24 February 2021, Dublin, Ireland. AdSecure, the innovative cybersecurity company that provides digital publishers and platforms with modern solutions to ensure the delivery of safe, high quality digital ads, today announced the release of its 2020 Violations Report.
For this report AdSecure analysed more than 1 million ad campaigns across multiple regions, devices, and browsers for partners between 1st January to 31st December 2020. These findings provide insights into cyber criminal behaviour throughout the year: Where they were most prolific, how they delivered their attacks, their malicious weapons of choice, and what AdSecure's detections revealed in order to stop and protect end users from malicious ads.
Key Insights
42.48% of scans detected some form of malvertising: Compared to 2019 AdSecure detected 4,248 violations (up 57% ) out of every 10,000 scans in 2020. The main types were adware, malware, scareware, phishing URL, auto downloads and auto redirects.
Malvertisers can place malvertising throughout the digital ad flow: Cyber criminals can place threats inside the ad format creative and in the landing page the ad redirects to, then the bad actor also locks the user on the landing page whilst malware automatically downloads to the victim’s device. AdSecure found 10.01% of analyses contained at least 3 violations and 4.21% contained at least 2 violations. Up 3.1% and 4.76% respectively compared to 2019.
The COVID effect: During the first lockdown of 2020 malicious attacks grew exponentially hitting a peak of +116.14% on 28 March. AdSecure detections discovered that some malvertisers used ad creatives using logos of well known brands including the World Health Organisation, GooglePlay, Walmart, Amazon and Intermarché for phishing URL and auto download violations.
Top GEOs for malvertising attacks: Throughout 2020, as lockdowns were lifted then reintroduced AdSecure tracked which GEOs were the biggest prime targets for malvertising attacks. AdSecure detected that the US was the top GEO for malvertising attacks followed by other English speaking GEOs Canada, UK and Australia. Brazil, France and India were also top targets.
Malvertisers weapons of choice: AdSecure looked at the top 5 GEOs for violations in 2020 and discovered that both Scareware 48.84% and Browser Lockers at 43.63% were by far the most common choice for malvertisers. The top GEO for Scareware was Israel with a huge 90.24% of the country's detections. India had the most Browser Locker detections at 78.84%. Germany had the largest share of Malware detections at 5.35%. The top country for Phishing URL was Brazil at 14.89%.
AdSecure’s Sales Manager Bryan Taylor commented, “Throughout 2020, malvertisers showed how quick they could be to adapt to new situations in order to extract profit from bad ads. There is opportunity in crisis, and the Covid-19 pandemic provided the perfect cover with which to manipulate digital consumers through online ads. From social engineering scams that play off the iconography of major brands, to Scareware attacks that took advantage of the massive increase of remote workers and the very fear of the virus itself, bad actors showed no qualms about extracting profit from misery.”
Taylor continues, “These types of behaviour will likely continue into 2021. With more people online than ever before, malicious, misleading, and scam ads will continue to challenge the digital advertising industry. In order to stop these ads from harming end users, dissolving consumer trust, and weakening the overall ecosystem, digital platforms and publishers need the resolve to tackle the problem head on, and the right tools to eliminate them.”