It has infiltrated everything from art to the military, and now it’s becoming increasingly troublesome in the ad tech sector through malware, phishing, and scams. 

At an AdMonsters Ops session on June 6th, “AI + Malvertising = ?,” attendees heard from Jerome Dangu, Chief Technology Officer and Co-Founder, Confiant, and Louis-David Mangin, CEO and Co-Founder, Confiant, about how AI is affecting ad tech and how we can stay aware of what is to come. 

Confiant has been in the ad security business for 10 years, giving the company a great deal of experience in recognizing bad actors and helping publishers identify these risks as well. According to Confiant, ad tech has two dimensions of security risk: victim and vector. 

Victim refers to specific types of fraud, namely bot fraud, attribution fraud, and arbitrage fraud. Vector refers to the types of ways bad actors attempt to infiltrate, through malware, phishing, and scams. Of these, scams are the bread and butter of those attacking through advertising. 

Why AI Matters In Ad Tech Today 

Ad tech is a marketplace that reaches a wide range of people, and because of this, it can be used as a vector for cyber criminals to reach others and deliver attacks. It’s important to know what our responsibility is in terms of protecting users, Mangin says. 

While ad tech is not the only ad-based vector, those who are looking to scam others out of money do not distinguish between different facets of the internet; they will go wherever they can to make the most profit. 

Ad tech is also growing very quickly, and while this is a good thing for the industry it also means more opportunity for attacks. Mangin suggests it is important to consider how we control the possible infiltration and whether our current systems are up to the task as AI continues to permeate all parts of society. 

Our industry also lacks transparency, which is advantageous to the buyer, but causes a major blindspot when it comes to cybersecurity. Confiant has set up a website, buyers.json, to help create more transparency in the industry and to help limit malicious attacks. 

There is already an established attacker base in the ad tech space, with at least 35 different groups that specialize in compromising ad tech systems. Confiant has also established a website that maps out these bad actors, matrix.confiant.com. 

Cybercrime is generating trillions of dollars, and preventing these attacks is privatized, meaning you have to pay a private company to help you if you are the victim of a cybercrime. Cybercriminals also only need to succeed a fraction of the time to make their attempts worth it, and things will only continue to get more challenging as AI helps create more effective attempts with less human effort. 

The Future of AI 

The world is currently buzzing about the unintended consequences of AI technology that have resulted from those with good intentions, but the ad tech industry should be concerned with bad actors whose intentions are malicious from the start. Ads are the best way to reach people today, leaving our industry open for a slew of attacks, particularly as AI technology improves. 

AI has a control problem, as evidenced by malfunctions that have been in the news recently. For example, the Air Force allegedly performed a simulation with AI where the AI drone killed its operators and even attempted to blow up the control tower while programmers worked to reprogram the drone to prevent further casualties. And. it has been proven that Chat GPT has the ability to lie to users. 

“We’re fundamentally tinkering with intelligence here,” Mangin shares. We don’t quite understand the technology yet, which leads to complications. He notes that a large company was recently working with Confiant to try to create security to block AI attacks, but could not create proper defenses since they could not figure out how the AI had reached a particular conclusion. 

The technology for AI is open source and every week there are huge improvements happening. Regulation is on the way soon, but while governments can enact regulations that large companies will have to follow, those who are operating in small numbers or as individuals will still be able to do what they want.

Deep Fakes And Scams

We’ve all seen AI-generated photos that look incredibly real, such as the Pope wearing a fantastic puffer jacket. This same technology that can create these photos can manipulate videos or audio to sound like it is coming from an authentic source. These deep fake videos can create trust with the people who watch them and convince them to buy into a scam. 

Another improvement in this technology that is on the way is sending malicious calls to AI programs rather than call centers with real humans. This will increase the number of people scammers are able to attack because they won’t have to physically staff call centers to complete the scam. 

It’s crucial that we as an industry are on the lookout for what is on the horizon. Bad actors will find a way to optimize access to targets through AI, and they will monetize this access. Of course, AI can help us to complete tasks, but it can also hurt, so we must be vigilant about keeping user data safe.

The post The AI Revolution Is Coming: Confiant Explains What To Look Out For And How To Help Keep Users Safe appeared first on AdMonsters.

Confiant found a cookie-stuffing campaign running across multiple programmatic ad platforms around Black Friday. What did that teach us? Bad actors will use any tactic or occasion to exploit the supply chain. 

While ad fraud is not the core focus of Confiant’s business, they work to weed out threat actors who use the programmatic process and ad networks for malicious purposes. 

In this case, the bad actor was DatalyMedia, the mastermind behind the campaign.

What is Cookie Stuffing? 

Cookie stuffing is ad fraud where a malicious campaign triggers arbitrary numbers of invalid ad conversions by generating fake clicks. It is a source of invalid traffic (IVT), which makes it a form of ad fraud. 

Cookie stuffing targets several types of campaigns, including cost-per-click (CPC) ad campaigns, various types of cost-per-lead (CPL), and cost-per-action (CPA) campaigns. Malicious actors typically generate fake clicks by loading click URLs in hidden iframes inside ads as they render.

Don’t expect this malicious practice to die down anytime soon. According to the World Federation of Advertisers (WFA), “ad fraud is likely to exceed $50 billion globally by 2025 on current trends, second only to the drug trade as a source of income for organized crime.” 

