Malvertising and
Ad Quality Index 2023 (based on 2022 data)

Read Summary  Download Full Report

Malvertising and Ad Quality Index cover


Confiant's Malvertising and Ad Quality (MAQ) Index is a view into creative quality and security in digital advertising.

Using a sample of hundreds of billions of impressions monitored in real time, Confiant is able to answer fundamental questions about the state of creative quality.

Digital advertising delivers significant value to publishers but also introduces myriad risks related to security, privacy, and user experience. Malicious, disruptive, and annoying ads degrade user experience and drive adoption of ad blockers.

In 2018, Confiant released the industry’s first benchmark report. This report, the 17th in the series, covers all of 2022.

What's New

Changelog: different in 2022

  • We added two new SSPs — SSP-O and SSP-P — bringing our total to 14. The SSP Rankings now include Google, Magnite, OpenX, Xandr, Yahoo, Index Exchange, Pubmatic, GumGum, Sonobi, TripleLift, Sharethrough,, and Sovrn.
  • We refactored our quality score to remove an issue that was largely outside of the SSP’s control. We’ve restated quality numbers for 2021 to provide an apples-to- apples comparison.
  • We broadened the set of publishers from which we pull our data.
  • For the full year report, we added Amazon TAM to the bidding framework report.


Security Violations

Security Violations

Attempts to compromise the user through the use of malicious code, trickery, and other techniques. Top issues include:

  • Forced Redirects
  • Criminal Scams
  • Fake Ad Servers
  • Fake Software Updates
  • High-Risk Ad Platforms (HRAPs)*

*Ad platforms that consistently serve abnormal levels of malicious ads and are the preferred vector for malicious actors.

Quality Violations

Quality Violations

Non-security issues related to ad behavior, technical characteristics, or content. Top issues include:

  • Heavy Ads
  • Misleading Claims
  • Video Arbitrage (formerly In-Banner Video)
  • Undesired Audio
  • Undesired Video
  • Undesired expansion

Industry View

The security violation rate in 2022 hit its highest level in three years

How did the industry fare in 2022?

How did the industry fare in 2022?
The industry-wide security violation rate nearly doubled in 2022, reaching its highest level since 2019.

The quality violation rate held steady at 0.49%, but has increased 104% since 2020. The rate has been on a downward trend since peaking in Q2.

2022 Violation Rates by Country

2022 Violation Rates by Country
For the year, Canada had the highest rate of Security issues, 27.8% higher than the next highest, France. Security rates moderated in most of the European market, with Germany and Italy being the safest markets.

The quality violation rate was highest in Japan, Canada, and Great Britain, driven by Heavy Ads and Misleading Claims.

2022 Violation Rates by Browser

2022 Violation Rates by Browser

Serious security or quality issues in 1 of every 140 impressions were detected

SSP Rankings

1 in every 330 impressions was a Misleading Claim for the worst performing SSP

2022 Security Violation Rates by SSP

2022 Security Violation Rates by SSP
SSPs H, P and Google struggled with high security violations rates. Google saw some improvement from H1 to H2, but was the last place finisher in both periods.

The top performers for the year for security were SSP-E, SSP-G, and SSP-J, with SSP-E beating 2021's winner SSP-G by a hair.

2022 Daily Maximum Security Rate by SSP

2022 Daily Maximum Security Rate by SSP
Quarterly averages can mask significant variation in day-to-day performance, so it’s important to measure the upper bound of the security violation rate for each SSP to get a sense of overall risk.

SSP-I recorded the highest daily security rate for the quarter, at 5.29%, meaning that for a particular day, more than 1 in 20 impressions from SSP-I had security issues. Other outliers included SSP-H, at 3.44%, and SSP-G at 1.61%.

2022 Security Violation Rates by SSP

2022 Quality Violation Details by SSP

Major Threat Activity 2022 Review

  • CashRewindo

    CashRewindo ad scam examples

    First seen in 2018, CashRewindo distributes attacks all around the globe, smuggling malicious code in common JavaScript libraries and aging domains like fine scotch.
    CashRewindo’s creative strategy consists of flipping between scam ads and innocuous wording.

  • Aalgmor

    Aalgmor tech support scam path

    One of the leading purveyors of tech support scams was Aalgmor. First spotted in July of this year in Search ads (Bing), the actor quickly settled on Native ads, primarily served through Taboola, with a large campaign in August.
    On peak days in October, Aalgmor’s reach exceeded 0.4% of all Taboola ads, making it one of the largest sources of Tech Support Scams

  • ... and many more. See the entire list:

    Download Full Report

Download Full Report

Confiant's Malvertising and Ad Quality (MAQ) Index provides an inside look into the frequency and severity of ad quality issues in digital advertising. Discover what were the top concerns for premium publishers, how SSPs performed in 2022, and what tactics were employed by malvertisers.

Learn about major threat groups active & their tactics

The full report details active threat actors, their techniques, & their impact on the digital ecosystem over the last quarter.

Learn how SSPs are performing

Confiant tracked impressions from over 100 SSPs. However, the vast majority of global impressions originated from just 14 providers commonly used by publishers. Explore which SSPs are performing the best and worst when it comes to ad quality.