Megan Ly • 2 minute read
Native Ads are Three times more likely to have security issues than banner display ads.
Native ads are designed to blend into content pages in order to be engaging to users, which sometimes gives users the impression that the ad is actually part of the content and therefore trustworthy.
The Intrinsic Dangers of Native Ads
As the adtech industry refers to it, a “native ad” is an ad designed to blend into the content of the page. The presence of on-page native ads have grown significantly over the past few years. From 2018-2020, advertisers’ spend on native more than doubled, reaching $45 billion in 2020 (eMarketer). The accelerated growth of native advertising opens up more opportunity for cyber attackers to launch malicious threats through native channels. In recent years, Confiant has seen the rise of 'malicious clickbait', a style of attack that promotes criminal scams after users have engaged with the ad. Attackers benefit from higher engagement rates with native ads, as the advertisements are often viewed with more trust than social ads (Outbrain). Native ads also accrue impressively high click-thru rates, with averages that exceed traditional display by over 800% (Xandr).
It's no surprise, given these statistics, that publishers have adopted native ads for monetization at such a quick rate. At the same time, it's valuable for publishers to be aware of threats posed by bad actors through native ads, in order to protect their reputation and users. Native advertising has the risk of being particularly deceptive, as the ads are styled to mimic article pages or take users to other articles through "Recommended Content" widgets. It is after the user has clicked on the ad that they are susceptible to malware-infected landing pages, criminal scams or denial-of-service, to name a few of the more common threats.
Some examples from Confiant’s research of actual criminal scam violations
Confiant built out our native advertising coverage with the knowledge that it is difficult for publishers to track the origin of a native ad when it has traveled extensively through programmatic channels. Confiant's Native Ad Protection can intervene to ensure native ads are free from harmful content and exploits. If Confiant identifies a malicious ad, Native Ad Protection will block it from rendering in real-time in order to protect the user from exposure. Publishers can also invoke a passback in order to replace the blocked ad’s spot.
Confiant's Native Ad Protection has the ability to block malicious ads, publisher-set banned brands and categories, criminal scams and misleading claims (which run the gamut from Bitcoin investment scams to fake news and celebrity endorsements). These types of issues often slip through the cracks of SSPs' quality checks, so it's imperative for publishers to implement protection that can specifically address malicious clickbait. Confiant's world-class ad security solution brings unique value via automated identification and blocking of malicious click-bait and other bad ads in native advertisements.
An example of a particular native ad scam that is particularly difficult to detect is the browser lock exploit highlighted in Confiant's own Eliya Stein's blog post, “Browlock Malvertisers Abuse Unaddressed Denial-of-Service Bugs That Sit Dormant for Years”.
Some insights from our Alert Log from clients who are scanning and blocking Native Ad Violations from 2 of the most popular Native Ad Providers.
Publishers interested in Confiant’s Native Ad Protection can request a free trial.