Both publishers and advertisers should worry about this practice as it affects them both. For publishers, their web page is under attack because cookie stuffing causes page latency. This derives from a massive network overload when the advertising landing pages load in hidden iframes. For advertisers, cookie stuffing distorts targeted data and degrades campaign effectiveness. 

In addition, for publishers and advertisers, cookie stuffing creates liabilities for violating privacy compliance regulations and steals money from the ad tech ecosystem. 

DatalyMedia’s Strategy

According to the data, DatalyMedia has executed its cookie stuffing schemes since at least 2015. Over time, the infrastructure and techniques DatalyMedia uses for the affiliate marketing fraud scheme have barely changed. 

DatalyMedia was caught implementing these tactics to maintain its presence in the ad tech ecosystem by:

• Creating over 100 ad serving domains.
• Partnering with ad platforms. DatalyMedia was active on at least four different advertising DSPs in 2022.
• Approaching ad security vendors about the status of their domains, claiming legitimate needs. 
• Cloaking
  • They used this tactic to circumvent detection.
  • The script that DatalyMedia executes has a cloaking component that loads one or multiple hidden iframes.
  • If the cloaking test fails, the bad actors replace the iframe with an empty image.
  • If the cloaking test succeeds, the iframe URL redirects to a secondary domain with similar cloaking. 

The Ad Tech Cartel: Laundering Via Network of Fake Sites

As one of the biggest crime syndicates in the ad tech ecosystem, DatalyMedia and other malicious actors utilized an illegal tactic that kept criminal empires afloat for centuries –– laundering. However, they laundered user data instead of money.

Similar to money laundering, DatalyMedia created two traffic paths, a dirty path that commits fraud and a clean one with legitimate traffic that hides the malicious traffic. 

DatalyMedia served programmatic ads on Publisher A’s website in the dirty path, as indicated in the graphic. These ads are cloaked in an invisible iframe to hide the cookie stuffing scheme. 

The Affected Players (Both Directly and Indirectly)

As the graphic below highlights, many aspects of the supply chain are affected by cookie fishing. As highlighted in this graphic, the amount of revenue lost serves as a warning for how diligent publishers and advertisers must be to protect themselves from ad fraud. 

The next steps: 

• The scheme uses an intermediary website (Bad Publisher B), making the conversions look legitimate to the defrauded affiliate networks and brands.
• The “dirty” path uses a POST HTTP request to Bad Publisher B, while the “clean” path uses a GET request.
• The “clean” path uses native ad networks to create traffic in the style of ad-driven content websites, but the real purpose is to create an audience to support the conversions driven by the “dirty” path.
• Traffic generated from the “dirty” path is indistinguishable from the “clean” path traffic.

Final Results

DatalyMedia’s cookie fishing scheme was quite successful. It generated a significant amount of revenue from ad fraud, but their schemes are no longer a secret due to the work of companies like Confiant. 

The study estimated that DatalyMedia served approximately 125 million display ad impressions in 2022.

DatalyMedia has had three major periods of seasonal activity over 2022: Winter, Summer, and Fall, and an all-time peak on Black Friday – November 25, with a volume of over 9x their daily 2022 average. 

The lack of industry focus on this issue has allowed these fraudsters to thrive,” says Jerome Dangu, CTO & Co-Founder at Confiant. “specifically in the case of DatalyMedia for a mind-blowing eight years.” 

Publishers and advertisers, this is your call to action to keep your eyes open for malicious actors. The supply chain is open season for ad fraud schemes, and neither you nor the consumer is immune to their attacks. Lurking under your landing pages and ads are schemers itching at the thought of stealing your revenue.

Read Confiant’s article here: https://blog.confiant.com/malvertiser-makes-the-big-bucks-on-black-friday-637922cd5865 

The post Confiant Catches Cookie Fishing Scheme: The Bad Actors of Black Friday appeared first on AdMonsters.

Whether you’re craving a rewatch or want to catch up on some much-needed viewing, AdMonsters’ webinars are available at your leisure. This year, our webinar series dealt with the future of monetization, malvertising schemes, and how publishers use data to close deals. 

Here is the replay of our Top 3 webinars in 2022. 

How Publishers Use Data to Close More Deals With Advertisers

More than ever, data ethics and transparency are essential to data gathering. Overtime, consumers grew skeptical of how publishers and advertisers use their data but now evolving privacy regulations address those concerns. 

The industry has a long road to rectify past mistakes, but progress is afoot. There is a plausible future that balances ethical data collection and revenue efficiency. Not only does this webinar delve into that notion, but also how finding the right cadence is beneficial for publishers and advertisers to continue to drive revenue.

First-party data will build a sustainable advertising ecosystem that is fully future-proofed. Need an example? 

Watch Stephanie Mazzamaro, VP of data product & operations, Trusted Media Brands (TMB) and Thomas Baart, customer success manager, EMEA, at Permutive to learn how they used their partnership. The collaboration  helps TMB increase audience size by 22X, increase RFP win rate by 31%, and use first-party data to drive 94% of their direct-sold campaigns. 

2023 Malvertising Preview

Trends such as iframe sandboxing, vendor adoption, and better threat sharing all contributed to decreases in forced redirects. Thanks to the due diligence of ad quality vendors, tools are available to ward off malvertising and bad actors. 

