Publishers have enough to juggle without worrying about sketchy ads sneaking in through video inventory. But with malvertising on the rise — especially those sneaky auto-redirects infecting VAST tags — EX.CO and GeoEdge are joining forces to shut it down.

This partnership is grounded in ad quality to safeguard user trust and ensure publishers’ revenue keeps flowing without the hassle of bad ads ruining the party.

The post EX.CO and GeoEdge Team Up to Shut Down Video Malvertising appeared first on AdMonsters.

HUMAN’s Satori Threat Intelligence Team began noticing that apps that don’t offer advertising were generating an abundance of IVT traffic. Concerned, they began studying the traffic source and, in the process, discovered a massive mobile malvertising scheme that used highly sophisticated tactics.

They named the scheme Konfety, which means “candy” in Russian, in a nod to CaramelAds, the Russian mobile advertising SDK that the threat actors managed to abuse. Konfety is a massive fraud perpetrated against DSPs and advertising networks, and at its peak, Konfety-related programmatic bids reached 10 billion requests per day.

To learn more about the threat, AdMonsters talked with Lindsay Kaye, VP of Threat Intelligence at HUMAN, who was instrumental in uncovering Konfety. For a complete discussion, see the HUMAN Satori Threat Alert: Konfety Spreads “Evil Twin” Apps for Multiple Fraud Schemes.

Susie Stulz: Konfety uses several new mechanisms in malvertising. This scheme uses decoy apps and evil twins. Can you provide an overview of the scheme and how it worked?

Lindsay Kaye: Sure. The threat actors created about 250 decoy Android application package files — or APK apps — which they uploaded to the Google Play Store. These apps don’t provide any sort of fraud when we download and execute them. 

And yet, in the real world, we saw a lot of IVT coming from those apps, so we started investigating. We found that APK apps in the Play Store are decoys and they provide something really important to the threat actors, which is the legitimate identifiers of Google Play Store Apps.

After a lot of research we discovered the presence of evil twins to those decoy apps. Those evil twins are not distributed in the Play Store, they spread through malvertising, and they are the apps responsible for the ad fraud. 

SS: So, the evil twin apps offered “inventory” in the programmatic markets 10 billion times per day?

LK: Yes, and at first glance, it looks like the fraudulent traffic comes from these decoy apps because both the evil twins and the decoy apps use the same Google identifiers. We believe threat actors have developed a new and very sophisticated technique to host malicious apps outside of the Play Store.

SS: Is that what tipped you off that a unique type of malvertising was at work?

LK: We saw no ad fraud stemming from the decoy apps we downloaded from the Play Store itself. In fact, those apps do not show ads, even if they technically can support advertising. However, when we looked at third-party repositories, like VirusTotal and some others, we noticed that there were two APKs with the same name. To dig deeper, we looked at the hashes and saw they were different.

SS: What do you mean by hashes?

LK: Hashes are unique identifiers which are generated when a developer applies a hash function to a file’s contents. They act as digital fingerprints, so that when there are changes to a file, a new hash will be generated. Comparing hashes allows us to determine if two files with the same name are identical or different.

SS: So, were the different hashes the first clue?

LK: Yes, that was the first tip, and we began investigating from there. We thought this was interesting: two APKs with the same name but different hashes. 

But the two APKs themselves were also really different; they weren’t even pretending to be the same app. The decoy APK in the Google Play store may be a car racing app, but its evil twin wasn’t. It was just stealing the legitimate Google identifiers of the decoy to commit ad fraud.

SS: How often were the decoy apps downloaded?

LK: Not very often; they averaged 10,000 downloads per app, which is nothing in the app world. This is one of the things that stood out to us: Apps with a small number of installs were generating a huge amount of IVT. 

SS: Is the CaramelAds SDK inherently fraudulent?

LK: SDK has some vulnerabilities that allow threat actors to abuse it. If you’re looking for an SDK to monetize your mobile app, I suggest looking elsewhere until those vulnerabilities are fixed.

SS: At present, HUMAN has observed ad fraud only stemming from Konfety, but haven’t you noticed other things getting loaded on the user devices, such as a search tool and intent signals? What are the purposes of these things?

LK: To date, we have only observed ad fraud, but in the report, we describe other things, like intent filters, that were loaded onto the devices. These are links that pretend to open other applications, such as Zoom or TikTok. Certainly, those intent links can be used for other frauds that target the user, such as credential stealing or pushing other kinds of malware onto the device. We just didn’t observe that kind of activity to date.

Obviously, this is an ongoing threat, and one that we expect will evolve and we will continue to monitor.

SS: What advice do you have for AdOps teams so they can avoid the Konfety threat?

LK: The most important thing AdOps teams can do is to use an IVT monitoring tool or platform. Obviously, HUMAN offers one, but there are others. Campaigns like Konfety show that the threat actors are getting more sophisticated, making their threats very difficult to detect.

Uncovering the evil twins required an extremely complex investigation that AdOps teams might not have the time or skillset to conduct on their own.

The second thing I’d recommend is for AdOps teams to look at their past traffic. Do you see a lot of ads served to apps that have a small number of downloads? If yes, you might want to investigate it and share your findings with your partners. Sharing insights makes the industry safer.

As I said earlier, avoid using CaramelAds until they’ve fixed its vulnerabilities. 

SS: The challenge, I think, is that fraudsters are often copycats. They see threat actors succeed with one tactic, in this case, decoys and evil twins, and they create their version of it. Does this mean evil twins in malvertising will be with us for a while?

