GeoEdge Releases Security Report on Native Ad Vulnerabilities

NEW YORK, NEW YORK: GeoEdge, the premier ad security and verification company, has released their latest security report, “The Vulnerabilities in Native Advertising.” In the report, GeoEdge delves into major issues regarding native ads, from user security and malvertising threats to ambiguity and proper disclosure.

More and more publishers have turned to native advertising in a move to counter sagging CPMs. This format, which typically mimics the form and function of the environment in which it appears, is a powerful tool to drive revenue and improve the user’s engagement experience. However, publishers are finding out that native advertising is a controversial and murky business.

In addition to critics’ claim that this “disguised advertising” will ultimately hurt the industry, it is the technical implementations of native advertising that will also cause a major impact. This format relies on scripts to handle delivery and targeting, and these introduce a wide range of security risks that need to be addressed. The current malvertising security threats are already severe.

Summary of findings:

•       There is a high risk for malvertising in the post-click, specifically in the landing page.

•       As native advertising units are basically scripts created to handle delivery and targeting, it is relatively easy for malware purveyors to insert malicious third-party scripts and codes.

•       Automated tools are used to discover third-party landing sites used in native ad campaigns and the attackers hijack those pages.

•       Cybercriminals create ad campaigns with clean content and once the campaign is successfully running, they activate the malicious code in the landing page to infect the user.

•       Cybercriminals often create target specific attacks. Targeted users are driven and or redirected to a malicious landing page from the native ad, while non-targeted users are shown a clean landing page.

“Native advertising is fast becoming one of the more preferable ways to monetize publishers’ inventory. However, many publishers are not aware that native ads do not reduce the threats of malvertising. The risk is even more acute as users may lower their guard when interacting with these ads,” said Amnon Siev, CEO. “GeoEdge stands ready to protect publishers and their users from native malvertising.”

GeoEdge provides publishers, platforms and networks with full-scale malware protection and ad quality verification for online, mobile, video and native ads.