Malvertising: Real Time Protection For Publishers

Malicious ads are the scourge of the digital ecosystem, among the worst fears of any publisher.

Malvertising is big business for criminals all over the world — it allows them to make money off of your inventory, your traffic, and your reputation.

Malvertising — the intentional delivery of malware and other harmful code through an ad unit on a publisher’s page, has plagued users since the beginning of digital media as we know it. But in the current era, it’s the publisher’s task to protect their users from malvertising.

Malvertising -- the intentional delivery of malware and other harmful code through an ad unit on a publisher’s page, has plagued users since the beginning of digital media as we know it.

Publishers owe their audiences this protection from malicious ads, in exchange for those audiences’ loyalty over time. And publishers also owe it to themselves. Audience loyalty means return visits, longer sessions, more chances to monetize.

Any malvertising attack on the publisher’s inventory puts those chances to monetize at risk, not just in the moment but long into the future.

Publishers Are the Last Line of Defense

Today, the task of malware protection goes far beyond the end user.

The most dangerous attacks come from the least obvious sources, those that put the user at risk without ever asking them to click on a button or download a file. Malvertisers can strike without even attacking an entire publisher site.

All it takes is one unsecured ad slot for bad actors to deploy malicious code — auto-redirects, drive-by downloads, Trojan horses, ransomware, and more.

These aggressive malvertising attacks — coming through any crack in the publisher’s defenses — destroy user experience, discourages users from visiting the site again, and drive users to ad blockers that curtail the publisher’s ability to monetize.

Everyone Feels Safe — Until They’re Threatened

Every publisher’s highest priority is producing high-quality, engaging content. When your site is performing well, malicious ads can easily sound like “someone else’s problem.” But no publisher is immune — you’re safe only until the first attack on your inventory. Then, suddenly, security becomes an emergency job.

For Malvertisers, Evasion is the Name of the Game

In the programmatic market, malvertisers can easily disguise themselves as legitimate buyers. Direct channels aren’t immune from this trickery. And a single vulnerable ad slot presents an opportunity for an attack, launched directly upon the user and their device.

For bad actors in the ad ecosystem, malicious ads are easy to deploy, and evading low-tech security is no challenge. For publishers, prevention is hard. And whenever one malvertiser is identified and blocked, another will emerge to take advantage of the publisher’s same vulnerabilities.

Malvertisers Make Money Off of Publishers’ Work.

Malvertising is big business for criminals all over the world — it allows them to make money off of your inventory, your traffic, and your reputation.

Malvertisers target smaller publishers because they’re banking on the presumption that smaller publishers lack resources to mount a full defense.

Malvertisers target premium publishers because they’re banking on finding highly engaged, and therefore highly valuable, audiences on those sites.

When users’ sessions and devices are compromised by malicious ads, they are driven away from your site, to ad blockers, or both. Ad blockers and loss of user loyalty both spell loss of revenue. The monetary effects are felt immediately, and over time.

Cyber criminals use an array of tools and tricks to deploy these malicious attacks. Take a peek into the cybercriminal tool kit! 

Automation Makes for the Best Long-Term Solutions

Publisher ops teams spend up to 40% of their time on quality assurance.

QA for native, custom video, and other rich media formats, in particular, requires time and attention.

These highly manual efforts hold back publishers from developing the strategies and business relationships that increase revenue. In other words, preventing malvertising — an essential security measure — often means leaving money on the table for publishers.

Strategies like adjusting floors are not long-term solutions. Raising CPMs may weed out some malvertisers, but it decreases the number of rendered impressions overall. Raising CPMs from $1 to $2 can lead rendered impressions to drop by more than 18%. Check out the full whitepaper!

Real-time protection keeps you focused on publishing — and monetizing

Keeping malvertisers away from publishers’ inventory calls for vigilance across the entire ad supply chain.

But regular monitoring — even if it happens at every point along the chain — is not enough. Reacting to malvertising attacks after the fact is not enough. You need real-time, proactive solutions for real-time, unpredictable attacks.

Real-time detection and blocking of any malicious ads, and airtight QA automation, is the only surefire ad security strategy for publishers. These methods pinpoint known threats in the ecosystem, identify new threats, and prevent the clean-up that follows an attack.

Real-time monitoring and blocking directly helps publishers improve KPIs, increase the lifetime value of their audiences, add any demand partners they want, set the floors they need, and grow their overall revenue.

 

 

 

Alisha is a Technology Writer and Marketing Manager at GeoEdge. Her writing focuses on current events in the AdTech ecosystem and cyberattacks served through the digital advertising supply chain. You can find Alisha on LinkedIn to discuss brand building and happenings in AdTech.
NOT ALL MALVERTISING SOLUTIONS ARE CREATED EQUAL

Malvertising, the practice of sprinkling malicious code into legitimate-looking ads is growing more sophisticated. GeoEdge’s holistic ad quality solution has you covered.

TRUSTED BY:

450+ Publishers & Platforms