LK: That’s likely, so AdOps teams must choose their SDKs wisely and work with only reputable companies. However, even then, threat actors may find new vulnerabilities to exploit, so monitoring IVT regularly is critical.

Cybersecurity has always been a game of cat and mouse, and Konfety is a great example of this. Threat actors were getting kicked out of the Play Store, so they found a way to commit fraud outside the official app stores.

SS: Final question: the report offers a great deal of technical descriptions, sample code, the domain names, the names of the decoy apps and so on. Where can readers access that report?

LK: It’s available online, at: https://www.humansecurity.com/learn/blog/satori-threat-intelligence-alert-konfety-spreads-evil-twin-apps-for-multiple-fraud-schemes

The post HUMAN’s Satori Team Uncovers Konfety Fraud Operation With New Malvertising Tactics appeared first on AdMonsters.

Video advertising has always been a bright spot for the industry: effective, profitable, and malware-free. Because it’s threat-free, AdOps teams don’t need to spend a lot of time scanning for scams. Sadly, that is changing rapidly. 

Earlier this year, I wrote about ScamClub’s breach into the video channel, successfully injecting malicious redirects through VAST and VPAID tags in Q4 2023. Since then, video malvertising attacks have proliferated and show little sign of abating anytime soon. Worse, other scammers have no doubt noted the success of ScamClub’s assault on video ads. In the months ahead, we should expect a surge in automatic and malicious redirects, and everyone — publishers, SSPs, and video platforms — should begin hardening their video tech stack immediately.

How Video Automatic Redirects Work 

In case you missed the first article, here’s a rundown of the ScamClub scheme, the first industry-wide attack against video ads. GeoEdge discovered the scheme injected malicious redirects through VAST tags, sending users to a malicious website regardless of whether they played the ad or how long they watched it.

Essentially, the scammers run fingerprinting tests on both the client and the server sides, looking for malware detection systems. Once the information from the client is sent and checked by the malicious server, the POST request’s reply or response includes instructions that tell the user’s device to navigate to a new website. This redirect code includes several different methods to initiate the forced redirect. This diversified attack strategy increases the chances of successful redirects, making it harder for security vendors to detect and identify the attack.

Bad Actors Have Breached Video Advertising

For a long time, video has been considered the safest channel in digital advertising. The high inventory cost has deterred scammers from attacking the channel, concentrating on the abundance of low-cost and vulnerable display ad units. As a result, many publishers, SSPs, and even video platforms haven’t screened for malware even as they actively screen for it in their web and mobile inventory.

But we need to understand that scammers have breached the video world. GeoEdge’s security research first exposed the video malware epidemic in July 2023, but as you can see in the chart below, the number of instances has escalated dramatically. 

We’ve seen dozens of SSPs—all the major industry players—affected by the ScamClub malicious VAST and VPAID attacks. The same goes for video platforms, which scams have infected in equal measure. Any publisher that relies on an SSP or video platform to fill video inventory is likely exposed. 

In fact, AdOps teams are now receiving complaints from publishers, who are receiving complaints from their users and editorial team about sketchy ads that pop up on landing pages that look like system messages prompting users to download fake software updates or fake antivirus software that records and transmits their bank information or credentials to the scammer’s servers.

Even though we already see hockey stick growth in the ScamClub version of the attack, we are at the beginning of the growth trajectory. For this reason, we should assume that automatic redirects in video will dramatically increase over the next 12 months.

Time to Harden the End-to-End Video Tech Stack

This means it’s time to harden the video tech stack. Publishers must recognize the importance of monitoring and safeguarding their video technology infrastructure, as it’s no longer secure. This shift in mindset is crucial.

SSPs need to begin to reassess their video demand, with an understanding that they can no longer assume it’s safe. They must acknowledge the presence of malvertising in the channel, which many expect to increase significantly.

Additionally, the entire video platform segment, which supports video players and previously remained unscathed, now faces new threats. These platforms must start monitoring and addressing security issues at their own level.

This, of course, brings up the question of CTV. Is that channel safe? It’s unlikely that consumers will click on ads, visit landing pages, and fill out forms from their smart TVs. However, as QR codes become common in CTV advertising, they will introduce new risks, as fraudsters will have the opportunity to redirect the user who scans that code via a mobile device.

A New Approach Required 

Because of the multiple mechanisms that block attacks from security vendors, new approaches are needed. In our experience, it’s not enough to monitor the video ad units themselves but the entire page itself. By monitoring the entire page, security teams can identify, analyze, and classify copycat and emerging variants of redirect scams immediately and proactively block them every time they appear. 

A Call to Action

Video is no longer a safe haven; we need to pay attention to it. The channel has been breached, and fraudsters are rushing in. However, we are by no means defenseless. To combat this rising threat, we must embark on a new era of cooperation across the entire industry. By working together, we can identify and mitigate video threats more effectively and share our learnings to strengthen our collective defenses.

The post Automatic Redirects Flood Video Ad Space (and it’s Just Getting Started) appeared first on AdMonsters.

It has infiltrated everything from art to the military, and now it’s becoming increasingly troublesome in the ad tech sector through malware, phishing, and scams. 

At an AdMonsters Ops session on June 6th, “AI + Malvertising = ?,” attendees heard from Jerome Dangu, Chief Technology Officer and Co-Founder, Confiant, and Louis-David Mangin, CEO and Co-Founder, Confiant, about how AI is affecting ad tech and how we can stay aware of what is to come. 

