• All Articles

Malvertiser activity in the US vs the EU in Q1 2024

By Anna

May 29, 2024

Violations ReportBrand SafetyMalvertising
Copy of Adsecure New Web (1)

In Q1 2024 we examined worldwide Malvertiser trends to help you protect your online business and your end users against Malvertising attempts and bad ads. To continue giving you key insights to protect your ad supply chain, we want to show you in more detail what we discovered comparing the US and EU for the first quarter of the year. Malvertiser activity in the US vs the EU in Q1 2024 combined accounted for 32.8% of all violations detected worldwide during the first quarter of 2024, with 14.8% violations being detected in the US, and 17.9% in the EU. Digging deeper, we discovered several dangerous user security violations detected in the US and the EU, as well as several threats to end user experience that could seriously impair website revenues and metrics. Continue reading to find out how to protect your audiences against unsafe content in the EU and how to protect your online brand in the US against online threats!

In Q1 2024, the top 5 violations in EU across all categories in Q1 2024 were:

Top 1: Unsafe-content-adult (User Advisory) 20.3%
Top 2: Landing-page-error (User Experience) 18.9%
Top 3: Ssl-non-compliant (User Security) 17.7%
Top 4: Malicious-url-virustotal (Use Security) 12.5%
Top 5: Suspicious-tld (User Advisory) 9.8%

On the other hand, top 5 violations in US across all categories in Q1 2024 were:

Top 1: Back-button-hijack (User Experience) 26.8%
Top 2: Javascript-dialog-on-entry (User Experience) 24.1%
Top 3: Ssl-non-compliant (Use Security) 13.6%
Top 4: Landing-page-error (User Experience) 12.6%
Top 5: Suspicious-tld (User Advisory) 7.9%

Now, let's find out more about Malvertiser activity in the US vs the EU, including the most threatening online security violations in the EU and the US, how to comply with the IAB Standards in the US and protect your EU based online business against Malvertising:

‘21.1% of scans in the US vs. 36.7% scans in the EU detected User Security violations.’

First category in this Malvertiser activity in the US vs the EU in Q1 2024 comparison is User Security: Our systems detected more User Security violations in the EU than in the US, specifically a +73.9% more! User Security violations can be very scary and unsettling for the end user, seriously compromising their device’s security and their private information, at times causing sizable financial losses! Continuing on we compare the top 5 most Dangerous user security violations detected in the US and in the EU in Q1 2024.

The Top 3 most threatening online security violations in the EU are:

  • Malicious-url-virustotal accounted for 41.20% of all User Security Violations in the EU
  • Ssl-non-compliant detections were 58.30% of all User Security violations
  • Browser-locker accounted for 0.4% of all violations within the category in Europe

The Top 3 dangerous User Security violations detected in the US are:

  • Malicious-url-virustotal detections were 35% of all violations within the category in the US
  • Ssl-non-compliant accounted for 64.60% of all User Security violations in the US
  • Browser-locker accounted for 0.3% of all violations within the User Security category

About the top 3 User Security violations in Q1 2024's Malvertiser activity in the US vs the EU comparison: 

Malicious-url-virustotal: Malicious URLs, which were more present in the EU than the US, host non-compliant content including spam, phishing, drive-by exploits and more. This detection’s intention is luring unsuspecting end users into scams that could easily end up in substantial monetary loss, theft of private information, and Malware installation.

Ssl-non-compliant: These are corrupted ads that contain unsecured items in their resource chain such as landing page links, which can cause security issues. This violation is in most cases flagged after a misplaced or badly secured item in the resource chain. However, when done deliberately, Ssl-non-compliant is a MITM (man-in-the-middle) attack designed to steal and alter sensitive end user information.

Browser-locker: This violation blocks the end user’s ability to use browser functions to force them to either change browser settings (For instance, enable Push Notifications), or request a ransom in order to release the browser lock. Any action that can close the browser, for instance clicking the close button or pressing shortcut keys, will end up in a warning Javascript message. This message shows a manufactured reason such as loss of user data or files, to ask them to pay in order to unlock their device.

