2020 has seen the rise of a specific type of malvertising that is less reliant on previous tactics such as forced redirects to phishing malware pages. While not new, the approach of using misleading imagery, language, and cloaked landing page domains has become more common. We recently launched a misleading claims detection and ad blocking feature in order to tackle this issue. In this blog post, we’ll define misleading claims and break down the impact to publishers and users.
“Get rich quick” and “lose weight fast” are claims that sound too good to be true and are just two of several examples of misleading claims lurking within programmatic advertising. Misleading claims are essentially tactics Malvertisers rely on to entice and lure users into scams and they come in many forms such as:
Misleading claims are the starting point for bad actors. This is how they infiltrate websites and initiate their attacks to get to audiences. To understand why Publishers need to watch out for misleading claims, let’s take a look at how these schemes work.
Here’s an example of a seemingly harmless ad from a bad actors campaign:
When a user clicks on the ad, they are sent to a layman’s article about horticulture. Then a week goes by and the campaign flips. The creative changes and becomes a little edgier:
Keep in mind that this is the exact same ad as the “how rice grows” ad, just new creative. It was veiled at first to be hidden from quality and security controls, and once those checks have been passed the bait and switch goes into full effect.
When the user clicks the ad now, users will see the investment opportunity of a lifetime (aka the scam page)!
As mentioned in Confiant’s research, tactics like these are rarely global, but usually targeted to specific geography (and maybe even devices). Malvertisers do this to target specific audiences and fly at least somewhat under the radar.
Believe it or not, these tactics are happening right now as you're reading this. In October, we detected roughly 2800 of these cloaked click-bait-and-switch attacks, and just last month, over 1300. As our Sr. Security Engineer Eliya would put it “It’s the fastest growing malvertising tactic, even though it's far from new.”
Credit: Fox/Simpsons
Think of the impact to your user experience. Misleading ads with false claims devalue the look of your site, expose visitors to scams, and cause reputational damage that could lead to legal action. Not to mention these ads ruin the customer experience, which can reduce traffic.
It’s all about user trust. Misleading claims result in a loss tied to your audience. If they come across one of these scams and get pulled in, publishers are first to blame. Unfortunately, it leaves the user with a negative experience and will make them think twice before visiting your site next time. We get it and understand that publishers don’t have control here, which is why we’ve rolled out this new beta feature to help prevent these types of situations.
If you are a Confiant publisher, you can enable this new beta feature in the configuration settings, under the Quality section.
For those who aren't currently protected for misleading ads, learn more and request a trial today at https://www.confiant.com/#request-trial