Confiant has been in the ad security business for 10 years, giving the company a great deal of experience in recognizing bad actors and helping publishers identify these risks as well. According to Confiant, ad tech has two dimensions of security risk: victim and vector. 

Victim refers to specific types of fraud, namely bot fraud, attribution fraud, and arbitrage fraud. Vector refers to the types of ways bad actors attempt to infiltrate, through malware, phishing, and scams. Of these, scams are the bread and butter of those attacking through advertising. 

Why AI Matters In Ad Tech Today 

Ad tech is a marketplace that reaches a wide range of people, and because of this, it can be used as a vector for cyber criminals to reach others and deliver attacks. It’s important to know what our responsibility is in terms of protecting users, Mangin says. 

While ad tech is not the only ad-based vector, those who are looking to scam others out of money do not distinguish between different facets of the internet; they will go wherever they can to make the most profit. 

Ad tech is also growing very quickly, and while this is a good thing for the industry it also means more opportunity for attacks. Mangin suggests it is important to consider how we control the possible infiltration and whether our current systems are up to the task as AI continues to permeate all parts of society. 

Our industry also lacks transparency, which is advantageous to the buyer, but causes a major blindspot when it comes to cybersecurity. Confiant has set up a website, buyers.json, to help create more transparency in the industry and to help limit malicious attacks. 

There is already an established attacker base in the ad tech space, with at least 35 different groups that specialize in compromising ad tech systems. Confiant has also established a website that maps out these bad actors, matrix.confiant.com. 

Cybercrime is generating trillions of dollars, and preventing these attacks is privatized, meaning you have to pay a private company to help you if you are the victim of a cybercrime. Cybercriminals also only need to succeed a fraction of the time to make their attempts worth it, and things will only continue to get more challenging as AI helps create more effective attempts with less human effort. 

The Future of AI 

The world is currently buzzing about the unintended consequences of AI technology that have resulted from those with good intentions, but the ad tech industry should be concerned with bad actors whose intentions are malicious from the start. Ads are the best way to reach people today, leaving our industry open for a slew of attacks, particularly as AI technology improves. 

AI has a control problem, as evidenced by malfunctions that have been in the news recently. For example, the Air Force allegedly performed a simulation with AI where the AI drone killed its operators and even attempted to blow up the control tower while programmers worked to reprogram the drone to prevent further casualties. And. it has been proven that Chat GPT has the ability to lie to users. 

“We’re fundamentally tinkering with intelligence here,” Mangin shares. We don’t quite understand the technology yet, which leads to complications. He notes that a large company was recently working with Confiant to try to create security to block AI attacks, but could not create proper defenses since they could not figure out how the AI had reached a particular conclusion. 

The technology for AI is open source and every week there are huge improvements happening. Regulation is on the way soon, but while governments can enact regulations that large companies will have to follow, those who are operating in small numbers or as individuals will still be able to do what they want.

Deep Fakes And Scams

We’ve all seen AI-generated photos that look incredibly real, such as the Pope wearing a fantastic puffer jacket. This same technology that can create these photos can manipulate videos or audio to sound like it is coming from an authentic source. These deep fake videos can create trust with the people who watch them and convince them to buy into a scam. 

Another improvement in this technology that is on the way is sending malicious calls to AI programs rather than call centers with real humans. This will increase the number of people scammers are able to attack because they won’t have to physically staff call centers to complete the scam. 

It’s crucial that we as an industry are on the lookout for what is on the horizon. Bad actors will find a way to optimize access to targets through AI, and they will monetize this access. Of course, AI can help us to complete tasks, but it can also hurt, so we must be vigilant about keeping user data safe.

The post The AI Revolution Is Coming: Confiant Explains What To Look Out For And How To Help Keep Users Safe appeared first on AdMonsters.

• Do bad ads prompt users to leave a news site or app? Do they report those poor experiences to the publisher?
• What is the impact of a bad ad on the consumer’s propensity to return to that site, recommend it to others, or make a purchase on it?
• Do bad ads send users a message that publishers care more about making money than they do about their safety?

To gain that understanding, we surveyed 250 consumers about the impact of a “bad” advertisement on their perceptions of a website or app. We defined a bad ad to survey takers as “any advertisement — including the web page or app that clicking on it brings you to — that you find unpleasant, inappropriate, untruthful, or has some kind of computer virus associated with it.”

Then we talked to publishers to hear their reactions to the data, and also learn some pro tips that we could pass on to our readers.

Enter your email below to download your free copy of How Bad Ads Affect Consumer Perception of Publishers! 

This playbook, created in partnership with GeoEdge, will dive into the results of our survey, highlighting both the challenges and solutions. 

The post AdMonsters Playbook: How Bad Ads Affect Consumer Perception of Publishers appeared first on AdMonsters.

Confiant found a cookie-stuffing campaign running across multiple programmatic ad platforms around Black Friday. What did that teach us? Bad actors will use any tactic or occasion to exploit the supply chain. 

While ad fraud is not the core focus of Confiant’s business, they work to weed out threat actors who use the programmatic process and ad networks for malicious purposes. 

In this case, the bad actor was DatalyMedia, the mastermind behind the campaign.

What is Cookie Stuffing? 

Cookie stuffing is ad fraud where a malicious campaign triggers arbitrary numbers of invalid ad conversions by generating fake clicks. It is a source of invalid traffic (IVT), which makes it a form of ad fraud. 