‘65.3% of scans in the US vs. 36.5% scans in the EU detected User Experience violations.’

Detections in this category bother end users with annoying content hidden within websites’ corrupted ad campaigns. This can represent a huge issue for Publishers because it could lead to their end users becoming annoyed and leaving the website, a damaged brand reputation, Google penalizations and seriously shrunk revenue streams. +78.9% more User Experience violations were detected in the US compared to the EU in Q1 2024. This means that using specialized protection software such as AdSecure and learning how to provide the best user experience on US websites is key to keep your website up and running seamlessly.

The Top 3 User Experience Violations in the EU are:

  • Back-button-hijack violations accounted for 16.8% of all User Experience violations in the EU
  • Javascript-dialog-on-entry detections were 8.8% of all violations within the category
  • Landing-page-error made up 62.7% of all User Experience violations in the Europe

The Top 3 User Experience Violations in the US are:

  • Back-button-hijack made up 41.1% of all User Experience violations in the US
  • Javascript-dialog-on-entry accounted for 37.1% of all violations within User Experience
  • Landing-page-error violations were 19.4% of all End User violations in the US

Further insights on the top 3 User Experience violations  of Q1 2024:

Back-button-hijack: Back Button Hijacking is noticeably more prevalent in the US than in the EU; this is an ad security threat which manipulates the end user’s browser history, keeping them stuck on a certain page by inserting one or several redirects in their browser history, to then forward them back to that specific page. This abusive behavior of hijacking a user's browsing history has been considered a violation by Google Advertising Policies.

Javascript-dialog-on-entry: This detection highlights Javascript alerts that pop up without any interaction when entering a website or when the end user wants to close the active tab. Javascript dialogue boxes can be very alarming to the end user. They often appear as warning messages or confirmation dialogues asking for the end user's consent on specific options, impacting their user journey throughout a publisher site.

Landing-page-error: This detection makes reference to landing pages that aren't working properly or have been compromised. Because the end user is directed to a landing page with an error message, they can become scared that their security has been compromized. As an AdSecure client you would receive an alert when the system identifies a broken/dead link (404 Error, 5xx, timeouts, etc.) in the landing page or when a broken link is identified in the path between the click URL and the landing page. It could be a deliberate Malvertising attempt or simply a mistake by one of your Advertisers.

‘12.9% of scans in the US vs. 41.2% scans in the EU detected User Advisory violations.’

Following up in this Malvertiser activity in the US vs the EU is the User Advisory category, which covers online threats that could contain offensive material that isn’t appropriate for all audiences, as well as potential suspicious or fraudulent activity. +219.4% more User Advisory violations were detected in the EU than in the US in Q1 2024, which is a HUGE percentage difference! Meaning that it is paramount to find new tactics to protect your audiences against unsafe content in the EU. 

The Top 3 User Advisory violations in the EU are:

  • Suspicious-tld accounted for 28.7% of all User Advisory violations detected in the EU
  • Threat-intelligence accounted for 9.1% of all violations within the category
  • Unsafe-content-adult made up 59.5% of all User Advisory detections in the EU in Q1

The Top 3 User Advisory violations in the US are:

  • Suspicious-tld violations made up 61.2% of all detections in the US in Q1 2024
  • Threat-intelligence accounted for 10.9% of all violations in the User Advisory category
  • Unsafe-content-adult made up 23.6% of all US User Advisory violations

Further User Advisory insights: Protect your audiences against unsafe content in the EU and the US

Suspicious-tld: These are top-level domains frequently used by cybercriminals who are setting up hosts for spam emailing, scams, shady software downloads, malware distribution, botnet operations and "phishing" attacks, or other suspicious content. Please note that it may not be necessary to block all domains flagged as suspicious, but it is our policy at AdSecure to inform you of their potential relationship to malicious activity so that you can make an informed decision.

