You might not know much about the billion-dollar industry behind the rise of malicious ads, but you probably know what it’s like to encounter them online. Most online consumers have seen malvertising in some form, whether it’s a fake pop-up ad offering to install the latest Adobe Flash software or a forced redirect to a website you didn’t intend to visit.
In many cases, you might not know why the ads are popping up, why you’re being redirected to a new website, or what you can do to stop these ads from ruining your online experience. You’re not alone: Publishers are just as frustrated as consumers, as their ad platforms are placed under attack and their online user experiences are ruined by malicious content.
The problem posed by malicious advertising is only getting worse. Way back in 2015, IAB estimated that malicious ads were costing online advertisers roughly $8.2 billion every year, and it’s widely believed that the prevalence of malvertising has increased every year since then.
Last year, visitors to the Equifax website were exposed to fraudulent Adobe Flash update ads that, when clicked, infected computers with adware. This malware was only detectable by three out of 65 antivirus software providers at that time, and it’s unclear how many visitors to the site were compromised. It’s worth noting, however, that this malware attack came just weeks after Equifax was hacked and robbed of private information for more than 145 million US consumers. Heightened awareness often isn’t enough to protect brands and consumers from malicious ad attacks, which means the problem posed by this malware won’t be easily solved.
IAB estimated the cost of effectively addressing malware at over $1 billion. It may be the case that the higher the cost of cleanup the longer the industry waits to act. To drive this change, it’s important for advertisers and publishers to understand exactly how malicious advertisements work and why they pose such a significant threat.
Malvertising is a complex malware strategy that makes use of programmatic ad exchanges to deploy malicious content through a series of intermediaries. Think of it this way: Instead of a traditional publisher reviewing an advertisement and placing it directly onto the page, malicious online ads are tricking programmatic exchanges into thinking they’re legitimate. They then use those exchanges to sneak in their impostor ads before anyone realizes what has happened.
These ads then turn a profit by creating artificial clicks and taps on the web page to trigger the ad and trick the ad platform into thinking that the user is interested in the ad’s content. This is what happens when, for example, your mobile browser redirects you from a news article you are reading and sends you to a spammy page that says you’ve won a $1,000 gift card.
But it gets worse: According to Fast Company, these malware providers can use programmatic targeting technology to identify device users who are operating with unpatched software and operating systems that haven’t been updated. This means they’re able to focus their malvertising strategies primarily on consumers whose software is more susceptible to these attacks.
One reason for the recent focus on malicious advertising is the high-profile publishers that have become the routine focus of these attacks. Brands including the New York Times and the Atlantic have suffered repeated attacks that frustrate their readers while hijacking their ad technology. These publishers know that something has to be done, but no one company can resolve the threat of malvertising on their own. A collective effort will be required.
Unfortunately for marketers, there’s not much that can be done to combat the rise of malicious online ads. Effective solutions to malvertising will be more dependent on efforts by web browsers and security software to reduce the occurrence of malicious ads, as well as on ad tech developers to snuff out malicious advertisements while preserving the value of legitimate ones.
Google has announced plans to be more concerted in their efforts to block malicious online ads, introducing upgraded ad-blocking technology for its Google Chrome browser in 2018. The company has also joined the Coalition for Better Ads to team with other leading organizations in improving the online ad experience and eliminating malicious advertising. There is optimism among these companies that collaborative efforts will be able to curb the prevalence of malicious advertising while improving the overall online ad experience.
In the meantime, marketers have yet another reason to focus their efforts on marketing strategies beyond interrupt advertising. Both marketers and publishers may want to reconsider their use of programmatic ad strategies in favor of alternative methods that can be better managed and that offer more reliable ROI, not only to avoid malicious actors but also because of changing standards of data privacy. Such alternatives could include an increased focus on native advertising, influencer-driven content, brand storytelling concepts, and other promising digital marketing trends.
If marketers are unhappy about the state of current interrupt ads and are worried about how malvertising could adversely affect their company, there’s no better way to express this disappointment than by investing their earmarked advertising dollars into a different marketing channel.
Publishers and ad developers are getting serious about the recent growth of malicious online advertising, and concerted efforts are underway to work toward a solution. But until that solution arrives, marketers would be wise to keep a close eye on their programmatic ad ROI and consider whether other digital marketing trends can offer equal or better ROI without undertaking the risk that your brand will be the victim of malicious advertising.
For more stories like this, subscribe to the Content Standard newsletter.
Featured image attribution: Wes Hicks