Cookie stuffing targets several types of campaigns, including cost-per-click (CPC) ad campaigns, various types of cost-per-lead (CPL), and cost-per-action (CPA) campaigns. Malicious actors typically generate fake clicks by loading click URLs in hidden iframes inside ads as they render.

Don’t expect this malicious practice to die down anytime soon. According to the World Federation of Advertisers (WFA), “ad fraud is likely to exceed $50 billion globally by 2025 on current trends, second only to the drug trade as a source of income for organized crime.” 

Both publishers and advertisers should worry about this practice as it affects them both. For publishers, their web page is under attack because cookie stuffing causes page latency. This derives from a massive network overload when the advertising landing pages load in hidden iframes. For advertisers, cookie stuffing distorts targeted data and degrades campaign effectiveness. 

In addition, for publishers and advertisers, cookie stuffing creates liabilities for violating privacy compliance regulations and steals money from the ad tech ecosystem. 

DatalyMedia’s Strategy

According to the data, DatalyMedia has executed its cookie stuffing schemes since at least 2015. Over time, the infrastructure and techniques DatalyMedia uses for the affiliate marketing fraud scheme have barely changed. 

DatalyMedia was caught implementing these tactics to maintain its presence in the ad tech ecosystem by:

• Creating over 100 ad serving domains.
• Partnering with ad platforms. DatalyMedia was active on at least four different advertising DSPs in 2022.
• Approaching ad security vendors about the status of their domains, claiming legitimate needs. 
• Cloaking
  • They used this tactic to circumvent detection.
  • The script that DatalyMedia executes has a cloaking component that loads one or multiple hidden iframes.
  • If the cloaking test fails, the bad actors replace the iframe with an empty image.
  • If the cloaking test succeeds, the iframe URL redirects to a secondary domain with similar cloaking. 

The Ad Tech Cartel: Laundering Via Network of Fake Sites

As one of the biggest crime syndicates in the ad tech ecosystem, DatalyMedia and other malicious actors utilized an illegal tactic that kept criminal empires afloat for centuries –– laundering. However, they laundered user data instead of money.

Similar to money laundering, DatalyMedia created two traffic paths, a dirty path that commits fraud and a clean one with legitimate traffic that hides the malicious traffic. 

DatalyMedia served programmatic ads on Publisher A’s website in the dirty path, as indicated in the graphic. These ads are cloaked in an invisible iframe to hide the cookie stuffing scheme. 

The Affected Players (Both Directly and Indirectly)

As the graphic below highlights, many aspects of the supply chain are affected by cookie fishing. As highlighted in this graphic, the amount of revenue lost serves as a warning for how diligent publishers and advertisers must be to protect themselves from ad fraud. 

The next steps: 

• The scheme uses an intermediary website (Bad Publisher B), making the conversions look legitimate to the defrauded affiliate networks and brands.
• The “dirty” path uses a POST HTTP request to Bad Publisher B, while the “clean” path uses a GET request.
• The “clean” path uses native ad networks to create traffic in the style of ad-driven content websites, but the real purpose is to create an audience to support the conversions driven by the “dirty” path.
• Traffic generated from the “dirty” path is indistinguishable from the “clean” path traffic.

Final Results

DatalyMedia’s cookie fishing scheme was quite successful. It generated a significant amount of revenue from ad fraud, but their schemes are no longer a secret due to the work of companies like Confiant. 

The study estimated that DatalyMedia served approximately 125 million display ad impressions in 2022.

DatalyMedia has had three major periods of seasonal activity over 2022: Winter, Summer, and Fall, and an all-time peak on Black Friday – November 25, with a volume of over 9x their daily 2022 average. 

The lack of industry focus on this issue has allowed these fraudsters to thrive,” says Jerome Dangu, CTO & Co-Founder at Confiant. “specifically in the case of DatalyMedia for a mind-blowing eight years.” 

Publishers and advertisers, this is your call to action to keep your eyes open for malicious actors. The supply chain is open season for ad fraud schemes, and neither you nor the consumer is immune to their attacks. Lurking under your landing pages and ads are schemers itching at the thought of stealing your revenue.

Read Confiant’s article here: https://blog.confiant.com/malvertiser-makes-the-big-bucks-on-black-friday-637922cd5865 

The post Confiant Catches Cookie Fishing Scheme: The Bad Actors of Black Friday appeared first on AdMonsters.

It begs the question, what do we predict will happen this year? NFT’s took the world by storm. Retail media and ID solutions revolutionized practices around privacy-centric data. How will these practices evolve further in 2023? 

At the beginning of 2022, AdMonsters published our predictions for the year. With the help of industry professionals, we predicted that brands would triple down on first-party data, the changes in Google’s privacy sandbox, and the CTV boom. Will the predictions be spot on this year? Let’s look forward together to see how we predict the new year will pan out. 

Big Tech

The walled gardens have always been a major influence on the ad tech ecosystem. In fact, Google and Meta (the duopoly) captured 85% of ad spend. 

Since they’ve monopolized revenue and inventory, any significant change they implement will affect the ad tech industry. For example, the announcement of Google’s third-party cookie depreciation sent ad tech into a tailspin because Chrome dominates traffic. 

This year, some experts predict a new king is in town. Amazon is gaining ground on Google’s empire and the game of thrones persists. 

