Here are our ad security predictions for 2022 where we look at 4 big events from 2021, which will provide further opportunities for cyber criminals using the online advertising ecosystem to reach unsuspecting internet users with new, inventive ways of exploitation.
Continue readingMalvertisers are boosting their Malware and Phishing scams
In Q4 of this year cybercriminals were making the news headlines. Angling Direct's domain, website and social media accounts were compromised by hackers, redirecting users to an adult website; Electronics retailer MediaMarkt got hit by ransomware that demanded $240 million dollars after stopping its online shopping service in Belgium and the Netherlands. In Q3 AdSecure also saw some big spikes in user security violations as bad actors launched their Summer attacks. Malware detections increased by 1285.19% with the majority concentrated in July and August. Phishing detections also increased by 413.97%. Adware, Browser Locker and Scareware also increased 15.74%, 8.65% and 4.82% respectively, and now, in Q4 detections for these user security violations are still high. To demonstrate some tactics used by Cybercriminals, here are two examples of Malware and Phishing campaigns, both recently detected and stopped by AdSecure:
#1 Malware attack in Turkey
Cybercriminals used Discord's Content Delivery Network to host malicious payloads. Discord is a popular VoIP, instant messaging and digital distribution platform used by approximately 140 million people.
Users can organize Discord servers into topic-based channels in which they can share text or voice files. They can attach any type of file within the text-based channels, including images, document files, and executables. These files are stored on Discord's Content Delivery Network (CDN) servers.
However, many files sent across the Discord platform are malicious, pointing to a significant amount of abuse of its self-hosted CDN by bad actors who create channels with the sole purpose of delivering these malicious files.
Malvertisers use infected campaigns to target online gamers, luring them into downloading fake versions of popular online games that actually contain malware. The image below is the landing page of one of these malware campaigns detected by AdSecure on 3 November 2021. As you can see the text is in English, only the month November (Karim) is in Turkish. Additionally note that egyptian gamers is spelt incorrectly.
This campaign triggered an apk file that downloaded automatically to the user's desktop or mobile device. When we checked the auto-downloaded file we discovered that the file was detected as Trojan/Malware by 15 security vendors.
The files are often renamed as Gaming software or Google PlayStore games to trick end users, and the file stored on Discord's CDN used the link in the following format: https://cdn.discordapp[.]com/attachments/{ChannelID}/{AttachmentID}/{filename}
How did AdSecure detect the malware?
AdSecure’s Ad Discovery tool works by first detecting and then analysing all ads it encounters on web or mobile site pages, engaging with the ads as a user would, performing analysis both on the main site page, and by clicking on each ad — be it a banner, native, popup, popunder, etc — to detect any malicious activity a user might encounter in the redirection paths of this campaign and on any landing page the end users could be sent to. Once the violation was detected, AdSecure notified the client in real-time so the client's compliance teams could identify the campaign and ban the fraudulent advertiser from their ad network to prevent the bad actor from infecting more end users.
#2 Phishing scams using fake Lucky Draws
Phishing is often considered as the easiest way for financial gain for Cybercriminals. One method is through fake Lucky Draws from well known social media platforms. To show an example, AdSecure detected the following scam on an entertainment website in the United Arab Emirates in September. The ad showed up as a popunder.
The scammers used the Whatsapp logo and fake likes and comments on this landing page to fool end users into believing the lucky draw was legitimate. However, once the user spun the wheel to win a prize, they were asked to give away their personal information and credit card details to receive a prize. The victims only realized that they had been scammed after being informed by their banks about unauthorised transactions. The scammers also changed the URL 2 days later, to promote an adult dating offer. The landing page showed pornographic images which is illegal in United Arab Emirates.
How did AdSecure detect the phishing scam?
The client used AdSecure's API integration giving them a full malvertising and ad quality control system including the detection of adult content. Once the violation was detected, AdSecure's API integration allowed the client to reject, suspend or further monitor the ads, redirection paths and landing pages in real-time, giving the client full control over their ad supply chain. The ability to be able to use AdSecure’s Ad Classification tool enabled the client to detect that the malicious URL was displaying adult content, so it could be quickly removed from their ad supply chain, without which, it could have caused the website severe legal problems in their country as well as potentially for end users that viewed the pornographic landing page.
Conclusion
Cybercriminals use more sophisticated methods to lure unsuspecting end users into parting with personal and financial information via malware and phishing and other user security violations. With the ever increasing time that internet users spend online on a range of different devices, it is more important than ever to defend and protect end users against malvertisers. Publishers and ad networks have a duty to serve clean advertising and keep their end users safe. That is why it is essential that publishers and ad networks have a 360 degree ad security and ad quality solution like AdSecure as their first line of defense against cybercriminals.
