• All Articles

Malvertising trends in the UK in Q1 & Q2 2023

By Maria_Serra

September 15, 2023


With ad security detections increasing in numbers year on year, malvertising continues to be a cause of concern for ad networks and publishers across the globe. This is why AdSecure strives to continuously optimize its ad security tools and features to continue to protect your online business for monetizing ads and end users, from malicious campaigns and poor quality advertising. And not only that, we also bring you up-to-date information about malvertising activity through our quarterly and yearly Violations Reports. This time, we are comparing malvertising trends in the UK from Q2 against Q1 2023.

UK malvertising detections: Categories comparison Q1 & Q2 2023

If we take a deep dive into AdSecure’s Violations Report Q1 & Q2 2023 we will see the evolution of the 4 violations categories detected during the 2 quarters. So let’s see the breakdown of UK malvertising detections in Q1 & Q2 2023 in categories:

2 1

1 1

User Security category: 16% of all violations in the UK were within the User Security category in Q1 and 24% in Q2, which is an increase of 50% in the second quarter. This category detects violations that have a serious potential to compromise the end user’s safety and welfare.

User Experience category: 34% of all violations in the UK were within the User Experience category in Q1, and 31% in Q2, which is a decrease of -8.2%. User Experience violations affect end users with malicious and annoying activity within the ads they interact with.

User Advisory category: 49% of all violations in the UK were User Advisory violations in Q1 and 42% in Q2, which is a decrease of -14.2% comparing Q1 with Q2. User Advisory violations detect offensive content that isn’t suitable for all users, as well as suspicious or fraudulent activity.

IAB Standards detections: 1% of all violations in the UK, that 1 in every 100 campaigns, did not meet industry IAB Standards in Q1, and 3% (3 in every 100) in Q2, which is a massive increase of +200%! IAB standards violations measure the performance of ads against the IAB Industry standards to stay industry compliant.

Top 10 GEOs for malvertising attacks

Now, let’s identify the top 10 GEOs with the highest volumes of malvertising attacks detected in Q2 2023:

Top 1: USA (33.4%)
Top 2: Thailandia (11%)
Top 3: India (8.7%)
Top 4: Philippines (7.7%)
Top 5: United Kingdom (7.6%)
Top 6: Germany (7.1%)
Top 7: Brazil (6.8%)
Top 8: Italy (6.1%)
Top 9: Malaysia (6%)
Top 10: France (5.6%)

As we can see above, the UK is number 5 within the top 10 GEOs where most violations were detected by AdSecure. Also, 26.6% of all violations worldwide were detected in Europe in Q2 2023, meaning that Europe is the second region with more cybercriminal activity, right after the USA (with 33.4% of all detections). Additionally, the United Kingdom is the country which has the highest number of violations detected within Europe, with a total of 7.6% malvertising attacks in Q2. Germany follows closely with an average of 7.1% malvertising attacks. Italy and France come next with 6.1% and 5.8% respectively. So, as we can see, a large portion of Europe was affected by malvertising in the second quarter of 2023. Lastly, the United Kingdom had a significant increase of +18.1% of violations detected, comparing Q1 to Q2. As a result of the increase in malicious ad campaigns, more and more publishers, ad networks and ad operations teams need to offer a secure ad browsing experience and guarantee an excellent end user experience.

3 1 E1694775731724 1024x258

What are the top 10 UK Malvertising Trends for Q1 & Q2 2023?

AdSecure’s ad safety and ad quality solutions provide powerful and in depth scans to detect malicious advertising and poor ad quality globally, which is why we can give you useful insights to learn cyber criminal activity patterns and protect your online business and end users. In the following table, you can see the top 10 UK malvertising trends ordered by the biggest changes, when comparing Q2 with Q1:

4 1 1024x576

Let’s then look into the most popular online advertising threats that revealed significant increases in the UK in Q2 2023. At the top of the table we have the Iab-ad-dimensions, which we will talk about later in this article, together with the rest of IAB Standards based detections.

+145.4% increase in Malicious URLs

Malicious URLs showed an enormous increase of +145.4% in Q2 compared to Q1. Scammers create and distribute these malicious or dangerous links and try to trick end users into clicking them, sometimes in order to steal their data and sensitive information. Once end users get to these websites, they are dangerously exposed to malicious software, viruses, or other threatening content.

Malvertising insight: It is advisable to run regular analyses pre and post launch, since an ad landing’s URL can be changed anytime by the Malvertisers, and they tend to do it post-launch after bypassing initial compliance and security checks. This means that a compliant URL can be changed into a malicious one at anytime if regular scans aren’t run!

+75% increase in Permission Notifications

In second place, Permission Notification violations had a significant increase of +75% in Q2 compared to Q1. This violation requests permission to send notifications to the end user to access their device’s camera, microphone, geolocation, clipboard, etc. Although not dangerous in all cases, it can be quite a disconcerting and alarming violation, making the end user feel unsafe upon clicking an ad on your website.

Malvertising Insight: The Permission Notification violation offers a very poor user experience because it sends your end users unsolicited alerts asking for unknown apps to get permissions to access personal information, making them feel that their privacy is under threat. Besides, malvertisers use them in the hope that the end user clicks to accept and then the bad actors can access personal files and data from the end user's device, for instance tracking their location for non compliant targeting purposes.

+60.8% increase in SSL Non Compliant

With the highest number of violations detected both in Q1 and Q2 within the top 10 ranking, ssl non compliant increased by +60.8% in Q2 compared to Q1. In brief, SSL Non Compliant detections refer to ads that contain at least one unsecured item in the chain of resources (unsafe, no https, mixed content, ssl version or cipher mismatch).