Amazon will 1-Up Google. “Amazon is the new (and improved) Google. While the latter holds its death grip firmly on the ad products side of the business, Amazon not so quietly builds up an ever-growing tech stack to cover all marketing needs. Talk at its Unboxed conference celebrated its clean room capabilities. As the leading Retail Media Network, there’s ample cause to celebrate. The question remains whether these moves will put it in the antitrust crosshairs or if they can keep flying under the radar of government scrutiny, unlike their compatriots at Meta, Twitter, and Google.” – Eliza Nevers, Chief Product Officer, Lotame

Economic Shifts Will Rattle Big Tech Into More Rounds of Layoffs. “Industry dynamics are seeing tectonic shifts. The pandemic created unusual dynamics and may have delayed a reckoning, but the digital giants finally got too big and overshot the surrounding market dynamics. As a result, all of the major players, with the possible exception of Amazon, are already doing layoffs – we’ve seen announcements from Amazon, Meta, Twitter, Snap, Microsoft, and even Disney. When it comes time to cut the digital fat, the first cut is rarely enough. We’d expect to see more layoffs next year, some from the same players who have already announced a first pass. In the surrounding recessionary environment, startup and growth capital is scarce and more expensive. Some young companies in the industry won’t be able to secure funding. So we also expect to see numerous close shops or seek a quick sale. How hard and how many? Hopefully, we won’t know next year until we see green shoots. One thing we can predict with relative certainty: Elon Musk will be one of the three remaining Twitter employees by the end of Q1.” – Mike Woosley, COO, Lotame

Meta will Flake on Metaverse Investments. “The handwriting is on the wall for the Metaverse based on Meta’s last earnings report. Facebook “invested” $9B on this metaverse thing – and every drop of that $9B came from its profits. Its VR service has just 200,000 users. As a digital property that puts its traffic somewhere between “Catster” and “The Fluffy Kitty” in the public interest.  Advice to Meta: if you want to expand in VR, be like Microsoft and buy a gaming company for $75B. Meta will drastically curtail its investment by the middle of 2023.” – Mike Woosley, COO, Lotame

Privacy and Identity Solutions 

Privacy was the talk of the town in 2022, and the ad tech industry could barely keep its name out of their mouths. Some predict the conversation around privacy will change in 2023, and others think the discussion will be less prevalent. Here’s what industry experts think: 

Privacy Switches Focus. “Brands and publishers are building on their first-party data capabilities and ID alternatives. Still, these tactics alone will not solve the tightening of privacy regulations and the deprecation of third-party cookies. While personalization does not equal identification, the industry has long conflated the two. 2023 will be the year that marketers shift their strategies from ID-based personalization to creative-based personalization.”  – Alistair Goodman, CEO, Emodo

Shrinking Identity Landscape: Learn to Walk the Cookieless Walk. “Despite urgency doubling around the need for identity solutions, 2023 will bring little to no progress as Google continues to kick the can down the road. As long as cookies exist, marketers will use them. Even those with mandates to target only first-party data won’t realize their identity partners rely on cookies. With zero real use cases to prove those aforementioned in-market cookieless solutions work, the most exciting development in 2023 will be far fewer companies in business. The identity landscape will continue to shrink over coming quarters from more than 100 transactable IDs to a top four or five.” – Eliza Nevers, Chief Product Officer, Lotame

Privacy Will Lose Its Importance. “Privacy, although hugely important, will become less of a focus for marketers this year. We are hearing that it is still a consideration but differs from the focal point it has been in the past. Google continues to punt changes opening up questions about when and if it will begin to deprecate cookies. Additionally, new regulations have shown exactly what limitations are on the horizon, so some uncertainty has been removed around what changes will take place and when.” – Matt Sotebeer, Chief Strategy Officer at Digital Remedy 

Data Fraud and Misinformation 

The industry has created systems to stop the increase of ad fraud, but that does not mean the practice has died down. Bad actors became more creative with sneaking misinformation and scams into ads.  

We saw that in our 2023 Malvertising preview, which noted that every aspect of the supply chain was affected. We also saw it with the increase in political ad fraud during the midterm elections. 

The industry must work together to educate themselves and consumers on how to detect and block ad scams. The more publishers understand the origins of these attacks, the more they can do. This will allow publishers to put better security in place to protect themselves and the consumer.

Mis/disinformation. “Our research finds that 68% of consumers globally are worried that levels of mis/disinformation are growing. This poses a huge threat to brands as 3 in 5 (61%) consumers would be less likely to purchase from a brand that appears alongside mis/disinformation. In the face of economic uncertainty in 2023 and beyond, brands must ensure advertising spend is driving strong ROI. Ads appearing alongside false or misleading content is a form of wastage—with the added risk of creating reputational damage. In the year ahead, we’ll see a greater emphasis placed on solutions that ensure ads appear in brand-safe environments. AI-driven tools that leverage semantic science—such as deep learning, machine learning, and ontology—will provide confidence and clarity to advertisers and publishers looking to defund mis/disinformation and reinforce the authenticity of their brand values.” – Dan Slivjanovski, CMO of media measurement company, DoubleVerify

Mobile

What does the future of mobile advertising hold? The consensus is that mobile advertising brands will expand into new partnerships and develop privacy-centric strategies. 

New privacy changes and tech advances forced app publishers to re-evaluate how they drive their ad ARPDAU. AdMonsters recently hosted a webinar “The Future of Monetization,” that spoke to the future of mobile monetization. One of our panelists, TK  Krishnamurthy asserted that brands should prioritize users’ needs before considering revenue. Creating a great user experience will boost revenue at the end of the day. 

