Study: Auto-redirect attacks cost publishers, marketers $1.13B annually
- Seven new families of redirect attacks were recently uncovered that target leading publishers, costing publishers $210 million and advertisers $920 million annually, according to a press release from ad verification firm GeoEdge that was made available to Marketing Dive.
- Auto-redirects are the most widely used scheme to distribute fake ads, accounting for 48% of malware, according to the analysis. Incidences of malicious auto-redirects are increasing every year with most of the redirects, or 72%, occurring on mobile devices.
- One of the uncovered redirect attacks whitelisted premium publishers, including The Wall Street Journal, Reuters, Forbes and more. The malware opened numerous invisible frames and executed fraudulent clicks.
The report is the latest indication that ad fraud continues to plague digital marketing despite efforts to address the problem. In fact, the rate of auto-redirect attacks increased significantly in 2017, according to the GeoEdge report.
Along with siphoning off more than $1 billion each year, the attacks harm the trust between publishers and users. Malware attacks have traditionally impacted a user’s experience with a site, where ads redirect a user’s screen to a fake virus warning, a prize drawing or phishing scam. This has led to an increase in the use of ad-blocking technology, which hampers publishers’ ability to monetize content.
Redirects are also difficult to address. Once an attack source has been identified, another one often takes its place, making it near impossible for publishers and traditional ad verification tools to uncover them. Hackers continue to get more sophisticated in their efforts, meaning addressing the problem isn’t getting easier. The report highlights one type of attack that has zero effect on user experience. Hidden auto-redirects focus on mobile click fraud by opening invisible iframes that click on ads automatically and go undetected.
A number of firms and organizations are working on solutions for addressing ad fraud. GeoEdge reports that its multi-layered approach for auto-redirect detection has increased identification and prevention by 30%.
Ads.txt, a solution introduced last spring by the Interactive Advertising Bureau Tech Lab enabling publishers to indicate who is authorized to buy their inventory, had only been adopted by 20% of publishers by mid-December, underscoring how one the challenges with fighting fraud is convincing the industry to adopt available measures.
A study by the Trustworthy Accountability Group, an anti-fraud industry initiative, found that industry-wide anti-piracy efforts have cut ad fraud revenue by 48% and puts the problem of infringing content at a $2.4 billion issue. To combat content piracy, marketers and publishers have looked more closely at contracts from the buy side and used monitoring lists to block ads to those sites.