3 trending ad compliance problems in 2019… and how to solve them

Within the digital advertising ecosystem the challenge of securing ad creatives against malicious threats has historically taken a back seat to the bigger, “louder” problem of ad fraud. The impact invalid traffic has on the digital supply chain is often easier for stakeholders to get their heads around, leaving malvertising as a “quiet” problem that has allowed threat actors to fly under the radar and profit from the ensuing damage.

In 2015 an IAB report found an overall US$1.1 billion cost impact on digital advertising from malvertising attacks. Despite being less immediately visible, the problem of creative compliance is not new, and since 2015 attacks have scaled in lockstep with the digital ad ecosystem.

That’s the bad news. The good news is that awareness of the problem – and the resolve to fight it – has also grown. The quiet problem is finding its voice.

With programmatic exchanges making creative compliance a key pillar of their programmatic principles, and Google taking a near zero tolerance approach to abusive ads with the launch of Chrome 71, the focus on delivering clean, compliant creatives has sharpened dramatically. For publishers — and the networks and exchanges they partner with — the cost of inaction will soon become too high to ignore.

AdSecure has identified 3 problems that we expect to trend throughout 2019 and the best solutions to face them head on, and win.

Programmatic & Mobile ad spend: threat actors follow the money

The Problem:

The rise of programmatic ad spend continued throughout 2018, and in 2019 an estimated 65% of all money spent on digital ads will be traded programmatically. Advertisers will spend US$84 billion on programmatic advertising this year, and by 2020 the total is expected to rise to US$98 billion. The money flowing programmatically is massive, and there’s one certainty when discussing malicious activity: follow the money.

More money, more malicious problems. Everything swells in programmatic, creating an ideal breeding ground for dangerous attacks. With publishers losing visibility and control over exactly who is buying traffic, the question of facing malicious activity becomes a matter of when, rather than if.

Similarly, mobile ad spend comprised a staggering 75% of all digital ad spending in 2018, and that growth will continue in 2019. The amount of money involved in mobile advertising is like catnip for criminals. In November 2018, a malware campaign targeting iOS devices managed to hijack an astounding 300 million browser sessions within 48 hours. The culprit behind that attack is still active today.

The AdSecure Solution:

For publishers, negating the damage wrought by malvertising attacks on programmatic campaigns means taking back control to protect both visitors and the revenue streams that fuel the creation of new, engaging content. Trusted partners that embrace the need for transparency and a commitment to delivering clean, malware free programmatic campaigns are a must.

Working with partners who collaborate with dedicated ad verification vendors capable of scanning programmatic campaigns to detect malicious attacks is the best solution. Should ad networks and exchanges not show a willingness to provide that solution, publishers can take on a dedicated service directly, and possibly reconsider their future partner relationships.

With the power mobile campaigns hold in today’s digital advertising landscape, particularly those campaigns running on carrier networks, an anti-malvertising provider that enables their clients to scan campaigns across a global mobile carrier proxy network is key, as is being sure that you decide which campaigns are scanned using mobile carrier proxies, and the frequency. Control needs to be in your hands.

Ad Cloaking & IP Blacklisting: sleight of hand from cyber criminals

The Problem:

Threat actors are clever, and quite inventive when it comes to bypassing ad operations teams searching for bad ads. In order to avoid scrutiny, or risk their attack being stopped before the damage can be done, criminals often resort to ad cloaking via IP blacklisting. Once they have identified those IPs they want to avoid, they are added to a blacklist, which will then present the flagged IPs with a clean ad while the dangerous content creeps along to the intended target.

Some schemes go so far as blacklisting all standard datacentre proxies in a target location, making it difficult for a scanning solution that relies on these proxies alone to detect cloaked attacks. In this scenario, even a dedicated verification tool will be fooled into allowing dangerous attacks to slip through.

The AdSecure Solution:

What if you could take from cyber criminals their ability to know just which IPs to blacklist, but also nullify the benefits of blacklisting altogether? It’s entirely possible with the right approach to proxy coverage. Scanning ad creatives using an intricate network of Residential IPs makes it virtually impossible for an attacker to determine which IPs to blacklist, while making it counterproductive to do so, as these IPs belong to the very users they are looking to target.

Ad cloaking is a growing concern for many ad networks looking to protect their reputations for clean ad delivery and instill confidence in their publishing partners, but with an innovative approach to proxy usage it’s a concern that they can safely say they have covered.