While these tools are helpful, they, unfortunately, do not fully solve the issue. Bad actors only get better at the games they play. Secret holes in the open web allow malicious schemers to find innovative ways to attack both publishers and consumers.

Now, this isn’t the time to become complacent. You should ask yourselves: 

• How can I identify a malvertising scheme? 
• What are the malvertising trends for the upcoming year? 
• How can I play a role to help decrease the prevalence of these schemes? 

AdMonsters chatted with senior executives at Confiant about the different types of malvertising scams, trends to look out for in 2023, and industry collaboration. 

The Future of Monetization

Are you contemplating the future of your monetization goals? Here’s what you should consider: 

• Privacy regulations shifted how the entire industry runs its businesses. 
• The power dynamic between the consumer, publisher, and advertiser are changing. 
• Tech innovations made app publishers reevaluate their ARPDAU. 

Don’t fret. You can reach your monetization goals, but it’s time to shed your old practices and evolve. While ad revenue is vital to any thriving business, it must not outweigh the needs of your audience. 

“Monetization is important, but it is a secondary metric,” said Ram “TK” Krishnamurthy, General Manager (Meson) and VP of strategic partnerships, InMobi. “It is something that has to be done, but in a way that helps you retain the user.” 

In an ad spend slowdown, “The Future of Monetization” is an essential viewing. TK and Adam Sadur, head of programmatic, SmartNews, spoke about how publishers are taking control of their monetization destiny, what to expect in 2023, and more. 

The post AdMonsters 2022 Rewind: The Great Webinar Replay appeared first on AdMonsters.

However, that did not hinder bad actors from evolving new practices to keep up their schemes. There’s still a lot more work to be done before publisher sites are scam free. Lurking under secret holes in the open web, bad actors are finding innovative ways to attack both publishers and consumers. 

Now isn’t the time to become complacent. The industry as a whole should be on the lookout for these scams. You should be asking yourselves: How can I identify a malvertising scheme? What are the malvertising trends for the upcoming year? How can I play a role to help decrease the prevalence of these schemes? 

During our Nov. 30, 2022 webinar, 2023 Malvertising Preview, AdMonsters chatted with Confiant malvertising experts Jerome Dangu, CTO & Co-Founder, John Murphy, Chief Strategy Officer, and Eliya Stein, Sr. Security Engineer. They discussed the different types of malvertising scams, trends to look out for in 2023 and industry collaboration. (Watch the video below.)

How to Protect Yourself From Malvertising Schemes

• At the core, malvertising scams are attacks on the supply chain. The more publishers are able to understand where these attacks are coming from, the more you can do. This will allow publishers to put better security in place to protect themselves and the consumer. 
• It’s important to have a good strategy to process your consumer complaints.
  • Consumers’ needs are highly essential to the ad tech ecosystem and understanding their plight with scams will increase the overall UX . 
  • Conduct yearly surveys to see how well your site has thwarted advertising scams. Report the good, the bad and the ugly. Where did we do well and where did we go wrong? 
• There’s a lot that publishers can do with partner selection. Work with security firms such as Confiant who have the knowledge and skill sets to help prevent malvertising scams. 

Looking Toward 2023 

Each panelist was asked to give a final takeaway to leave the audience with as they all look toward fighting the good fight against malvertising scams in 2023. Here is what each one had to say: 

Eliya Stein. Publishers should be careful with what they actually put on their page. Stein honed in on the group’s previous point about supply chain attacks, and said this was an issue that  goes beyond ad tech. 

• For example, “If you are updating a blog post or embedding JavaScript from somewhere that adds some kind of widget. All of these broaden the threat surface for publishers. You have to be very careful with what you introduce onto your website, especially if its code comes from an attacker.”

Jerome Dangu. There is a convergence between advertising, privacy compliance and how tracking is leveraged by bad actors. He highlighted a study that was conducted this year in which they found an attack whose sole purpose was to extract consumers’ device fingerprints and geolocations. 

• “Obviously, big security, big privacy concerns. But also you have a broader issue about who is collecting the data. We know that the bid stream is a very sensitive source of chunks of data that’s available to DSPs at large. This group essentially recreated a semblance of a bid stream from JavaScript execution in the ad creative using really sophisticated obfuscation and extracting this fingerprint data through actual consent pipes. So very sophisticated attacks.” 

John Murphy. Publishers, especially premium publishers, shouldn’t forget the leverage they have. They provide access to users. Both SSPs and DSPs need them and they should use that leverage to help to affect change in the industry. 

• For instance, “The top publishers came down and said we really think buyers.json and DemandChain Object are really important for the industry. For increasing transparency and addressing some of these issues. That’s when you get SSPs to move. By proxy, that’s going to get the DSPs to move because they want to maintain access to those premium publishers and their users. Don’t forget the power that you have as a premium publisher.” 

Watch the full webinar in the video player above, or on our AdMonsters Webinars On-Demand Platform.

The post Webinar Replay: 2023 Malvertising Preview appeared first on AdMonsters.

Yet, that does not mean a pesky scam does not sneak through the pipes every now and then. In fact, malvertising – the practice of incorporating malware in online advertisements – is still a prominent practice. Bad actors are evolving their scams and they have proved to be more profitable than before.

Malvertising is detrimental not only to publishers’ revenue but also to their reputation. Scams can help spread misinformation, steal consumer data, and affects overall brand safety. It is important that publishers stay vigilant and look out for these scams. Whether that means developing your own tech or partnering with someone else, it is essential that you keep your eyes peeled for any malicious intent lurking around the corner. 