An opportunity for growth. “Global macroeconomic changes reshape how businesses think about growth demands and create opportunities for those who are willing to adopt. As the mobile ecosystem evolves, advertisers will continue to get pushed to experiment with new channels to remain competitive. Mobile-first businesses will go beyond mobile inventory to new forms of audience reach that are novel for mobile performance, such as Connected TV. Measurement is also evolving as it takes a broader set of tools and methods – from media mix modeling to up-to-date platform support – to have a holistic view of channel portfolio performance.”– Andrey Kazakov, VP of Demand, AppLovin

The Integration of Digital Marketplaces into Mobile Games and Apps. “The opportunity and monetization that can be unlocked by integrating digital marketplaces into mobile games and apps are vast. After all, there are already billions being spent annually on digital items across every other gaming platform. As a partner of AppLovin, Lion Studios integrated an NFT in-game event into Match 3D and saw strong engagement and an increase in Average Revenue Per Daily Active User (ARPDAU).This led to a significant increase in in-app purchases and drove a new and meaningful revenue source through royalty fees generated from users trading their assets on the marketplace. Looking at recent years, mobile game developers that invested in new monetization methods early are the ones who gained advantages in the market. For developers looking to unleash their user engagement potential in 2023, the time to invest is now.” – Rafael Vivas, General Manager of New Initiatives, AppLovin

Web3: The Digital Landscape

Many believe Web3 capabilities won’t impact how business is run in the ad tech ecosystem on a major scale but is this truly the case? Industry sentiments are mixed. 

Awareness around Web3 grew immensely in 2022 with the rising popularity of NFTs and metaverse in ad campaigns. For example, TMB and Pet collective launched an NFT campaign that sold out in seconds. Their partnership proved that Web3 capabilities are profitable and a creative way to engage with your audience. The key is creating an experience that connects with your audience’s needs. 

Web3 capabilities are also a potential solution to the new privacy regulations because it promises to give consumers control of their data. In Web3, a small monopoly of owners won’t store consumer data assets. Instead, the consumer will control their own data and decide if they want to sell it or not.  

NFTs Represent the Evolution of Digital Item Ownership. “Digital marketplaces are widely accepted amongst gamers worldwide, and billions of digital items are transacted through them annually already. We believe that NFTs are an evolution of digital ownership. They present a new opportunity for users to re-sell their earned or purchased digital items and drive incremental revenue for developers. Previously, if you wanted to see whether a user truly owned an item, you had to log into that game and interact with that user inside of it. Now, with NFT technology, you can easily identify someone’s digital ownership of assets on a public ledger and easily exchange that ownership. Digital marketplace monetization should be at the forefront of developers’ minds when aiming to keep users engaged with new creative games.” – Rafael Vivas, General Manager of New Initiatives, AppLovin 

Web3 will Continue to Climb, but not Without Hurdles. “The recent FTX collapse has sparked a lot of uncertainty and fear within the crypto/NFT market. However, despite this, we are still seeing a lot of interest from brands to launch Web3 activations. Because the Metaverse’s focus is on community, brands will find different and new ways for consumers to interact with them and each other digitally. One of the Metaverse’s greatest strengths is its ability to build community. The rise of the Metaverse won’t occur without hurdles though. We can expect to see challenges in adoption and use cases. We will need elevated virtual reality technology and much more robust avatar standards and architecture.” – Jack Cameron and Billy Huang, the co-founders of Insomnia Labs

Web3 Breaks New Ground for Brand-Consumer Relationships. “With the recent surge in privacy laws, Web3 could be the answer brands and businesses are looking for in the future. Within Web3, we see NFTs as a brand loyalty program that could identify and curate a closer group of consumers than ever before. Also, DAOs will allow people to have a stake, enticing them to participate actively in the community. Wholistically, Web3 provides technology to build new things and empowers brands to communicate with their consumers more intimately than ever before. Consumers can now connect and interact with the brand more intimately and with other fellow consumers who share the same passions and interests. Web3 will unlock new opportunities for brands to become more “cool” and connect deep, long-lasting relationships with their consumers.” – Jack Cameron and Billy Huang, the co-founders of Insomnia Labs

Further Experimentation in the Ad Tech Space

Revenue diversification is essential in the era of the ad spend slowdown and a possible “ad recession.” 

Consequently, the ecosystem is forced to evolve and experiment with new mediums to help drive revenue and user engagement. Whether that means experimenting with Web3 or augmented reality, creativity is key to standing out in the crowd. 

Creative Ad Monetization. “The gaming industry has always thrived on creativity and experimentation. The current economic downturn is forcing us to double down on this even more. As launching new gaming hits has become more difficult, we are seeing more and more developers take risks and be open to changing their previously winning formula. We currently see and predict that we will continue to witness the game industry developing in its monetization strategies. Whether it’s adopting hybrid monetization, with IAP partners integrating ads and ad-based developers trying to crack IAPs or new ad formats such as app open or native, I expect to see a lot of new and creative monetization strategies emerge in 2023.” – Daniel Tchernahovsky, VP of Global Business Development, AppLovin

Augmented Reality and AI. “Augmented reality is gradually growing out of its infancy and could soon become an indispensable part of a digital marketing strategy. More and more brands have started integrating AR features into their apps and online campaigns. Consumers are trying out AR and experiencing upgraded customer journeys – think of using Google Lens to translate restaurant menus or trying on make-up and glasses virtually. Whoever scores with the most creative and intuitive implementation this new year can set new standards and secure a long-term competitive advantage.” – Florian Hübner, CEO and Founder at Uberall

“Augmented reality is already making its way into online campaigns and setting the first benchmarks in the hybrid customer experience. The beauty chain Douglas, for example, recently launched an AI-powered digital tool for analyzing customers’ skin types and offering tailored product suggestions. Personalized customer experiences like these will continue to evolve rapidly in the coming year and beyond, further changing the standards in digital marketing. Success with customers and the competition will be determined by the actual benefits of these tools and the creativity with which they are implemented.” – Florian Hübner, CEO and Founder at Uberall. 