Malvertising Insight: As you probably know, the ‘s’ in https on a website stands for secure encryption, which can only be guaranteed with an SSL certificate. By not installing an SSL certificate on your website or landing page, you are leaving your website and your end users open to numerous risks of bad ads such as phishing, non-payment, and personal data violations, especially if they are meant to hand over sensitive information such as credit card information, home addresses, and financial data. It is then key to make sure that the SSL certificate is always present both as a website publisher, or as an ad network when assessing the URLs in an ad supply chain.

+60.7% increase in Back Button Hijacks

Back Button Hijacking is an ad security threat which manipulates the end user’s browser history, keeping them stuck on a certain page by inserting one or several redirects in their browser history, to then forward them back to that specific page. It could be used to redirect the end user to dangerous pages containing scam or phishing content designed to steal their data!

Malvertising Insight: Whenever Back Button Hijack scripts are detected, the AdSecure system will notify our clients in real time so they can take faster action on their campaigns. This detection is crucial to prevent publishers and ad networks from keeping their ads and campaigns fully compliant and maintaining a positive online reputation.

IAB Standards Detections

AdSecure is the best malvertising prevention and ad quality solution on the market today, as it offers the IAB Standards detection tool that scans ads to verify that they are aligned with the Industry Standards. The number of IAB Standards detections increased a whooping +200% in Q2!

5 2 1024x576

This category also experienced huge increases on each detection independently. Let’s have a look:

- Iab-ad-dimension experienced an increase of +231.40% in Q2: This detection will flag ads that are not compliant with the IAB standards in terms of ad dimension, so ads displayed are squashed or pixelated.

Iab-ad-compression increased by +180.20% in Q2: This detection will flag ads that are not compliant with the IAB standards within this category, which means they are not delivered in a compressed format.

- Iab-ad-weight increased by +166.80% in Q2: This detection will flag ads that are not compliant with the IAB standards in terms of ad weight (initial load and sub-load).

- Iab-request-count increased by +125.10% in Q2: This detection will flag ads that are not compliant with the IAB standards in terms of ad request count. IAB recommends a maximum of 10 requests.

Malvertising insight: As we can see, huge increases all across the board! AdSecure’s IAB detections are a great tool for ad networks and publishers to use to identify advertisers who need to be educated about industry standards. By identifying specific campaigns, the ad network or publisher then contacts the advertiser and asks them to re-submit the campaign with the correct weight, size, compression, etc. Campaigns that are aligned to the IAB standards lead to higher levels of user engagement and overall conversion, which means that providing compliant ad creatives plays a key role in maximizing revenues. Also, website performance can be impacted negatively if industry standards are not met, creating a bad user experience, affecting publisher eCPMs and possible Google rankings.

Dangerous and annoying violation increases outside of the Top 10

Although not in the top 10, the next 3 violations can cause significant disruptions in user experience on publisher websites, either by annoying them with unwanted notifications, or downloading dangerous software that will seriously impair the end user’s welfare and privacy. The 3 detections experienced steep increases in Q2 2023.

+525% increase in Auto Vibrate

The biggest increase (+540%) comparing Q2 to Q1 is for Auto Vibrate. This violation might not have the highest numbers, however as we can see it has experienced a HUGE increase in the UK in less than half a year, which means that it is wise to keep an eye on this specific violation when running ad security scans through the ad supply chain. Auto Vibrate ads automatically vibrate on the user's device when they reach the malicious advertiser’s landing page. This provides a bad navigating experience for the end user and can cause them to feel unsafe since their device has vibrated for no apparent reason! Which could cause them to leave your website immediately and affect your online brand’s reputation.

Malvertising insight: This detection is based on the malicious use of the HTML5 vibrate API. This protocol is also used for some browsers which vibrate as an alert if a virus or problem has been detected. So, it could be difficult for the end user to see the difference between the real alert and the malicious one, especially if the malicious one has been paired up with an auto-pop with a warning. So, aside from being irritating for the end user, it could pose a threat for their safety if delivered by the hands of a very skilled malvertiser!

+216% increase in Pop Ups

Similar to Auto Vibrate, Auto Pops are ads that automatically trigger pops (both Pop Ups and Tabunders) without user interaction. Google penalizes websites that show Pop Ups to end users. In Q2 there was a massive detection spike with malvertisers concentrating a lot of activity using this violation.

Malvertising insight: Aside from providing, once again, a less than ideal end user experience launching unwanted pop messages all over the place, some Pop Ups can automatically trigger and download malicious software into the end user’s device! So, once again, this violation can be a considerable threat for the end user’s device and privacy.

+133% increase in Auto Downloads

Auto Downloads are ads that automatically download a file/executable application without user interaction, which can contain harmful files, viruses, or malware that are quietly installed on the user’s device. This can be dangerous as most of the time the end user is totally unaware.

Malvertising insight: This violation could be especially dangerous for Android users, since the Android operating system uses APK (Android Package Kit) files to install legitimate applications, but these can be manipulated by malvertisers to distribute malicious software! Malicious APK files can be disguised as popular apps, games, or utilities, tempting users to install them. Once installed, these files can gain unauthorized access to sensitive data, take control of devices, or cause other harmful actions.


Are you an ad network or publisher looking for the best malvertising detection solution in the industry? AdSecure is a powerful ad safety and quality solution that monitors the ad supply chain in order to detect and eliminate malicious activity, such as dangerous, non-compliant or low quality ads. Aside from that, at AdSecure we also make available to you annual and quarterly Violation Reports through comprehensive analyses to provide useful insights to learn malvertising’ trends and avoid malicious activity impacting your business. Why not start a 14-day free trial and start protecting your online business and end users now! Or you can get in touch to ask for more information to our expert team.

Share this article on