Press Release • 3 minute read
Malvertising Violations Reach Three Year Peak, Says Confiant
Advertising technology security leader publishes 2023 annual Malvertising & Ad Quality (MAQ) industry benchmark report
- One in every 140 programmatic impressions had serious security or quality violations, a 104% increase in quality violations and nearly doubling security violations over both 2020 and 2021.
- Canada had the highest rate of security issues, 27.8% higher than France. security rates moderated in other European markets.
- Microsoft's Edge browser users were the most impacted by security issues, with a rate three times worse than Google Chrome users. Mozilla's Firefox users followed closely behind Edge with the second highest security violation rate.
- Miscategorized cryptocurrency ads declined precipitously, from 7% to 4%, in the second half, after ranking as the 3rd most blocked category by publishers in the first half of the year.
- The top four SSPs had high rates of ads with Misleading Claims. For the worst-performer of the group, 1 in every 330 impressions was a misleading claim, which was far more than the others.
- Fake Update ads predominated in Q1 and, especially, Q4, becoming the top security issue for that quarter.
NEW YORK, APRIL 27, 2023 - Confiant, the Cybersecurity industry leader for ad tech, released its 2023 Malvertising & Ad Quality index (MAQ) industry benchmark report based on 2022 annualized data. The MAQ is Confiant’s study of the current state of creative ad quality and ad security in the marketplace.
To compile the research contained in this report, Confiant analyzed a normalized sample of more than 850 billion advertising impressions monitored from January 1 to December 31, 2022, across tens of thousands of premium websites and apps from top publishers like Paramount, Gannett, and Nexstar. The MAQ leverages Confiant’s position as the vendor of choice for ad security, quality, and privacy monitoring, in order to provide a comprehensive view into the creative issues facing the industry.
The report identifies that one in every 140 programmatic ads in 2022 had serious security or quality violations, which is a significant increase over both 2020 and 2021. The quality violation rate alone, increased 104% since 2020 worldwide. Heavy Ads and Misleading Claims drove the quality violation rate highest in Japan, Canada, and Great Britain.
The MAQ reports that overall ad security violations nearly doubled in 2022, being the highest since 2019, and represented a three year high point in malvertising attacks. Viewed geographically, Canada had the highest rate of security issues, followed by France, while security rates moderated in other European markets.
“During 2022 we measured the highest rate of malicious attacks via digital ads in the last three years. Even as the industry has continued to improve its protections, our MAQ Benchmarks show the ad security issues from threat actors and the ad quality issues from the lack of transparent and accurate buy-side meta data is making life worse for publishers and their users,” said Louis-David Mangin, CEO and Co-Founder of Confiant, Inc. “These threat actors are organized criminals and the financial incentives far outweigh the risks. I wish advertisers would recognize how crucial it is for every member of the ecosystem to put the user first. We appreciate our clients who have made the investment in using our technology and also in their internal processes to create control within their piece of the ad tech infrastructure,” concluded Mangin.
When grouped by browser family across all available operating systems, Microsoft’s Edge users were the most impacted by security issues, with a rate three times worse than Google Chrome users. Mozilla's Firefox users followed closely behind Edge with the second highest security violation rate.
Confiant allows publishers to classify creatives across 100+ different industry categories, including common business verticals and sensitive topics such as Gambling, Pharmaceutical Drugs, and Alcoholic Beverages, which respectively held the top three most blocked ad categories by publishers throughout 2022, collectively representing well over 50% of all blocks. Blocks for Cryptocurrency ads declined precipitously in the second half, after ranking as the 3rd most blocked category by publishers in the first half of the year.
Confiant tracked impressions from over 100 SSPs and demand sources. However, the majority of global impressions originated from 14 providers. Those top fourteen SSPs are monitored for SSP rankings, including: Google, Magnite, OpenX, Xandr, Yahoo, Index Exchange, Pubmatic, GumGum, Sonobi, TripleLift, Sharethrough, Media.net, and Sovrn. The top four SSPs had high rates of ads with Misleading Claims. For the worst-performer of the group, 1 in every 330 impressions was a misleading claim, which was far more than the others. The MAQ provides comparison charts of security violation rates by SSP, their maximum daily percentage of security violations, and their incident response times.
The MAQ also includes similar charts on SSP quality ratings.
The nature of security threats shift constantly as attack techniques fall in and out of favor. Fake Update ads predominated in Q1 and, especially, Q4, becoming the top security issue for that quarter. The MAQ charts major threat activities by type throughout 2022, and includes descriptions of the leading threat actors and their tactics.
Confiant released the industry’s first benchmark report in 2018. This report, the H2 2022 MAQ is the 17th in the series, covering all of 2022 cumulatively. Confiant’s MAQ Index is available by visiting https://www.confiant.com/maq-index
Confiant is the cybersecurity leader in detecting and stopping Malvertising attacks. Having built hundreds of integrations directly into the web’s ad tech infrastructure, Confiant has unparalleled visibility to the malware, scams, and fraud serving through ads today. Leveraging our security expertise, we deliver complete control over ads to publishers and ad platforms, also remediating quality issues, privacy violations, and mis-categorized ads. In publishing the industry’s leading ad quality benchmark report and mapping the threat actors that use ads-as-an-attack-vector at Matrix.Confiant.com, Confiant is leading the charge in protecting users from criminals hijacking the ad tech supply chain. Trusted by customers like Microsoft, Paramount, and Magnite, we celebrate our 10th anniversary this year.
Follow us on Social
@Weareconfiant or visit www.confiant.com
for more information.