In preparation for our upcoming webinar with Confiant — 2023 Malvertising Preview, Wednesday, November 31, @ 1 PM EST (Register Now!) — we spoke to LD Mangin, CEO & Co-Founder at Confiant. We discussed how malvertising differs from other types of ad scams, the Confiant Malvertising Elite 8 List, malvertising’s impact on consumers and publishers, and more.   

Andrew Byrd: Malvertising and ad fraud are often categorized as two sides of the same coin. Can you tell me how malvertising differs from ad fraud?

LD Mangin: It is important to recognize that ad tech is a circular supply chain. Impressions flow from the user’s browsers to the advertiser, and then creatives flow from the advertiser’s ad server to the user’s browser. Industry insiders think of the former as the demand path and the latter as the supply path. A cyber attacker sees these as two distinct attack vectors that offer different attack opportunities.  

They compromise the supply path using adware (a subset of malware, which the ad industry knows as ad fraud) to steal the brand’s money. They also compromise the demand path using malvertising, which encompasses a myriad of attack types that are oriented to compromise the user or their device (from malware to tech support scams, to investment scams, to phishing attacks — malvertising has it all). So fundamentally malvertising differs from ad fraud because it targets the user, their data, or their device and not the brand’s advertising budget. 

AB: On your website, you include an Elite 8 List of the most prominent malvertising threats. How were you able to identify these bad actors and what advice would you give to publishers to help them identify a malvertising scheme?

LDM: Accurate visibility is a requirement for effective security. Confiant has spent nine years building unique integrations into the ad tech infrastructure to be able to access the bid stream directly. We integrate pre-auction server side with DSPs, in-auction server side with SSPs, and post auction client side with publishers. These integration setups allow us to monitor the bid stream at a level of accuracy so that we can track the bad actors themselves and not just their attacks.  For pubs who want to understand who is hijacking their infrastructure to attack their users, I recommend they call us! 

AB: Major publishers such as The New York Times, Spotify, and the Atlantic have been susceptible to malvertising schemes. How were they able to become the target of these schemes and how would they be able to prevent them in the future?

LDM: They and every other publisher who connects to programmatic are susceptible to this. Malvertising is an infrastructure ad tech – i.e. it is a cyber attack that leverages the ad tech infrastructure, which means it’s important to recognize that those publishers are not the target, they are the path to the victim: the user.

Malvertisers are threat actors who pay to play. I.e. they pay the ad tech industry to let them target people with their attacks. The single biggest thing any publisher can do to mitigate these attacks over the long term is to support buy-side transparency initiatives (Buyers.json, DemandChain Object, and the client-side declaration of creatives) that allow for better attribution of bad creatives to the buyer.

AB: How does malvertising affect consumers? What kinds of problems arise when they are attacked by malware?

LDM: Losing their life savings to an investment scam, having their device hacked by a tech support scammer, having their credentials stolen… all of those are the results of malvertising. 

Register now for our upcoming Webinar: 2023 Malvertising Preview, Wednesday, November 31, @ 1 PM EST.

The post Keep Watch: Malvertising Schemes Still Lurking Within Advertising Ecosystem appeared first on AdMonsters.

While every honoree was top-notch, there were a few that we encourage you to keep an eye out for as they are doing incredible things within media and ad tech. Don’t sleep; the future is female. (Click here to view all of this year’s Top Women In Media & Ad Tech Honorees.)

20 Top Women in Media & Ad Tech to Look Out For

CHANGEMAKERS HONOREES

1. Chira Schaad

VP & Head of Brand Engagement, L’Oreal USA

At L’Oreal, Chira focuses on enhancing creative intelligence in global teams. Being an immigrant from Romania granted her a different kind of drive and motivation; from an early age, she was destined to make an enormous impact. In a recent video with VidMob, she mentioned that math was the only language she knew when moving to the United States. Still, she ironically majored in Art History in college. She is now using both her knowledge of numbers and creativity to do great things. She is currently teaching her team at L’Oreal how to nail the creative aspect of brand and platform best practices to measure effectiveness against their established KPIs. She recently chatted with VidMob and highlighted how she approached the marketing and creative process with data and how she is transforming decision-making at L’Oreal.

2. Morgan Martins

Head of Marketing, Confiant

With over 20 years of marketing experience, Morgan provides innovative, integrative marketing programs for start-ups and global projects in B2B, Ad Tech, SaaS, Real Estate, Legal, and Higher Education that build brand share, revenue, growth, and customer retention.  Morgan’s expertise in strategic marketing, PR, Social Media campaigns, cultural communications, marketing ops, sales enablement, and training are crucial to driving awareness, engagement, and customer journeys resulting in conversion. At Confiant alone, Morgan has increased year-over-year growth and landed them press coverage in print and broadcast outlets globally. 

3. Sheila Marmon

CEO, Mirror Digital

Sheila is a star in her own right who is very passionate about working on the launch and operations of new digital media businesses. For the past 20 years, she has established innovative platforms while in leadership roles in strategy, operations, new ventures, and finance at Warner Media, Morgan Stanley, Mercer Management Consulting, and Essence Communications. As the founder and CEO of Mirror Digital, a media and advertising company, she aids Fortune 500 brands in reaching their fastest-growing U.S. consumer base – the multicultural market. Sheila is doing big things and has fully executed over 550 digital campaigns for clients like AT&T, Clinique, Disney, Ford, General Motors, Intel, IPG Group, Macy’s, Netflix, Omnicom, Procter & Gamble, Universal Pictures, WPP, and other leading brands and advertising agencies.

