Aug 27, 2019

Taking ad quality to the next level

We all know that ads that force redirects or contain malware are bad. But once you have a system like Ad Lightning in place to deal with malware and redirect ads, it becomes time to fine-tune your ad quality system and focus on other more subjective elements of ad quality.

Luckily, our new tools will allow you to reclaim control of ad quality dimensions like content, data leakage and other unwanted behaviors to decide what ads should and shouldn't be running on your site.

Report This Ad

Our new Report This Ad feature empowers readers and viewers to report ads that they find to be offensive or problematic.  Simply by clicking on the "Report Ad" button, the entire ad mark up is sent to Ad Lightning for analysis and review in the UI.

The ad can be easily mapped to demand partner so that it can be blocked on a go-forward basis if necessary.

Data Leakage

With concerns about user privacy growing and new laws passing, it is more important than ever for publishers to be able to identify all companies collecting data on their website.

Our Data Collection Graph makes it easy to see the relationships between third party calls occurring in the ad delivery chain, allowing publishers to easily track down and report unwanted or non-compliant data collection.

Google Vision Analysis

Every brand has a different idea of what is appropriate for their website. With our visual analysis scanning, we can keep inappropriate ads or competitor ads off of your website.

Simply pick a phrase or string and our tool will scan the image for that text. If there is a match, the ad will be flagged as critical and sent to your demand partners to be blocked.

Read More

Jun 14, 2019

Evolution of mobile redirects: Three new exploit types

Pesky redirect ads continue to plague the advertising ecosystem, infuriating ad ops teams and consumers alike. In fact, Ad Lightning typically sees over 350 different threats plaguing the system every day.

The good news is that blocking solutions have been widely adopted by both publishers and platforms in an effort to stop bad ads. As the technology evolves, fraudsters continue to look for ways to hide their nefarious behaviors and circumvent various protections.

Recently, we've identified three new ways that fraudsters are evading detection:

  1. Redirects are hidden within iframes. The nature of the way programmatic ads are transacted, iframes are commonly used by SSPs to deliver creative. Sometimes, when there are multiple players in a transaction, there can be multiple iframes. Often, on-page solutions can't see into multiple layers of iframes, allowing fraudsters to exploit loopholes simply by hiding themselves in an iframe.
  2. Utilizing timeouts. Fraudsters know that some blocking solutions are 100% dependant on intercepting document manipulation methods to stop redirects. While this is a good practice, it can be easily exploited by fraudsters using functions like "setTimeout " to delay their scripts. Or wait for events like "onBlur" to trigger the behavior on user action

    Here's an example:
        <body marginheight="0" marginwidth="0">
        <input autofocus="" class="_xmy9hcrid1_" onblur="javascript:try{if(navigator.userAgent.indexOf('OS 12_')!=-1){setTimeout(()=&gt;{top.location.href=';var1={sitedomain}&amp;var6=60a17756c0f253d3c106cc17e9a69a1b&amp;var5=1';},0);}else{';var1={sitedomain}&amp;var6=60a17756c0f253d3c106cc17e9a69a1b&amp;var5=1');clrinx90(0);clearInterval(window.itvid0);};}catch(e){};" style="width:0px;height:0px;border:0px;" type="text"/>

  3. Sandbox security exceptions. Sandboxing has been known in the industry as a DIY way to counter many types of mobile redirects, providing smaller sites with an easy, cost-effective solution to prevent bad ads from plaguing users. While it still provides a good backstop for some kinds of redirects, the sandbox spec itself isn't 100% clear, nor is it implemented in a standard way across all browsers. As a result, malicious actors have identified security exceptions where sandboxing doesn't work and developed methods to exploit this functionality and redirect the page.

Here's how to make sure you're protected against these threats:

  1. It's important to confirm with your ad security provider that your solution inspects code delivered within an iframe, especially deeply embedded iframes.
  2. Ensure your partners utilize multiple detection methods to stop bad ads.  This is often a combination of a blacklist as well as intercepting document manipulation. 
  3. Don't strictly rely on safeframes or sandboxing to protect your site.
Read More

Jun 12, 2019

Key Takeaways from the Taking Malvertising Fight Upstream Fireside Chat at AdMonsters' Programmania 2019

At AdMonsters’ 2019 Programmania conference our CRO Kate Reinmiller participated in a “fireside chat” with one of our clients and AdMonsters’ Editorial director. Take a look at Kate’s key takeaways from the panel.

