AdSecure is a member of TAG in order to continue increasing trust and transparency in digital advertising and ensure online brand safety.Continue reading
With ad security detections increasing in numbers year on year, malvertising continues to be a cause of concern for ad networks and publishers across the globe. This is why AdSecure strives to continuously optimize its ad security tools and features to continue to protect your online business for monetizing ads and end users, from malicious campaigns and poor quality advertising. And not only that, we also bring you up-to-date information about malvertising activity through our quarterly and yearly Violations Reports. This time, we are comparing malvertising trends in the UK from Q2 against Q1 2023.
UK malvertising detections: Categories comparison Q1 & Q2 2023
If we take a deep dive into AdSecure’s Violations Report Q1 & Q2 2023 we will see the evolution of the 4 violations categories detected during the 2 quarters. So let’s see the breakdown of UK malvertising detections in Q1 & Q2 2023 in categories:
User Security category: 16% of all violations in the UK were within the User Security category in Q1 and 24% in Q2, which is an increase of 50% in the second quarter. This category detects violations that have a serious potential to compromise the end user’s safety and welfare.
User Experience category: 34% of all violations in the UK were within the User Experience category in Q1, and 31% in Q2, which is a decrease of -8.2%. User Experience violations affect end users with malicious and annoying activity within the ads they interact with.
User Advisory category: 49% of all violations in the UK were User Advisory violations in Q1 and 42% in Q2, which is a decrease of -14.2% comparing Q1 with Q2. User Advisory violations detect offensive content that isn’t suitable for all users, as well as suspicious or fraudulent activity.
IAB Standards detections: 1% of all violations in the UK, that 1 in every 100 campaigns, did not meet industry IAB Standards in Q1, and 3% (3 in every 100) in Q2, which is a massive increase of +200%! IAB standards violations measure the performance of ads against the IAB Industry standards to stay industry compliant.
Top 10 GEOs for malvertising attacks
Now, let’s identify the top 10 GEOs with the highest volumes of malvertising attacks detected in Q2 2023:
Top 1: USA (33.4%)
Top 2: Thailandia (11%)
Top 3: India (8.7%)
Top 4: Philippines (7.7%)
Top 5: United Kingdom (7.6%)
Top 6: Germany (7.1%)
Top 7: Brazil (6.8%)
Top 8: Italy (6.1%)
Top 9: Malaysia (6%)
Top 10: France (5.6%)
As we can see above, the UK is number 5 within the top 10 GEOs where most violations were detected by AdSecure. Also, 26.6% of all violations worldwide were detected in Europe in Q2 2023, meaning that Europe is the second region with more cybercriminal activity, right after the USA (with 33.4% of all detections). Additionally, the United Kingdom is the country which has the highest number of violations detected within Europe, with a total of 7.6% malvertising attacks in Q2. Germany follows closely with an average of 7.1% malvertising attacks. Italy and France come next with 6.1% and 5.8% respectively. So, as we can see, a large portion of Europe was affected by malvertising in the second quarter of 2023. Lastly, the United Kingdom had a significant increase of +18.1% of violations detected, comparing Q1 to Q2. As a result of the increase in malicious ad campaigns, more and more publishers, ad networks and ad operations teams need to offer a secure ad browsing experience and guarantee an excellent end user experience.
What are the top 10 UK Malvertising Trends for Q1 & Q2 2023?
AdSecure’s ad safety and ad quality solutions provide powerful and in depth scans to detect malicious advertising and poor ad quality globally, which is why we can give you useful insights to learn cyber criminal activity patterns and protect your online business and end users. In the following table, you can see the top 10 UK malvertising trends ordered by the biggest changes, when comparing Q2 with Q1:
Let’s then look into the most popular online advertising threats that revealed significant increases in the UK in Q2 2023. At the top of the table we have the Iab-ad-dimensions, which we will talk about later in this article, together with the rest of IAB Standards based detections.
+145.4% increase in Malicious URLs
Malicious URLs showed an enormous increase of +145.4% in Q2 compared to Q1. Scammers create and distribute these malicious or dangerous links and try to trick end users into clicking them, sometimes in order to steal their data and sensitive information. Once end users get to these websites, they are dangerously exposed to malicious software, viruses, or other threatening content.
Malvertising insight: It is advisable to run regular analyses pre and post launch, since an ad landing’s URL can be changed anytime by the Malvertisers, and they tend to do it post-launch after bypassing initial compliance and security checks. This means that a compliant URL can be changed into a malicious one at anytime if regular scans aren’t run!
+75% increase in Permission Notifications
In second place, Permission Notification violations had a significant increase of +75% in Q2 compared to Q1. This violation requests permission to send notifications to the end user to access their device’s camera, microphone, geolocation, clipboard, etc. Although not dangerous in all cases, it can be quite a disconcerting and alarming violation, making the end user feel unsafe upon clicking an ad on your website.