4. Elizabeth Herbst-Brady

Head of Global Revenue & Client Solutions, Yahoo

Elizabeth’s extensive track record makes her a change maker, and she continues to pave the way in marketing, sales, management, and media. She is a boss with over 30 years of experience who has seamlessly achieved company goals while driving transformation across multiple functions and teams. At Yahoo, she oversees the global sales and business development team of 1700, and before that, she led the North American sales and international operations, teams. She has established many global relationships throughout her career, allowing her to deliver cohesive strategies and execution for worldwide demand and supply clients and partners. This Top Woman is an inspiration to many.

5. Tiffany Ashitey

Director of Creator Network, US, Acast

Tiffany made her mark on the industry when she founded and ran ESSENCE Podcast Network, the first-ever podcast network in the brand’s history, and she’s only ratcheting things up from there. Currently, she is the U.S. Director of Creator Network at Acast, the world’s leading independent podcast company that hosts, distributes, and monetizes over 40,000 podcasts. She oversees domestic podcast acquisition, partnership management, and growth. Tiffany is also a three-time Webby Award-nominated Executive Producer with over a decade of experience leading, executing, and managing audio storytelling, video production, digital, and podcast production projects.

CONTENT CAPTIVATORS HONOREES

6. Jenny Guy

VP, Marketing & Communications, Mediavine

Jenny is a top-rated conference speaker, leader, innovator, and creative thinker. She has done great things in influencer marketing, affiliate programs, corporate branding, and product marketing throughout her career. Currently, Jenny leads all marketing initiatives for Mediavine and is the host of the company’s Teal Talk, Summer of Live, and Mediavine On Air. Tune into one of her podcasting episodes here.

7. Tracy Connor

Editor-in-Chief, The Daily Beast

Tracy Connor is an award-winning journalist who has the content thing down to a science. Before being appointed Editor-in-Chief of The Daily Beast in August of 2021, she served as the Executive Editor for three years. Her career began at The Daily Beast in 2018, bringing with her an extensive career from NBC News, where Tracy reported for the website before joining the investigative unit. In her past life, she also worked for New York Daily News, the New York Post, and United Press International. She has won numerous awards over her decades as a journalist, including a Deadline Club award, a Gracie award, and four Emmy nominations.

DATA DEMYSTIFIERS HONOREES

8. Anastasia Dukes-Asuen

Sr. Director, Advanced TV Data & Insights, Ampersand

Anastasia is a leader and innovative collaborator who works hand-in-hand with Ampersand’s National Sales and Product teams to ensure the proper execution of addressable campaigns and alignment with advertisers’ needs. She leads the data and insights team for the company’s national addressable clients while managing unique data partnerships and viewing insights into STB data from over 40MM households. She does all of this while also being a wife and a mother of two.

9. Jasmine Jia

Associate Director, Data Science, Blockthrough

Jasmine hit the ground running at Blockthrough when she designed and launched an algorithm to analyze what causes unfiltered inventory within their network and instilled action items with a forecasted revenue impact of +$3M/year for pubs. Every day at Blockthrough, she works on building the company’s data science practice from the grassroots. Her day-to-day consists of mining Blockthrough’s massive dataset of auctions and creative content to discover insights that can help enhance technology, reduce redundancy, and spot hidden revenue opportunities.

10. Dr. Yana Volkovich

Director, Data Science, Xandr

Dr. Volkovich just happens to be the only woman on this list with a Ph.D. She has been a data science leader and subject matter expert in machine learning, graph theory, computation science, and heavy-tailed distribution for over 15 years. Throughout the last seven years, she collaborated with executives to administer a surplus of strategic corporate initiatives in digital advertising. At Xandr, her role consists primarily of leading identity workstreams.

11. Sheila Colclasure

Global Chief Digital Responsibility & Public Policy Officer, Interpublic Group

This photo is giving Sheila for President, and so is her career background. She was previously the Axiom global chief data Ethics officer and public policy executive, manager of Congressional and Political Affairs for the American Institute of Certified Public Accountants in Washington, D.C., and staff assistant in the U.S. Senate. Sheila is the definition of a Wonder Woman and a known global leader in applied data ethics, accountable data governance, and human-centered digital responsibility. She is on the advisory board for the Information Accountability Foundation and a corporate liaison to many industry standards-setting groups. Sheila is often called on by policymakers, regulators, and government agencies for her insights on data integrity. Her impressive background and phenomenal work have earned her recognition by Chief Security Officers as one of the “12 amazing women in security” in 2017.

DEI CHAMPIONS HONOREES

12. Femi Olu-Lafe

SVP of Global Culture and Inclusion, Kinesso (an IPG company)

Femi leads the DEI strategies for Kinesso and its sister IPG agencies, Acxiom and Matterkind. In her role, she extends the impact of already instilled DEI efforts, identifies opportunities for new programs, and champions the company’s focus on ensuring that all data and technology products are inclusive and respectable. She is passionate about ensuring all employees have impactful ways to engage, so they can continue co-creating the diverse and inclusive culture at the heart of each company’s values.