Cryptojacking: a drain on (other people’s) resources

The Problem:

Cryptojacking attacks exploit computer processing power to mine cryptocurrencies without the owner’s consent or knowledge. It’s a relatively new way for hackers to generate profit from malvertising, but it’s definitely a growth enterprise. Last year over 34,000 sites were found running Coinhive, a javascript miner with both criminal and legitimate purposes.

Cryptojacking is growing because it’s easy money and relatively simple to use, even for those low on tech savvy. Cryptojacking is seen as less risky and more profitable than ransomware as it continuously generates income. It is also far more difficult to uncover than ransomware, lowering the fear of being caught.

One way to implement a cryptojacking program is by injecting a script into a digital ad or website. Once a user visits the infected site, or encounters the ad carrying the cryptominer the script is executed, leaving the user blissfully unaware.

This differs from typical malvertising attacks as there is no obvious damage to the user. It does, however, put a massive drain on the CPU of the users device. For individuals this can be annoying, but for a large organisation infected by a cryptojacking script, the costs of detecting and resolving performance issues, or replacing equipment can have a detrimental impact.

The AdSecure Solution:

Scan your creatives early, and often. When looking at dedicated solutions for scanning ad campaigns and detecting suspicious behaviour, a tool that gives you the ability to scan in large volumes will be most effective in protecting users from falling victim to a cryptominer that kills their devices over time.

One final thought: The importance of transparency and trust in your ad tech partners

Digital is unique in that the seller of traffic is responsible for what appears on their site, so ultimately it’s the publisher who gets the blame when something malicious is delivered to their visitors. That duty of care to the consumer means working with partners who understand the weight of that responsibility.

Transparency and trust are key in safeguarding users from harm. Partnering with compliance experts who bring a full spectrum approach to tackling malicious activity, and know that rather than holding control over protection tools and obscuring when they are used — and how often — it’s through empowering clients to take back control of ad creative quality that will ultimately lead to the creation of a secure digital advertising ecosystem.

AdSecure provides creative security solutions that empower our partners to take back control and keep their ads safe. We provide solutions for programmatic & mobile campaign scanning, and robust protection against ad cloaking & IP blacklisting via our innovative residential proxy model. Click here to learn more.

How AdSecure kept advertising safe in 2018

2018 is drawing to a close, and before we know it, 2019 will kick off in full swing, bringing with it new challenges and new opportunities. 2018 marked the launch of an amazing journey for our ambitious project. We overcame challenges, discovered new opportunities for growth, and drove our mission forward to empower our partners in the digital ad space to act with confidence and control when facing malicious activity.

With the holidays fast approaching, the AdSecure team thought it was a good time to take a look back at some of our 2018 highlights, and a few quick (spoiler free) hints at what’s coming for 2019.

Embracing evolution

Cyber criminals are always looking for new methods to advance the spread of – and to profit from –  malicious activity. At AdSecure we decided to tackle ongoing bad guy innovation with the mindset of continuing to evolve and adapt to stop criminals from ruining the experience of user’s looking to engage with great content.

In December 2017 we first introduced our innovative approach to combat cloaking and IP blacklisting techniques with our intricate network of standard, residential, and mobile carrier IPs spread around the globe. In 2018 we picked up right where we left off, adding new locations to expand the scope of our coverage, including Australia, Greece, Nigeria, South Africa, Taiwan, and United Arab Emirates to name a few.

Throughout the year we also continued to enhance the level of protection we provide for our partners. In 2018 we added scanning & support for:

  • Auto-redirects
  • SSL non-compliant
  • Push ads
  • Programmatic RTB Campaigns
  • Click-on banner
  • Native ad protection

AdSecure will continue evolving and adapting to face the newest, and most dangerous, digital threats as they surface by adding new locations, tools, and ad format protections throughout 2019.

Taking the show on the road

In 2018, AdSecure stepped out into the adtech world and officially announced our arrival as a new, ambitious start up with the goal of building a safer digital advertising ecosystem by bringing clarity, simplicity, and innovation to the ad creative verification process.

We chose to introduce ourselves at two of the biggest media shows in Europe. In both cases, it was an amazing experience for us, and we can’t wait to make an even bigger splash in 2019!

Mobile World Congress 2018  

Most of the AdSecure team live and work in beautiful Barcelona, so attending Mobile World Congress – the world’s largest mobile tech conference – was a no-brainer for us. The chance to introduce ourselves to stakeholders in the mobile advertising space and learn what is most important to them when it comes to keeping their campaigns compliant and malware free — and develop our solution informed by their insights and experiences — was invaluable.