Malvertising Insight: The Permission Notification violation offers a very poor user experience because it sends your end users unsolicited alerts asking for unknown apps to get permissions to access personal information, making them feel that their privacy is under threat. Besides, malvertisers use them in the hope that the end user clicks to accept and then the bad actors can access personal files and data from the end user's device, for instance tracking their location for non compliant targeting purposes.
+60.8% increase in SSL Non Compliant
With the highest number of violations detected both in Q1 and Q2 within the top 10 ranking, ssl non compliant increased by +60.8% in Q2 compared to Q1. In brief, SSL Non Compliant detections refer to ads that contain at least one unsecured item in the chain of resources (unsafe, no https, mixed content, ssl version or cipher mismatch).
Malvertising Insight: As you probably know, the ‘s’ in https on a website stands for secure encryption, which can only be guaranteed with an SSL certificate. By not installing an SSL certificate on your website or landing page, you are leaving your website and your end users open to numerous risks of bad ads such as phishing, non-payment, and personal data violations, especially if they are meant to hand over sensitive information such as credit card information, home addresses, and financial data. It is then key to make sure that the SSL certificate is always present both as a website publisher, or as an ad network when assessing the URLs in an ad supply chain.
+60.7% increase in Back Button Hijacks
Back Button Hijacking is an ad security threat which manipulates the end user’s browser history, keeping them stuck on a certain page by inserting one or several redirects in their browser history, to then forward them back to that specific page. It could be used to redirect the end user to dangerous pages containing scam or phishing content designed to steal their data!
Malvertising Insight: Whenever Back Button Hijack scripts are detected, the AdSecure system will notify our clients in real time so they can take faster action on their campaigns. This detection is crucial to prevent publishers and ad networks from keeping their ads and campaigns fully compliant and maintaining a positive online reputation.
IAB Standards Detections
AdSecure is the best malvertising prevention and ad quality solution on the market today, as it offers the IAB Standards detection tool that scans ads to verify that they are aligned with the Industry Standards. The number of IAB Standards detections increased a whooping +200% in Q2!
This category also experienced huge increases on each detection independently. Let’s have a look:
- Iab-ad-dimension experienced an increase of +231.40% in Q2: This detection will flag ads that are not compliant with the IAB standards in terms of ad dimension, so ads displayed are squashed or pixelated.
- Iab-ad-compression increased by +180.20% in Q2: This detection will flag ads that are not compliant with the IAB standards within this category, which means they are not delivered in a compressed format.
- Iab-ad-weight increased by +166.80% in Q2: This detection will flag ads that are not compliant with the IAB standards in terms of ad weight (initial load and sub-load).
- Iab-request-count increased by +125.10% in Q2: This detection will flag ads that are not compliant with the IAB standards in terms of ad request count. IAB recommends a maximum of 10 requests.
Malvertising insight: As we can see, huge increases all across the board! AdSecure’s IAB detections are a great tool for ad networks and publishers to use to identify advertisers who need to be educated about industry standards. By identifying specific campaigns, the ad network or publisher then contacts the advertiser and asks them to re-submit the campaign with the correct weight, size, compression, etc. Campaigns that are aligned to the IAB standards lead to higher levels of user engagement and overall conversion, which means that providing compliant ad creatives plays a key role in maximizing revenues. Also, website performance can be impacted negatively if industry standards are not met, creating a bad user experience, affecting publisher eCPMs and possible Google rankings.
Dangerous and annoying violation increases outside of the Top 10
Although not in the top 10, the next 3 violations can cause significant disruptions in user experience on publisher websites, either by annoying them with unwanted notifications, or downloading dangerous software that will seriously impair the end user’s welfare and privacy. The 3 detections experienced steep increases in Q2 2023.
+525% increase in Auto Vibrate
The biggest increase (+540%) comparing Q2 to Q1 is for Auto Vibrate. This violation might not have the highest numbers, however as we can see it has experienced a HUGE increase in the UK in less than half a year, which means that it is wise to keep an eye on this specific violation when running ad security scans through the ad supply chain. Auto Vibrate ads automatically vibrate on the user's device when they reach the malicious advertiser’s landing page. This provides a bad navigating experience for the end user and can cause them to feel unsafe since their device has vibrated for no apparent reason! Which could cause them to leave your website immediately and affect your online brand’s reputation.
Malvertising insight: This detection is based on the malicious use of the HTML5 vibrate API. This protocol is also used for some browsers which vibrate as an alert if a virus or problem has been detected. So, it could be difficult for the end user to see the difference between the real alert and the malicious one, especially if the malicious one has been paired up with an auto-pop with a warning. So, aside from being irritating for the end user, it could pose a threat for their safety if delivered by the hands of a very skilled malvertiser!
