that consistently triggers hidden-ad alerts is a different problem from a publisher whose entire inventory skews toward small-window fraud. Both need attention, but different responses.
How to Customize Risk Thresholds for Your Campaigns
One of the most underused features in fraud protection platforms is threshold adjustment. Most buyers stick with default settings and only notice something is wrong when too much traffic gets blocked – or not enough.
The defaults are built for an average campaign, not yours. Networks with advanced fraud protection let you change what counts as “suspicious” or “blocked.”
For example:
- Hidden ads, fake browser signals, and location fraud are blocked by default because there’s no good reason for them to appear in a normal campaign.
- iFrame traffic and VPN connections are allowed by default because they most often come from real users.
- Small window sizes – where the ad is technically served but no one can actually see it – are blocked.
- Time zone mismatches are flagged as warnings, not hard blocks, because they’re suspicious but not always fraudulent.
You can adjust any of these to match how your campaign works.
If VPN traffic is a problem for your offer, flag it. If IFrames are messing with your attribution data, block them. Just keep in mind: the more aggressively you filter, the less inventory you get. Change one setting at a time and check what happens before touching anything else.
Adex default scoring thresholds — signal types with their default risk levels and when to adjust them
| Signal type | Default | When you might change it |
|---|---|---|
| Hidden ads | Alert | Rarely — hidden placement is a near-universal fraud indicator |
| Fake browser | Alert | Leave as Alert unless your use case involves headless browser testing |
| Location fraud | Alert | Lower only if geo-accuracy is not a campaign requirement |
| Small window | Alert | Can soften for push notification formats where small windows are expected |
| Time zone mismatch | Warning | Raise to Alert for geo-sensitive campaigns; ignore for global runs where device/browser time zone drift is common |
| IFrame | Good | Raise to Warning if your brand safety policy restricts nested display placements |
| Proxy / VPN | Good | Raise to Warning or Alert if your offer is geo-locked and VPN traffic distorts your conversion data |
The Real Limits of Threat Scoring
No scoring model is complete, and saying so clearly is more useful than leaving it implied.
SIVT remains genuinely hard to catch when it’s well-built. Fraud operations that use real devices infected with malware, introduce human-like behavioral variation, and rotate IP addresses regularly can produce traffic that passes most standard checks. Detection vendors across the industry report residual fraud rates even after filtering. The exact rate depends on the campaign type and traffic category, but zero is not a realistic target at any scale.
False positives are the other side of the same problem. An overly aggressive scoring model blocks real users along with bots. A user browsing through a corporate proxy, a traveler running VPN software, or a real mobile user with an unusual device configuration can all produce signals that look suspicious. From a buying-side perspective, the cost of false positives is often invisible in reports but very real in campaign performance.
Threat scoring is most useful when it’s treated as one layer in a wider approach, not as a complete solution on its own. Combining pre-bid domain filtering, real-time behavioral scoring, post-bid traffic analysis, and regular publisher review gives you overlapping coverage that makes residual fraud much harder to sustain over time.
FAQ
What is a threat score in digital advertising?
A threat score is a number assigned to traffic, a user session, a domain, or an ad placement based on how likely it is to represent fraud or a brand safety risk. The score combines behavioral patterns, technical signals, and contextual factors like ad visibility and geographic consistency.
What is the difference between GIVT and SIVT?
GIVT (General Invalid Traffic) covers known non-human sources like data center IP addresses and web crawlers. These are relatively easy to filter because they’re documented. SIVT (Sophisticated Invalid Traffic) covers more advanced fraud: bots that mimic human behavior, malware-driven impressions, and click farms. SIVT requires more sophisticated detection and is responsible for most actual fraud losses.
Why is the same signal sometimes flagged as fraud and sometimes not?
Because risk depends on context. A VPN connection is normal for a privacy-conscious user but unusual for a campaign targeting a specific city. A time zone mismatch is a minor warning for a global campaign and a stronger red flag for a geo-targeted one. Good scoring systems weigh signals based on campaign context, not just raw signal presence.
What is the GARM Brand Safety Floor?
GARM stands for Global Alliance for Responsible Media. The Brand Safety Floor is the baseline set of 13 content categories considered unsafe for advertising under any circumstances, regardless of advertiser preferences. It’s the foundation of the brand safety framework that most major platforms and verification vendors reference.
Can threat scoring catch all ad fraud?
No. Sophisticated fraud operations are specifically built to evade detection. Residual fraud rates persist even after filtering, and detection quality varies by model and by how frequently it’s updated to track new techniques. Threat scoring is an essential layer, but it works best as part of a broader approach that also includes publisher review and ongoing campaign reporting.
Wrapping Up
Threat scoring has become a standard part of how ad networks protect campaigns from invalid traffic and unsafe placements. But standard doesn’t mean automatic. The models have defaults designed for a typical risk profile. Your campaign is not typical.
The biggest question is whether you’ve configured it to match your actual situation: your regions, your format, your attribution model, and how much false-positive risk you can accept. A platform that gives you control over those settings is a tool you can work with. One that doesn’t gives you a number you can read but not act on.