13. Imani Laners

VP of Partnership & Multicultural, Zeta

Imani has been pushing the multicultural needle for over 13 years and is Zeta Global’s new Vice President of Multicultural Sales. She gladly champions multicultural consumers and digital media solutions to leading international brands like BMW, Emirates Airlines, Amtrak, British Petroleum, FIAT, IKEA, U.S. Department of State, Moet Hennessy, Ford, and Chrysler, to name a few.

ENTREPRENEUR HONOREE

14. Shachar Orren

Co-Founder and Chief Marketing Officer, EX.CO

Shachar Orren is a thought leader in the video industry, sharing her expertise with emerging professionals and industry experts alike. Her company, EX.CO is a globally in charge content experience platform with significant investors’ support, and The Walt Disney Company is one of them. EX.CO is behind billions of personalized interactions around the web, and Shachar has been a huge part of EX.CO’s rebranding efforts. At EX.CO, she manages an international team of marketing experts who are responsible for sharing EX.CO’s story with precision, consistency, and long-term impact.

MAGNANIMOUS MENTORS

15. Kate Spellman

CMO, Questex

Kate is a well-accomplished industry leader with a concrete track record in launching and driving rapid growth in revenue within information service businesses. Throughout her achievements, she brings a unique balance of strategic vision and precision, and her collaborative style allows for traction through partners and acquisition. Kate positively influences her colleagues and is known to pay it forward and help other emerging professionals in her line of sight. She is usually looked to for insight as she knows a surplus about the rapidly evolving ecosystem of technology, events, and practical applications in the marketing services arena.

PROGRAMMATIC STORYTELLERS HONOREES

16. Erin Madorsky

Chief Strategy Officer & Managing Director MiQ

Erin is an industry veteran known for her passion, drive, integrity, and deep knowledge of the ad tech sector. She has delivered unwavering business results on behalf of several industry organizations and is currently the CSO at MiQ, a global programmatic activation partner to brands and agencies. She is an established and trusted leader in the ad tech space. She has expertise in building and executing effective strategies for revenue growth, territory management, and team leadership in emerging and high-growth digital ad tech and media markets. Before joining the MiQ team, Erin was the Chief Revenue Officer for mobile technology company Verve and was previously SVP of Sales for Viant Inc.

17. Christine Jennings

VP of Product Marketing, The Trade Desk

Christine Jennings has quite an impressive resume. At The Trade Desk, Christine oversees all aspects of the company’s internal and external marketing operations, supporting all customer success and content strategy programs. Before joining The Trade Desk, she was the Senior Director of Marketing & Campaigns for Sales Cloud at Salesforce. And before that, the Director of Product Marketing. She joined Salesforce after spending nine years at Adobe, starting as a Campaign Marketing Manager and working her way up to Senior Content and Social Strategist for Creative Cloud.

TECH TRAILBLAZER HONOREES

18. Gabriela Maestre

VP, Creative Solutions, Tremor International

As VP of Global Creative Solutions at Tr.ly — Tremor International’s in-house Creative Studio — Gabby is responsible for developing full-funnel video solutions that empower markets to scale their message to the right audience at the right time. She has over 15 years of experience working in broadcast, and digital solutions across multiple industries, always focused on the details surrounding storytelling for different screens and audiences. She is usually the non-traditional voice “in the room where it happens,” frequently collaborating with C-Suite executive leaders in new business pitches and client consultations as creative cross-screen optimization is key to brands’ campaign strategies.

19. Linda Payson

VP of Product, Mediavine

Currently leading Mediavine’s Product and UX teams, Linda has been in the game for a long time with over 20 years of ad tech experience. She focuses on building the company’s overall product strategy and scaling operational practices. She also has a seat at the prebid table, where she contributes to the org’s message of making the web experience better for advertisers, publishers, and consumers as the future of media continues to elevate.

20. Heather Petty

Manager, Client Services + Strategy, January Digital

Digital media is Heather’s firstborn child. She is driven by the desire to learn about digital marketing, content creation, and campaign strategy. Having graduated from Penn State in 2020, she has risen twice at January Digital, where she is currently a Client Strategy & Service Manager. In 2021, she received the January Digital’s peer-nominated 2021 Founder Award and remains an integral member of the agency.

To view all of this year’s Top Women In Media & Ad Tech Honorees click here

The post 20 Top Women in Media & Ad Tech to Look Out For appeared first on AdMonsters.

I caught up with John Murphy, Chief Strategy Officer at Confiant about some surprising findings in Confiant’s Malvertising & Ad Quality Index Q1 2021 report. It seems Google has slipped in the SSP rankings related to malvertising and ad quality.

A perennial strong performer, Google experienced an uncharacteristic setback this quarter. Their security violation rate increased from 0.05% in Q4 to 0.18% in Q1 and exceeded the industry average for the first time. SSP-L had the highest Security violation rate, coming in at 213x the rate of the best performing SSP. SSP-L was also the worst performer in Q4.

John explains:

Rob Beeler: Considering Google’s size in the marketplace, what impact might this have on users and the amount of malicious activity that’s actually getting to users and not getting filtered out?

John Murphy: It’s huge. If Google sneezes, everybody else catches a cold. That’s how large they are compared to the rest of the industry. So, I think largely over the next few quarters, whether the industry runs clean or not is largely going to be dependent on how Google addresses this issue.