The post That’s So AdMonsters: 6 Ways We Predict Ad Tech and Digital Media Will Evolve in 2023 appeared first on AdMonsters.

Whether you’re craving a rewatch or want to catch up on some much-needed viewing, AdMonsters’ webinars are available at your leisure. This year, our webinar series dealt with the future of monetization, malvertising schemes, and how publishers use data to close deals. 

Here is the replay of our Top 3 webinars in 2022. 

How Publishers Use Data to Close More Deals With Advertisers

More than ever, data ethics and transparency are essential to data gathering. Overtime, consumers grew skeptical of how publishers and advertisers use their data but now evolving privacy regulations address those concerns. 

The industry has a long road to rectify past mistakes, but progress is afoot. There is a plausible future that balances ethical data collection and revenue efficiency. Not only does this webinar delve into that notion, but also how finding the right cadence is beneficial for publishers and advertisers to continue to drive revenue.

First-party data will build a sustainable advertising ecosystem that is fully future-proofed. Need an example? 

Watch Stephanie Mazzamaro, VP of data product & operations, Trusted Media Brands (TMB) and Thomas Baart, customer success manager, EMEA, at Permutive to learn how they used their partnership. The collaboration  helps TMB increase audience size by 22X, increase RFP win rate by 31%, and use first-party data to drive 94% of their direct-sold campaigns. 

2023 Malvertising Preview

Trends such as iframe sandboxing, vendor adoption, and better threat sharing all contributed to decreases in forced redirects. Thanks to the due diligence of ad quality vendors, tools are available to ward off malvertising and bad actors. 

While these tools are helpful, they, unfortunately, do not fully solve the issue. Bad actors only get better at the games they play. Secret holes in the open web allow malicious schemers to find innovative ways to attack both publishers and consumers.

Now, this isn’t the time to become complacent. You should ask yourselves: 

• How can I identify a malvertising scheme? 
• What are the malvertising trends for the upcoming year? 
• How can I play a role to help decrease the prevalence of these schemes? 

AdMonsters chatted with senior executives at Confiant about the different types of malvertising scams, trends to look out for in 2023, and industry collaboration. 

The Future of Monetization

Are you contemplating the future of your monetization goals? Here’s what you should consider: 

• Privacy regulations shifted how the entire industry runs its businesses. 
• The power dynamic between the consumer, publisher, and advertiser are changing. 
• Tech innovations made app publishers reevaluate their ARPDAU. 

Don’t fret. You can reach your monetization goals, but it’s time to shed your old practices and evolve. While ad revenue is vital to any thriving business, it must not outweigh the needs of your audience. 

“Monetization is important, but it is a secondary metric,” said Ram “TK” Krishnamurthy, General Manager (Meson) and VP of strategic partnerships, InMobi. “It is something that has to be done, but in a way that helps you retain the user.” 

In an ad spend slowdown, “The Future of Monetization” is an essential viewing. TK and Adam Sadur, head of programmatic, SmartNews, spoke about how publishers are taking control of their monetization destiny, what to expect in 2023, and more. 

The post AdMonsters 2022 Rewind: The Great Webinar Replay appeared first on AdMonsters.

However, that did not hinder bad actors from evolving new practices to keep up their schemes. There’s still a lot more work to be done before publisher sites are scam free. Lurking under secret holes in the open web, bad actors are finding innovative ways to attack both publishers and consumers. 

Now isn’t the time to become complacent. The industry as a whole should be on the lookout for these scams. You should be asking yourselves: How can I identify a malvertising scheme? What are the malvertising trends for the upcoming year? How can I play a role to help decrease the prevalence of these schemes? 

During our Nov. 30, 2022 webinar, 2023 Malvertising Preview, AdMonsters chatted with Confiant malvertising experts Jerome Dangu, CTO & Co-Founder, John Murphy, Chief Strategy Officer, and Eliya Stein, Sr. Security Engineer. They discussed the different types of malvertising scams, trends to look out for in 2023 and industry collaboration. (Watch the video below.)

How to Protect Yourself From Malvertising Schemes

• At the core, malvertising scams are attacks on the supply chain. The more publishers are able to understand where these attacks are coming from, the more you can do. This will allow publishers to put better security in place to protect themselves and the consumer. 
• It’s important to have a good strategy to process your consumer complaints.
  • Consumers’ needs are highly essential to the ad tech ecosystem and understanding their plight with scams will increase the overall UX . 
  • Conduct yearly surveys to see how well your site has thwarted advertising scams. Report the good, the bad and the ugly. Where did we do well and where did we go wrong? 
• There’s a lot that publishers can do with partner selection. Work with security firms such as Confiant who have the knowledge and skill sets to help prevent malvertising scams. 