+216% increase in Pop Ups
Similar to Auto Vibrate, Auto Pops are ads that automatically trigger pops (both Pop Ups and Tabunders) without user interaction. Google penalizes websites that show Pop Ups to end users. In Q2 there was a massive detection spike with malvertisers concentrating a lot of activity using this violation.
Malvertising insight: Aside from providing, once again, a less than ideal end user experience launching unwanted pop messages all over the place, some Pop Ups can automatically trigger and download malicious software into the end user’s device! So, once again, this violation can be a considerable threat for the end user’s device and privacy.
+133% increase in Auto Downloads
Auto Downloads are ads that automatically download a file/executable application without user interaction, which can contain harmful files, viruses, or malware that are quietly installed on the user’s device. This can be dangerous as most of the time the end user is totally unaware.
Malvertising insight: This violation could be especially dangerous for Android users, since the Android operating system uses APK (Android Package Kit) files to install legitimate applications, but these can be manipulated by malvertisers to distribute malicious software! Malicious APK files can be disguised as popular apps, games, or utilities, tempting users to install them. Once installed, these files can gain unauthorized access to sensitive data, take control of devices, or cause other harmful actions.
Are you an ad network or publisher looking for the best malvertising detection solution in the industry? AdSecure is a powerful ad safety and quality solution that monitors the ad supply chain in order to detect and eliminate malicious activity, such as dangerous, non-compliant or low quality ads. Aside from that, at AdSecure we also make available to you annual and quarterly Violation Reports through comprehensive analyses to provide useful insights to learn malvertising’ trends and avoid malicious activity impacting your business. Why not start a 14-day free trial and start protecting your online business and end users now! Or you can get in touch to ask for more information to our expert team.
According to the latest United Nations Report online scam violations in South Asia, billions of dollars are being generated each year by gangs who coerce victims into committing cyber crimes globally! According to the report, hundreds of thousands of people in Asia have been trafficked and forced to work for online scamming operations across South East Asia. Most of these victims are migrants in vulnerable situations who face a range of human rights risks, however some countries' nationals are also being targeted. These online scam operations are mainly rooted in the rise of online casinos and gambling pages in the South East Asian region during the Covid pandemic. Such pages are officially banned to varying extents in China, Cambodia, Thailand and Lao PDR, creating the right out of the law environment for cybercriminals to exploit victims using cryptocurrency fraud, illegal gambling and other online scam violations. To help you protect your online business and end users from these dangerous cybercriminal malvertising scams in South Asia, from AdSecure we bring you the top malvertising trends perpetuated by cyber criminals in South Asia in Q1 2023:
Forcibly recruiting victims to become cybercriminals in South East Asia
The main focus by cybercriminal gangs is to exploit online businesses and e-commerce platforms across the world by using cryptocurrencies and online gambling scams, which is why criminal gangs have targeted multilingual individuals across South East Asia, as online casinos have become more popular globally, since the pandemic. While many of the victims were from South East Asia, the UN estimated that about 120,000 victims are in Myanmar and 100,000 in Cambodia, while tens of thousands more people are being forced to work in Laos, the Philippines and Thailand. The report’s author, Pia Oberoi, UN Senior Adviser on Migration and Human Rights for the Asia Pacific region, informs that victims from Southern Asia, Africa and Latin America are also involved.
To make things more complicated, many of the centers in which these targeted victims are forced into online criminal activity, are physically located in jurisdictions where governance and the rule of law are weak, and authority is contested. As mentioned above, individuals are forced or coerced to perpetrate online malvertising threats using a range of platforms including fake gambling websites and cryptocurrency investment platforms, as well as romantic and financial scams (also called “pig-butchering”), where fake romantic relationships or friendships are used to defraud online users of significant amounts of money. The scams are often highly sophisticated, with fake websites built to showcase fraudulent data in order to convince the target that there are significant profits to be made. People who are targeted can also receive small amounts of money to convince them of the legitimacy of the platform.
Now, let’s look into the sort of online malvertising threats detected in South Asia, according to the AdSecure Violation Report South Asia in Q1 2023.
Top 10 online malvertising threats detected in South Asia in Q1 2023
According to the AdSecure Violation Report South Asia in Q1 2023, the following were the top 10 online malvertising threats detected in South Asia in Q1 2023, across all categories:
As we can see, Ssl-non-compliant is on top, followed by Threat Intelligence. User Experience violations are the most popular, followed by User Advisory and then User Security - Let’s look at what has been going on within each category:
27.60% of scans in South Asia detected User Security Violations: The User Security category covers violations that harm the end user’s safety. The most used User Security violations detected in South Asia in Q1 2023 were Ssl-non-compliant and Malicious URLs with 22.40% and 5.2% respectively of the total top 10 violations.