 DMEXCO18  

Arguably the most important conference on the digital marketing calendar, at DMEXCO18 in Cologne we took to the stage, quite literally, as a first time exhibitor, joining some of the biggest ad networks, exchanges, and ad tech companies out there. The DMEXCO experience is exhilarating and at times overwhelming, but ultimately completely unforgettable.

Over the 12th & 13th of September we had an amazing time discussing the key issues companies face when it comes to tackling malicious activity and compliance challenges, and showing them how we can help keep their ads safe with our innovative approach to ad creative security. We also took the opportunity to announce the end of our platform beta, and the countdown to our full platform launch! In addition to having high quality conversations, we met fantastic people, and sparked great new relationships that led to strong partnerships in the months following.

As a DMEXCO freshman myself, for anyone out there in the digital world considering attending for the first time in 2019, take it from me: the experience cannot be beat. See you at DMEXCO19!

Setting the stage for 2019

Over the past few months our brilliant development team have been working hard to bring the new AdSecure user interface to life, in order to provide our partners with a robust, powerful, and easy to use platform that both protects their ad creatives from myriad threats, and helps them regain control of their digital landscape.

In November the team completed this goal, and we were delighted to announce the launch of our full AdSecure platform, both to our current partners, and future partners we are excited to work with in the coming years. Now, as we close 2018, our team is busy finalising work on the next key new addition to AdSecure, a real-time threat response tool which will allow our users to block malicious domains before they have a chance to damage – either to their own business, or that of their trusted partners.

For those who have been following us throughout 2018 — either as a collaborator, or as someone curious to learn more about us — we hope you’ve enjoyed the journey as much as we have. To all our clients who showed confidence and trust in the work we are doing, and helped us grow in leaps and bounds this year, we want thank you for trusting us to keep your ads safe. 

We also want to let you know that we have some big plans for 2019. We intend on starting the year on a high note straight away, with the announcement of a great new partnership, which we will tell you all about… next year! Watch this space.

Ad formats & how they can be corrupted: #2 Banners

What is a banner?

A banner ad, also known as a display banner, is an online advertising format that is typically a designed visual or an image accompanied by text or a call to action. When an end user clicks on the banner he is redirected to a landing page for the advertiser’s offer.

Why do cybercriminals target this format

Cybercriminals seek to take advantage of both display advertising and related ad landing pages to distribute multiple forms of malicious content, by leveraging the ad ecosystem to their advantage. The ad industry is a complex and powerful machine and with the growth of programmatic advertising, where the buying and selling of advertising is carried out automatically in real time, this can lead to a loss of control of the security of ads being served by ad exchanges and ad networks. The rise of programmatic advertising is helping to fuel the robust growth in malvertising. By replacing human decision making for the purchasing and placement of advertising with software in a machine to machine ecosystem, there are new opportunities for criminals to exploit display advertising to distribute malware and hide malicious code within a banner ad.

The banner is still one of the most used ad formats and because of its sheer global volume, the reach and exposure cybercriminals can achieve once they get a banner containing their malicious code to slip through the net, can be huge.

How do they do it?

Some of the most common ways criminals spread malicious banners include:

  • Malicious code hidden within the ad creative, which is enabled only once the campaign has been approved by an ad platform.
  • By compromising trustworthy and legitimate advertiser accounts on ad platforms.
  • The creation of fake identities (skype, linkedin…) in order to mislead someone in the ad chain.
  • Targeting high profile publishers rather than multiple low profile ones to maximize their exposure with a single rogue campaign.
  • Taking advantage of the naivety of end users, who mistakenly often think they need to actually click on a malicious ad to get infected

What examples has AdSecure seen of malicious advertising using this format?

Nowadays, the most common violations with banners are auto-redirects: when an infected ad is effectively being displayed on a publisher’s website, it can get to a point where the iframe will take over control of the website and redirect the visitors to malicious landing pages (containing social engineering content, or even worse, exploit kits).  

Additionally, banner ads can show inappropriate content, for example, a banner containing adult material being displayed on mainstream or even children’s websites, or the image and text of a banner ad that has been designed to mimic genuine warning alerts generated by computer security software.

What is the solution?

AdSecure helps ad platforms and publishers regain control and confidence by offering an ad quality solution capable of scanning, analyzing and detecting malicious and non-compliant ads and their related landing pages.

If you would like to find out more about incorporating AdSecure into your business, please visit our contact page for more information.