Rob Beeler: How much does the ranking of the SSPs in your report vary from quarter to quarter?

John Murphy:  There’s a fair amount of variance. We definitely have seen instances where an SSP will perform very well one quarter, and then very poorly the next quarter, and even swing back the quarter after that. So there are some SSPs where we do see that high level of variance, and it really comes down to whether they were targeted with an attack. Besides Google, there is a group of SSPs that consistently performs well, and very rarely runs into issues with malvertising.

Rob Beeler: What do security companies need to do to protect users from these new threats?

John Murphy:  Some of our competencies from previous versions of malvertising are still very much relevant. In these new attacks, cloaking isn’t always utilized, but in a lot of them, they do cloak. A malvertiser may submit what appears to be a completely innocuous creative for review by a DSP, or an SSP, just to get it into the ecosystem. But then that creative will change once the campaign is live, and perhaps only to certain segments of users. So that can be challenging to detect, because obviously, in that case, the threat actor is actively trying to evade any sort of detection, any of the quality control mechanisms that are put in place by the industry.

Companies like Confiant have become very good at detecting cloaking because we have instrumentation on the client-side. So in real users’ browsers, we’re going to see any payload that is being delivered, any change in the nature of the advertisement between when it might’ve originally entered the ecosystem to five minutes ago. 

That’s still relevant. What has changed is there’s now a need to not only look for those technical markers of a threat but also the business markers. It requires being able to do that research on the entities that are behind an ad and the business models behind different ads, because you need to look not only, again, for maybe signs of cloaking, but also for language or offers that are frequently used to swindle users out of their money. Some are fairly straightforward, any sort of Bitcoin investment opportunity probably requires a close look, but this certainly extends to other sorts of offers in categories where you wouldn’t necessarily think there was a high probability that it was a scam.

Download the Malvertising & Ad Quality Index Q1 2021 report to learn more about the state of creative quality in digital advertising based on 156 billion impressions monitored in real-time in Q2 2021.

The post Google’s SSP Security Ranking Slips appeared first on AdMonsters.

Between mounting privacy regulations and privacy enforcement measures being taken by big tech, publishers are in need of simple solutions that ensure consent compliance (and that they can trust). And even when publishers are doing the right thing and following the law, they may find themselves liable for a non-compliant partner.

Publishers also need insight into their partners’ regulatory compliance, especially when it comes to creative. Publishers need a bridge. This is why Confiant has launched Privacy Compliance as a complement to CMPs providing end-to-end privacy compliance coverage in real-time.

AdMonsters spoke with John Murphy, Chief Strategy Officer, Confiant, about how the company’s new tool helps publishers, as well as why publishers need to monitor each creative to ensure compliance, how privacy regs and platform changes are impacting publishers’ bottom lines, the growing problem with browser fingerprinting and much, much more.

Lynne d Johnson: As privacy regulations like GDPR, CCPA, and CPRA heat up and big tech like Apple and Google make sweeping changes to protect consumers’ privacy, what are some of the biggest challenges that publishers face? Also, how are all of these changes impacting publisher revenue?

John Murphy: Publishers are responsible for ensuring that user tracking that occurs on their properties conforms to privacy regulations and user expectations. However, these regulations are complex and becoming ever more varied as new laws are adopted. GDPR was complex but at least has the benefit of covering a vast region. The situation in the U.S. is becoming much more challenging.

California has CCPA, which is already being superseded by a new regulation, CPRA. Virginia has a new privacy law called VCDPA that’s going into effect at the beginning of 2023. Colorado is poised to announce their own regulations. There is considerable activity at the Federal level as well.

It’s quickly becoming alphabet soup, testing the capabilities and patience of even the most sophisticated publishers. The challenge is further exacerbated by the realities of programmatic advertising—a publisher often has little to no connection to or even knowledge of the tracking entities that could be present when an ad renders. So publishers often feel they have all the responsibility and none of the control. The risks to publishers are profound: if they are found to be non-compliant, publishers may be on the hook for up to 4% of global revenues, a truly enormous sum.

LdJ: The liability for user consent seems to fall solely on publishers even when it’s their partners who might be practicing non-compliance. How can publishers get ahead of this?

JM: Publishers can get ahead of this by evaluating the risks posed by their own tracking activities as well as those of their vendors and partners. Consent Management Platforms (CMPs) can assist in this exercise, but they leave a gap when it comes to digital advertising, which by its very nature is very dynamic. For this sector, a publisher needs to put monitoring in place that evaluates each creative as it renders to ensure compliance with privacy law.

LdJ: You guys have a new tool called Privacy Compliance that complements a publisher’s CMP by identifying privacy issues in real-time at the creative level. Why is it important to identify consent mismatch at the creative level and not just at the page level?

JM: CMPs focus on the collection, transmission, and tracking of user consent information. What CMPs don’t do (and to be fair, weren’t really designed to do) is ensure that each and every creative that comes back from the adtech ecosystem is actually abiding by those signals. A few CMPs do offer rudimentary scanning at the page level, but this technique misses the vast majority of ads because—at any one time—there are literally millions of unique creatives running through programmatic advertising.

A page scanner that looks at a few hundred creatives a day using a couple dozen synthetic user profiles just isn’t going to give a publisher visibility into the full breadth of demand following through programmatic pipes. This leaves publishers exposed. They are likely serving ads that violate GDPR and CCPA even if their CMP is doing everything it’s supposed to.

