Before social media exists, advertisers used ad exchange networks to promote ads on different websites. Some of those websites are fake.
A group of black-hat hackers will create fake versions of premium websites with resembling domains (e.g., cnn-24hours.com) and make them available through the ad exchange network inventory.
The ad network will give them code snippets they can place in the fake websites. The websites are built in a way that tricks the ad network into think they are a major website, and thus they will have priority over other sites.
How do they make money? Ad networks pay publishers based on ad clicks. Which means these fake websites need traffic, and the traffic can be faked as well. The hackers will create bots that act like human browsing through the web, which generates ad clicks.
As an advertiser, how can you protect from this? Well, the obvious answer is not to advertise in ad networks. That’s why when you go to https://www.facebook.com/ads.txt, Facebook says “Facebook inventory (…) and cannot be purchased programmatically through open exchanges”.
There are more advanced ad exchange networks like AdEx that uses blockchain technology to prevent fraud. The reality is open ad exchange networks aren’t smart enough to detect fake websites yet, so your ad dollars are more secure in closed ad networks like social media channels.