AdSecure releases Q1 & Q2 Violations Report 2021
AdSecure analysed over 100 million ad campaigns between 1st January to 30th June 2021. These findings provide insights into cyber criminal behaviour during Q1 & Q2.
Continue reading1 in 40 scanned ad campaigns do not meet the IAB Standards
As a prequel to AdSecure’s soon to be released Violations Report Q1 & Q2 we looked at whether ad campaigns were aligned with the IAB industry standards. This was carried out using AdSecure's IAB Standards detection tool that scans ads to verify that the ads remain compliant with the industry standard IAB recommendations. During Q1 and Q2 of 2021, AdSecure detected that 1 in 40 (2.4%) of all scans revealed ad campaigns were not meeting the IAB Standards. Out of those 2.4% of scans, the following graph shows the percentage detections related to each IAB Standard detection:
Insights: Ad campaigns aligned to the IAB standards lead to higher levels of user engagement and overall conversion, meaning that these standards play a key role in maximising revenue for each campaign.
Website performance can be heavily impacted if industry advertising standards are not met. It creates a bad user experience and end users are less likely to click on the ad, affecting publisher eCPMs.
Additionally, now that Google has added web content performance into it’s SEO rankings, monitoring for low performing ad content can help publishers ensure they avoid SEO penalties in the future. The weight of ad creatives is also important, because fast loading ‘light’ ads create a better end user experience and keep Publishers in line with Google’s Chrome web browser which unloads ads that use excessive amounts of a user’s bandwidth and device CPU. Unloaded ads show the following message within the Publishers ad zone where the ad should be:
This can also happen with HTML/Iframe campaigns where the creatives are not meeting IAB standards.
AdSecure’s IAB Standards detection tool is used by publishers and ad networks to identify non aligned campaigns in order to stop the campaigns before they cause publishers problems, and are a way for ad networks to contact advertisers to inform them to resubmit creatives in order to meet the industry standards and help them maximise their campaign revenues.
How malvertisers targeted the US in Q1 & Q2
The US is the top GEO for malvertiser activity, where AdSecure detected 20.9% of all user security violations. Here we show you what tools bad actors used to attack the US.
Continue readingWhy Real-Time Blocking isn't enough
Real-Time Blocking on it's own is not enough protection against Malvertising, we explain why you need a comprehensive, multi-staged approach for full protection.
Continue reading5 Things That Motivate Malvertisers and how we stop them!
We expose how cyber criminals can inject malvertising into your ad supply chain and how AdSecure stops it for you.
Continue readingAdSecure is virtually attending TES
Book a meeting and virtually meet with us.
Continue readingTry out AdSecure’s Self Sign-up Free Trial and get 100,000 free scans!
Unleash the power of AdSecure with our free 14 day trial.
Continue reading5 things Ad Platforms need to know about Bad Ads
Ad Platforms don’t take enough action to eliminate malvertising before it ends up on a Publisher’s site, here are 5 things that Ad Platforms need to know about bad ads.
Continue readingClient Case Study: Complete elimination of Malware attacks
How AdSecure eliminated Malware attacks and ensured a 95% decrease in Browser Locker and forced redirect attacks for client Traffic Factory.
Continue readingAdSecure releases 2020 Violations Report
For this report AdSecure analysed more than 1 million ad campaigns across multiple regions, devices, and browsers for partners between 1st January to 31st December 2020.
Continue readingAdSecure to virtually attend Internext
AdSecure's Bryan Taylor will be virtually attending Internext from the 10-11 February 2021.
Continue readingUser Experience in 2021: Three Predictions for the digital ads ecosystem
Lets take a look at some key predictions that could impact user experience in the coming year.
Continue readingHow do you deliver high ad quality?
How to build the right strategy against threats, poor user experience issues and get insights into ad performance to ensure you show high quality ads.
Continue readingHow non HTTPS resources can harm end user security and revenues
While many digital ad campaigns today are delivered using HTTPS for primary resources, non-secure HTTP subresources can still be present and will be blocked on websites in Chrome.
Continue readingInside AdSecure: IAB Standards
Keep the ads shown on your platform compliant with IAB recommendations using our IAB Standards widget and related detections.
Continue readingAdSecure releases Content Classification feature
Content Classification is a suite of classification solutions designed to help AdSecure partners both understand and control the visual elements within their digital ad content.
Continue readingDMEXCO@home
AdSecure is 'virtually' attending DMEXCO@home 23 & 24 September.
Continue readingA Problem for Publishers - The high cost of fighting malvertising ineffectively
Some publishers are employing an expensive non-technical solution to try to stop malvertisers: Hedging.
Continue reading