Threat-intelligence: AdSecure’s Threat Intelligence tool performs a behavioral analysis on specific URLs to estimate the probability and the severity of violations, so that potential risks can be eliminated before going LIVE. The risk score classes potential risks from higher to lower using a scale from 5 to 0. The higher the risk, the more likely it is that the URL will present violations.

Unsafe-content-adult: With a +152.1% more presence in the EU than in the US, this violation shows nudity and non-age appropriate content in seemingly clean ad campaigns. This type of content may not be desirable for a Publisher’s website and can be very damaging to their brand. Bear in mind that even though a Malvertiser may have used a non-adult related creative when the campaign was first approved, they can change the creative after the approval process to show unsafe content. In order to keep ad supply chains clean at all times, AdSecure scans image creatives for unsafe content, scanning for Adult elements such as nudity before and after the campaign has been launched. Whether you are an Ad Network or a website Publisher, it is important to protect your audiences against unsafe content in the EU especially but also in the US. 

‘0.4% of scans in the US vs. 5.8% scans in the EU detected IAB Standards violations.’

Last but not least in this Q1 2024 Malvertiser activity in the US vs the EU comparison is the IAB category. Once again noticeably more IAB Standards violations were detected in the EU, specifically +625% more violations detected in the EU compared to the US! Wondering how to help your Advertisers comply with the IAB Standards in the US and in the EU, and why is it important? Not complying with the IAB Standards can seriously negatively impact website performance, impairing user experience and reducing the likelihood of ad clicks and decreasing eCPMs and revenues. Google can also penalize or block websites that fail to meet ad weight and quality standards, making it crucial for both Ad Networks and Publishers to take ad quality seriously! 

Here are the IAB online threats detected by AdSecure across South Asia and the US:

The Top 3 IAB Standards Violations in the EU are:

  • Iab-ad-dimensions accounted for 87.1% of all EU IAB Standards violations
  • Iab-ad-compression made up 7.9% of all IAB Standards Violations in the EU in Q1
  • Iab-ad-weight violations were 4.6% of all violations within the category in the EU

How to comply with the IAB Standards in the US? The Top 3 IAB Standards Violations in the US are:

  • Iab-ad-dimensions made up 63.1% of all US IAB Standards violations
  • Iab-ad-compression accounted for 17.6% of all US violations within the category
  • Iab-ad-weight violations were 13.9% of all US IAB violations

Further IAB Standards violations insights: How to comply with the IAB Standards in the US and the EU

Iab-ad-dimensions: The IAB recommends ad dimensions to be in the range of 100x200 - 150x300 so that it can be shown its best across devices and browsers. So, not abiding by this specific standard means that websites will show badly displayed ads that will most likely not convert, and will give a bad image to the website where they are being displayed, as well as to the advertiser promoting the ad campaign!

Iab-ad-compression: This detection flags ads that are not delivered in a compressed format. To optimize the file size for delivery of an ad to a browser, the assets within the ad should be delivered in compressed formats such as gzip.

Iab-ad-weight: This violation detects ads that are too heavy and are not compliant in terms of weight (initial load and sub-load). This detection will flag ads that are not compliant with the IAB standards in terms of ad weight (initial load and sub-load). IAB recommends an ad size with an initial load of maximum 50KB and a sub-load of maximum 100KB.

Conclusion: Prevent Malvertiser activity in the US vs the EU with AdSecure

Whether you are US or EU based, it is paramount to build robust strategies to protect your audiences against unsafe content in the EU and in the US. Are you wondering how to comply with the IAB Standards in the US and in the EU? Or maybe you need specialized software against the most threatening online security violations in the EU to protect your EU based online business against Malvertising. AdSecure allows Publishers and Ad Networks to monitor their ad supply chain pre and post campaigns launch, block threats, and reject or delete bad ads to help you keep all parties safe, including your end users and online reputation. Contact us now to learn more!

Share this article on

Anna

Blog