Insight: Ssl-non-compliant violations are malicious ads that contain at least one unsecured element in their chain of resources, whether it is an unsafe link lacking encryption, no https, mixed content, a ssl version, or a cipher mismatch. This critical violation could cause the end user’s security being compromised, as well as being blocked by Google and flagged as insecure, which directly affects the reputation of the hosting website. The second violation detected within the category is Malicious URL, which are compromised urls used to direct users to dangerous and or non-compliant sites to steal their personal and sensitive information such as bank details and logins, or even trick them into downloading dangerous software. This can once again lead to serious consequences for the end user’s safety.
30.5% of scans in South Asia detected User Experience Violations: The User Experience category covers non-critical violations that can provide a poor user experience, driving them away from websites over time, if left unresolved. The following are the top 4 User Experience Violations detected in South Asia in Q1 2023:
Top 1: Back-button-hijack
Top 3: Landing-page-error
Top 4: Auto-redirect
User Experience violations affect end users with malicious and annoying activity within the ad campaigns they interact with. For instance, cybercriminals use hijacking back buttons to direct users to a different page when the back button is clicked. They want end users to stay on their page or site longer rather than leaving the website right away. Besides, both landing page error and auto-redirect violations impair user experience by manipulating the end user’s browser history, keeping them stuck on a certain page by inserting one or several redirects in their browser history, to then forward them back to that specific page.
Insight: Auto-redirect was also a popular violation in South Asia. This detection can become a huge problem for a website publisher’s brand reputation, as the Auto-redirect forces a web page to break out of any frame “framing" it, resulting in automatically redirecting the visitor to another website or landing page - This new page the end user gets redirected to can contain anything, from simply annoying or spammy to highly age inappropriate or dangerous content designed to steal the end user’s information.
41.5% of scans in South Asia detected User Advisory Violations: The User Advisory category can be compromised with malvertising trends that can be offensive material not appropriate for all audiences or the potential for suspicious or fraudulent activity. The following are the top 4 User Advisory Violations detected in South Asia in Q1 2023:
Top 1: Threat-intelligence
Top 2: Suspicious-tld
Top 3: Unsafe-content-adult
Top 4: Ad-crypto
Insight: The top violation within the category is Threat Intelligence and is based on AdSecure’s Threat Intelligence service, which reports if a URL is flagged with a violation detected in any AdSecure analysis during the previous 30 days. Malvertisers tend to hide several different types of violations in one single link, which makes it easier for them to sneak malicious activity in, even if 1 or 2 of their violations are detected. For instance, one same URL in an ad can contain a Phishing Threat, covered up by Ad Cloaking, and also contain Crypto Mining or Browser Locker Code. Even if the first 2 are detected, the user’s online welfare would still be at risk.
Top 5 online scam violations in South Asia in Q1 2023
According to the AdSecure Violation Report South Asia in Q1 2023, the following were the top 5 cybercriminal malvertising scams in South Asia in Q1 2023, across all categories:
As we can see in the table above, end user security was seriously compromised across South Asia in Q1 2023. In fact, supported by the United Nations Report online scam violations in South Asia, many of the online scams are quite sophisticated since they have been designed to convince end users that these fake phishing websites are legitimate. In addition to that, we see that Browser-locker is the top online malvertising scam detected with 36.21%, which shows us that cybercriminal malvertising scams in South Asia are very popular. However, following the ranking, in the second position in online scams we find Permission Geolocation which, simply put, is a permission request to track the user’s location.
Insight: Permission-geolocation requests permission to send notifications to the user to access their device’s geolocation. Permission requests are fairly common, when an end user downloads an app, or gives location access, etc. However, they are unsolicited and possibly alarming for an end user that has just clicked on an ad. Besides, cybercriminals use them in the hope that the end user clicks to accept and then the bad actors can access personal files and data from the end user's device, for instance tracking their location for non compliant targeting purposes.
As we can read in the United Nations Report online scam violations in South Asia, cybercriminal malvertising scams in South Asia are growing due to the underlying governance and socio-economic factors that fuel this growing illicit economy. Online malvertising threats detected in South Asia can be very frightening for both brands and users, making it crucial for ad networks and publishers to protect the end user’s wellbeing, whilst producing a great user experience for them, thus ensuring a great brand reputation. So how can AdSecure help you? If you are an ad network or a publisher and you want to protect your online business or website from criminal gangs and malvertising, AdSecure is the best ad protection solution in the industry. Start a 14-day free trial and let our Customer Success Specialists guide you through our platform and answer any questions you have about while testing our platform!