LdJ: Browser fingerprinting, a method of collecting data about individuals, is a growing concern for publishers as they prepare for the cookiepocalypse. How is this harmful to publishers and users, and what can publishers do about it and better protect their audiences?

JM: Browser fingerprinting involves creating a unique fingerprint of a user’s computing device based on the many characteristics that differ from one computer to another (IP address, user-agent, screen resolution, operating system, fonts installed, etc). Because this form of tracking has no need for cookies, we expect its usage to skyrocket as Chrome moves to block all 3rd party cookies.

A visit to Cover Your Tracks will demonstrate just how sophisticated these techniques have become. Some regulations take a stricter stance on fingerprinting than on cookies, so it’s important for publishers to know when it’s happening and ensure that they want to take the risk. Confiant’s Privacy Compliance solution allows publishers to detect and block client-side browser fingerprinting in real-time, protecting themselves and their audiences from this invasive technique.

LdJ: One would think that better consumer privacy in the advertising ecosystem would mean that publishers and consumers are also better protected from cybercriminals. But this isn’t exactly the case, is it? How are publishers and consumers still at risk? 

JM: Privacy is clearly an important consideration for publishers and users, but it’s not the only risk that they face. Publishers and users are continuously inundated with disruptive, offensive, and dangerous ads. Our research indicates that roughly 1 in every 150 ad impressions delivered to users is either malicious or disruptive. Privacy laws do nothing to protect users from these threats.

Cybercriminals take advantage of the fragmentation within adtech to infiltrate the ecosystem and leverage its immense reach and precision to target users with malware and all manner of scams. While governments have recently focused on the privacy risks to users, little has been done to address these other risks

The post Bridging the Privacy Compliance Gap appeared first on AdMonsters.

Now recall five pages later in your surfing experience, when wonder turned to dread—are those annoying ads going to be everywhere I go? 

The issue of low-quality digital ads is as old as digital advertising itself. Those early ads soon brought malware and fraud with them, followed by the appearance of ad blockers in their earliest form. In some sense, publishers have always been at war against bad ads—and bad ads continue to limit our potential as an industry.

Fast forward to the present, where publishers are facing a very uncertain future. CPMs are down as advertisers pull back. Publishers are adding more ads per page and lowering their floors to capture more revenue, hoping to ride things out until higher CPMs return. 

Unfortunately, more ads, lower floors, and other desperate moves lead to more opportunities for bad actors to step in. For users, more will adopt blockers to maintain some level of quality experience as they consume content.

“Publishers are fighting two battles at once to prevent revenue and user disruption: malvertisers and ad blockers,” said Confiant Cofounder and CEO Louis-David Mangin at AdMonsters Publisher Forum in Santa Monica. “Both are part of the same war, and for the industry to win this war, it needs to win both battles.”

Where We Are Winning

In his presentation, Mangin shared some battles we are winning. The rate of in-banner video (IBV) impressions has fallen precipitously over the past eight quarters. Industry initiatives such as ads.txt have closed the arbitrage opportunity that powered most IBV.  

This, combined with moves by the major browsers and SSPs to disable autoplay video ads, has made IBV an endangered species. According to Confiant’s 2019 Q4 Demand Quality Report, 50% of low-quality and IBV impressions came from just two SSPs. With this information, publishers are in a position to further squeeze IBV out of the ecosystem.

What We Are Hearing

The research exists to tell us that there is more work to be done. Users are clear that they see too many ads, that the ads are annoying, irrelevant or just too intrusive. They are also aware that ads are the means by which malicious code is delivered. Research on people who have installed ad blockers confirms that the top 5 reasons can be attributed to malicious, low quality, and unsuitable ads.

Every year, more research comes out to confirm this. It’s clear from all this data that we’re not doing enough. Confiant’s report states that in 2019, 1 in every 150 impressions was dangerous or highly disruptive to the end-user.

For publishers, it’s key that they monitor their partners—primarily their SSPs. Perhaps the most alarming stat from the Confiant report is that the average malware attack response time is measured in days—not hours, minutes or even seconds.

It’s publishers addressing response time with their SSPs and choosing who their real partners are, that we’ll see this addressed.

What We Have to be Mindful Of

IBV may not have been knocked out, but bad actors looking to exploit our industry continue to evolve. FizzCore, for example, has perfected the art of audit circumvention to exploit the gullibility of aspiring cryptocurrency investors. Eschewing forced redirects, FizzCore implements techniques to evade ad quality reviews and drive users to cybersecurity scam sites. Evasion techniques include cloaking (display of fake ad creatives and landing pages to ad quality scanners); reputation and relationship building in the ad ecosystem; and carefully crafted localized campaigns using celebrity-endorsement clickbait.

Financial uncertainty makes everyone second guess their quality guidelines–are we maintaining an unnecessary standard when revenue is at risk? The problem with that thinking, of course, is that we are walking ourselves into a trap. If we annoy users further, ad-block rates will go up. If we let down our guard, more malicious activity will occur on our watch. 

As publishers, we must do our best to hold the line on quality ad experiences so that when we do emerge from this dark time, we won’t have lost everything.

The post PubForum Spotlight: We’ve Always Been At War With Bad Ads appeared first on AdMonsters.