Looking Toward 2023 

Each panelist was asked to give a final takeaway to leave the audience with as they all look toward fighting the good fight against malvertising scams in 2023. Here is what each one had to say: 

Eliya Stein. Publishers should be careful with what they actually put on their page. Stein honed in on the group’s previous point about supply chain attacks, and said this was an issue that  goes beyond ad tech. 

• For example, “If you are updating a blog post or embedding JavaScript from somewhere that adds some kind of widget. All of these broaden the threat surface for publishers. You have to be very careful with what you introduce onto your website, especially if its code comes from an attacker.”

Jerome Dangu. There is a convergence between advertising, privacy compliance and how tracking is leveraged by bad actors. He highlighted a study that was conducted this year in which they found an attack whose sole purpose was to extract consumers’ device fingerprints and geolocations. 

• “Obviously, big security, big privacy concerns. But also you have a broader issue about who is collecting the data. We know that the bid stream is a very sensitive source of chunks of data that’s available to DSPs at large. This group essentially recreated a semblance of a bid stream from JavaScript execution in the ad creative using really sophisticated obfuscation and extracting this fingerprint data through actual consent pipes. So very sophisticated attacks.” 

John Murphy. Publishers, especially premium publishers, shouldn’t forget the leverage they have. They provide access to users. Both SSPs and DSPs need them and they should use that leverage to help to affect change in the industry. 

• For instance, “The top publishers came down and said we really think buyers.json and DemandChain Object are really important for the industry. For increasing transparency and addressing some of these issues. That’s when you get SSPs to move. By proxy, that’s going to get the DSPs to move because they want to maintain access to those premium publishers and their users. Don’t forget the power that you have as a premium publisher.” 

Watch the full webinar in the video player above, or on our AdMonsters Webinars On-Demand Platform.

The post Webinar Replay: 2023 Malvertising Preview appeared first on AdMonsters.

Yet, that does not mean a pesky scam does not sneak through the pipes every now and then. In fact, malvertising – the practice of incorporating malware in online advertisements – is still a prominent practice. Bad actors are evolving their scams and they have proved to be more profitable than before.

Malvertising is detrimental not only to publishers’ revenue but also to their reputation. Scams can help spread misinformation, steal consumer data, and affects overall brand safety. It is important that publishers stay vigilant and look out for these scams. Whether that means developing your own tech or partnering with someone else, it is essential that you keep your eyes peeled for any malicious intent lurking around the corner. 

In preparation for our upcoming webinar with Confiant — 2023 Malvertising Preview, Wednesday, November 31, @ 1 PM EST (Register Now!) — we spoke to LD Mangin, CEO & Co-Founder at Confiant. We discussed how malvertising differs from other types of ad scams, the Confiant Malvertising Elite 8 List, malvertising’s impact on consumers and publishers, and more.   

Andrew Byrd: Malvertising and ad fraud are often categorized as two sides of the same coin. Can you tell me how malvertising differs from ad fraud?

LD Mangin: It is important to recognize that ad tech is a circular supply chain. Impressions flow from the user’s browsers to the advertiser, and then creatives flow from the advertiser’s ad server to the user’s browser. Industry insiders think of the former as the demand path and the latter as the supply path. A cyber attacker sees these as two distinct attack vectors that offer different attack opportunities.  

They compromise the supply path using adware (a subset of malware, which the ad industry knows as ad fraud) to steal the brand’s money. They also compromise the demand path using malvertising, which encompasses a myriad of attack types that are oriented to compromise the user or their device (from malware to tech support scams, to investment scams, to phishing attacks — malvertising has it all). So fundamentally malvertising differs from ad fraud because it targets the user, their data, or their device and not the brand’s advertising budget. 

AB: On your website, you include an Elite 8 List of the most prominent malvertising threats. How were you able to identify these bad actors and what advice would you give to publishers to help them identify a malvertising scheme?

LDM: Accurate visibility is a requirement for effective security. Confiant has spent nine years building unique integrations into the ad tech infrastructure to be able to access the bid stream directly. We integrate pre-auction server side with DSPs, in-auction server side with SSPs, and post auction client side with publishers. These integration setups allow us to monitor the bid stream at a level of accuracy so that we can track the bad actors themselves and not just their attacks.  For pubs who want to understand who is hijacking their infrastructure to attack their users, I recommend they call us! 

AB: Major publishers such as The New York Times, Spotify, and the Atlantic have been susceptible to malvertising schemes. How were they able to become the target of these schemes and how would they be able to prevent them in the future?

LDM: They and every other publisher who connects to programmatic are susceptible to this. Malvertising is an infrastructure ad tech – i.e. it is a cyber attack that leverages the ad tech infrastructure, which means it’s important to recognize that those publishers are not the target, they are the path to the victim: the user.

Malvertisers are threat actors who pay to play. I.e. they pay the ad tech industry to let them target people with their attacks. The single biggest thing any publisher can do to mitigate these attacks over the long term is to support buy-side transparency initiatives (Buyers.json, DemandChain Object, and the client-side declaration of creatives) that allow for better attribution of bad creatives to the buyer.

AB: How does malvertising affect consumers? What kinds of problems arise when they are attacked by malware?

LDM: Losing their life savings to an investment scam, having their device hacked by a tech support scammer, having their credentials stolen… all of those are the results of malvertising. 

Register now for our upcoming Webinar: 2023 Malvertising Preview, Wednesday, November 31, @ 1 PM EST.

The post Keep Watch: Malvertising Schemes Still Lurking Within Advertising Ecosystem appeared first on AdMonsters.