By Kate Reinmiller

On Monday June 3rd, I had the privilege of participating in a “fireside chat” at AdMonsters' Ops 2019 conference with our client Connie Walsh, Senior Director of Advertising Operations at The discussion was moderated by Gavin Dunaway, AdMonsters Editorial Director, and was titled “Taking the Malvertising Fight Upstream.”

It’s a given that as long as ads have been served, publishers have borne the brunt of malvertising and bad creative. But as real-time blocking and other ad quality technology evolves, it’s become clear that responsibility must be shared throughout the supply chain by publishers, SSPs and DSPs alike. Connie and I enthusiastically tackled this issue in our discussion before an audience of approximately 250 digital strategists and media leaders. 

Here are some highlights from our conversation:

The conventional wisdom is that redirect attacks come on weekends—is this the case for you? From your viewpoint, what have been the biggest changes in malvertising strategy over the last year?

From our perspective yes and no. Attacks happen around the clock, however, we do see significant spikes on weekends, especially holiday weekends.  Over Memorial Day Weekend for example we noticed a 175% increase in malicious ads. Fraudsters are aware of client side technologies and using tactics to cloak their code (adding iframes, delaying their scripts, dynamically hosting content).

Connie agreed that holidays, weekends, and Q4/Q1 tends to be the worst for Legacy.  She shared that the biggest shift has been moving toward the on-page blocking solutions instead of reactively responding to user and internal complaints.

How do you get your technology partners to take more responsibility in battling malvertising? 

Connie said that while turning off fringe or heavily reseller demand partners can be an effective tactic, pausing one partner just means it will creep in from somewhere else. She is also frustrated with the same canned responses from their partners, suggesting that the issue isn’t getting strategically addressed higher up the chain.

Happily, Connie called on-page blocking “very meaningful to us because it provides an added layer of protection that we should be getting from our demand partners, but are not.” 

But, now that she doesn’t need to constantly communicate problems back to the partners, it appears Legacy is going silent and everything is fine. That shifts the onus to the publisher to use on-page blocking tactics and takes the pressure off the partners.

In moving ad quality controls upstream, what are the biggest differences in strategies and tactics?

Historically SSPs have used a combination of in-house tools plus server side scanning to look for bad actors. What we've found though, is that those steps don’t provide enough insight into what's happening on the client side. Client side tech makes it much easier to identify the source of issues, and makes it easier for SSPs to take action. Adding real-time ad quality solutions at the SSP level allows for real-time insight into bad creatives, problematic DSPs and buyers so that SSPs can act quickly.  And yes, there are ways to do this that don't have negative revenue impacts on the SSP or the publisher!

Moving upstream allows publishers and demand partners to work together to combat this issue — and starts to put more pressure on the DSPs to take accountability for ads that are entering the ecosystem through self service tools.

How effectively can you trace the sources of malvertising campaigns? 

Connie revealed that “without vendor supported resources, not very well at all.” Legacy (and other publishers) simply don’t have the technical resources to be running Charles Sessions across mobile devices every time they hear a user complain about malicious ads.

One of Connie’s longstanding gripes is that there’s no standardization in the ad request’s call chains and “the handshakes from tech vendor to vendor are not clear, and very cluttered/muddled with other intermediary tech.”

Is all real-time creative-blocking technology created equal? How do you best evaluate what’s on the market?

We believe that the addition of new companies in the space validates how pressing the issue is. Ad quality continues to be a major problem and it's not just limited to malvertising —there are also compliance issues, data leakage and bad content.

Of course, each provider has different strengths. In terms of the actual technology, there are subtle differences that matter. For example, whether or not the provider uses a blacklist, caches scripts or can replace a lost impression are all important details to know.  

Some providers have point solutions while others take a more holistic approach. We're seeing our clients test multiple solutions, which is a good thing. We do believe, however, that after an initial investigation period, it makes sense to limit actual trials to your top two vendors.  Testing longer than a month or so introduces too many variables.  

We typically encourage clients to focus on three key things: seamless integration, solution effectiveness; and the overall experience with the interface and customer service.

Consolidation in the programmatic space is always looming.  What kind of effect will that have on malvetisers and ad quality efforts?

Both Kate and Connie agreed that consolidation is a positive trend as it limits the number of entry points for bad actors and eliminates unnecessary arbitrage. But as long as there are self-serve tools and so much money being transacted in real-time, there will be actors looking to take advantage of the system.

Overall, it was a thrill to participate in this important conversation!  Keep an eye out for a couple of more in-depth interviews with Ad Lightning on AdMonsters following this event.

Read More
`` `` ``