Confiant: 500 billion impressions say that malicious ads violate security, reduce quality

Sponsor ad - 728w x 90h (at 72 dpi)

“One in every 106 ad impressions was dangerous or highly disruptive to the end user,” said Confiant’s Malvertising and Ad Quality Index for the first half of 2023.  The report segments risks into security-related violations that have a compromising impact on consumers, such as malicious code and deception; and non-security-related quality issues, related to content, technical characteristics or ad behavior.

Confiant claimed that the ad security violation rate in Q1 2023, by Confiant’s own measurement criteria, was at the highest level in four years.  The highest rates of security violations were in the US, Canada and Great Britain.  Attacks through cloaked ads doubled industry-wide security violations – from 0.17% to 0.34% – and then subsided.

Sponsor ad

Ad quality violations rose by 50% during Q1 due to ads that created high network loads, had a large number of unique hosts, or used Google Chrome Heavy Ad Interventions.

Threat activity

Confiant diagrammed the evolution of ad threat activity over the course of the first half of 2023, as below.

Ad security threats over the first half of 2023. Source: Confiant

Confiant identified and described several malvertising threat actors in depth in this report. ScamClub is characterized by forcing re-directs to fake gift and reward scams.  LooseContact, which runs multi-layered ads that use URL shortening services like Bitly to mask malicious domains, focuses on crypto-themed investment scams that are run through LinkedIn.

DCCBoost has deployed counterfeit scareware attacks on desktop users since late 2021. Source: Confiant

Aalgmor leverages ads in Bing search results.  FizzCore launches attacks via Google DV360.  DCCBoost deploys counterfeit “scareware” attacks to desktop browsers, saying that their PCs are under threat of virus attack and prompt the user to “click to scan.”   The report goes on to describe several others.

Security issues highest in pre-bid

Confiant measured security in more than 100 supply-side ad platforms (SSPs) that publishers use to offer ad inventory to ad exchanges.  The three largest are Google, OpenX and Sharethrough.  Google had an ad security violation rate of 0.83% during 1H’23 – about double its rate for 2H’22 and more than triple the 1H’23 industry average of 0.27%.  The next highest SSP provider had 0.18%.

At nearly 40 days, Google also had the longest response time in responding to security incidents

Further reading

Malvertising and Ad Quality Index, H1 2023, January 1st-June 30th. Research report. October 24, 2023. Confiant (.pdf download)

Why it matters

The report opens with the statement: “Digital advertising introduces myriad risks related to security, privacy, and user experience.  Malicious, disruptive, and annoying ads degrade user experience and drive adoption of ad blockers.”

It’s more about the impact on publishers than it is about the impact on consumers and a bit dispassionate.  But as a technology supplier – and not to diminish the importance of their data – Confiant must carry two messages: to quantify the damage and to justify their platform to potential buyers.

Research Methodology

Confiant’s ad measurement platform gives real-time measurement of live ad impressions.  According to the report, Confiant analyzed a normalized sample of more than 500 billion advertising impressions monitored from January 1 to June 30th, 2023, across thousands of premium websites and apps.

The report also notes changes in the research methodology since 2020 that results in some mismatch between current data and data from prior years.

Print Friendly, PDF & Email
From our Sponsors