2020 not only brought us COVID-19, but it also brought us a slew of COVID-related scams—sanitizer, face mask, vaccine, stimulus check, and the like.
As well, with the ad spend slowdown and slimy spread of misinformation, came an unwieldy surge of malware flooding the programmatic landscape. In fact, according to The Media Trust's 2020 malvertising trends report, The Changing Face of Malvertising, there was a 724% increase in malware incidents in programmatic environments since 2014. This, despite the many advancements with malware-slaying tools on the market to clean up all of this mess.
What's worse, scammers have gotten pretty sneaky sis. They're ditching redirects in favor of old-school clickbait. (Overall, The Media Trust says there's been a steady resurgence in clickbait creative at 27X growth.) And the pesky buggers have also gotten pretty sophisticated about how they make sure their malware is undetectable. The malware employs cloaking tactics that detect blockers, testing environments, and active debuggers in wait of identifying the opportune time when these features are inactivated to strike, executing a tracking pixel and redirecting users to malicious content.
One such bad actor, with the moniker, "luckyboy," attacked iOS, Android, and Xbox devices in the U.S. and Canada back in December with malicious creatives while ravaging 10 small-sized European DSPs. Luckyboy was very successful because it launched its attack in small bursts over a course of a few days, performing multiple checks as the campaign advanced through stages, using extensive code obfuscation and exclusion domains while extracting device-specific information. The collection of that info would likely enable the culprit to strike again.
There have been other similar malicious campaigns like KovCoreG operated through fake Firefox and Chrome update alerts to distribute the Kovter.C Trojan in November, and another malvertising campaign, dubbed Malsmoke, was observed redirecting adult website visitors to malicious sites where they encountered the widely infamous Zloader malware.
What's that saying again—once we subdue the threat, the threat will only get stronger and smarter?
If 2020 is a foretelling of what's to come, we can expect to see many more of these enhanced cloaking methods throughout 2021 scamming up the user experience—and even more so once the third-party cookie goes the way of the dinosaur and advertisers hightail it to walled gardens.
Publishers and ad tech vendors will need to stay abreast of these new sophisticated malware tactics and continually update their exclusion lists with original source malware data instead of third-party data. And most imperative, keep an eagle eye on your partners to determine which ones should receive the ax for enabling poor ad quality to traverse the digital advertising ecosystem.
Take Control of Your Data
Google recently announced its replacement for third-party cookies, FLoC, stating that the solution is nearly as effective as third-party cookies. And although FLoC is only one of the various proposals in Google's Privacy Sandbox, it has left the industry asking, “Why is Google replacing third-party cookies with something only nearly as effective? Is the solution actually secure? Is this a ruse to control more of the ad market?”
Whatever the answer to those questions might be, it doesn't change two simple facts:
In about a year, Google Chrome will no longer use third-party cookies.
Publishers must prepare for that eventuality—and whatever else may unfold with it—by taking control of their data.
Luckily, publishers have an ace up their sleeves to help them succeed in the new era: email newsletters.
For most publishers, email newsletters are likely nothing more than a content distribution channel. But for audiences, it's their favorite publication's second homepage. And for advertisers, it's a premium inventory source and a powerful channel for customer acquisition. By placing ad slots in their email newsletters, publishers unlock an entirely new inventory source and revenue stream that places first-party data at the center of their monetization strategies.
Whatever the outcome of Google's Privacy Sandbox, newsletters present a secure way of reaching audiences through the inherently logged-in and cookieless environment of email. With email, publishers can provide advertisers the opportunity to continue cultivating relationships with audiences in a channel that respects their privacy and reader experience. Because newsletters are opt-in, typically according to reader interests, they provide a layer of relevancy and personalization unique to email.
There's tremendous uncertainty in today's advertising landscape, so publishers must act quickly to lessen cookie-reliance and bridge the gap between a world with third-party cookies and one without. Through email advertising, publishers can continue to grow their first-party footprint by collecting user feedback that points to engagement, interest, and intent on websites and apps. It's the gift that keeps on giving.
These Apple IDFA changes are going to hurt everyone in the mobile advertising ecosystem. But no one has publicly decried these changes as loudly as Facebook has. Remember those newspaper ads?
Now Google has joined the fray. First, there was an announcement advising partners to update their SDKs to the latest version, integrate with Apple’s SKAdNetwork, and implement Apple's ATT opt-out prompt if so required. Nothing shady there. But then, Google said it would comply by no longer using IDFA for its apps, and thereby avoid having to show users the nefarious opt-in messages. Clever, huh? As Apple has yet to release the ATT framework, Google said it will continue to invest in "alternative technologies."
Meanwhile, Facebook plans to deliver a wrecking ball right through Apple's privacy plans by preempting their opt-in popups with Big Blue's own prompts encouraging their iPhone and iPad users to opt-in to tracking to receive "a better advertising experience." Facebook plans to roll out this test starting Monday.
Publishers are caught in the crossfire as ad tech builds contextual targeting offerings (Adweek)
Apple debuts privacy-friendly WebKit tech to measure click-through ad campaigns (The Daily Swig)
Anzu.io raises $9 million for in-game ad platform (VentureBeat)
Tweet Headline
In one reality of mine, he'd no longer be invited to my CEO-only poker game on Thursday.
Brand Safety Concerns On Social, Facebook's Political Content and Bye Google Australia
eMarketer principal analyst at Insider Intelligence Nicole Perrin discusses whether major marketers will pull spending on social platforms because of brand safety and ethical concerns, what to make of Facebook's new advertiser “topic exclusion controls” test, and the types of content consumers prefer brands avoid the most. She then talks about tech companies introducing rules that favor their own business models, Facebook's relationship with political content, and whether Google is waving goodbye to Australia.
Publisher Forum Virtual | MAR 30-31, 2021
Like this article? You can get more stories with similar insight right in your inbox when you sign up for our weekly eletter.
Please visit this page to reset your account and continue browsing our exclusive content. You'll only need to do this the first time you sign into the new AdMonsters.com website. We apologize for any inconvenience, your privacy and your membership are important to us.
New Users: Become a member
Get access to exclusive content, event perks, and discounts.
