The rise of programmatic advertising and internet users’ understanding that seeing content means seeing ads, has resulted in a never-ending sprint to provide more ads.
We have all seen and have an opinion about what we think a Bad Ad may be; offensive, cheap, patronizing are all describing the creative. However, today we will be discussing the type of ads we don’t want to see on the internet. Potentially malicious, often spam-like and border-line illegal ads occur more and more in a programmatic environment at scale. Google blocked and removed 2.7bn Bad Ads in 2019 alone.
The ability to sell a campaign to appear alongside your content with the copy and imagery you feel fits your branding is still possible. Trying to do that tailored for each individual user whenever they visit your site though, is nigh on impossible. This ability to work at scale has driven programmatic growth and efficiency, however, it is safe to say that many publishers have lost control of their inventory.
So what are Bad Ads and where do they come from?
What are Bad Ads?
It is something that either misleads users as fraudulent or malicious, is offensive or inappropriate, or significantly disrupts the user experience.
For a Publisher, it is vital to protect your users and your brand as much as it is to promote advertiser brands. No ad campaign is worth damaging your users or your reputation. The world understands the ‘ads for content’ exchange. The responsibility of Publishers is to make sure that this exchange happens in a safe environment. That means good quality content is exchanged for engagement with a good quality ad unit.
Where do they come from?
Bad Ads enter the advertising ecosystem at multiple points along the supply chain. High CPM campaigns, direct-sold units, premium platforms, ad networks, and exchanges all suffer from Bad Ads injected into programmatic environments by what many call Bad Actors. These Bad Actors could be anything from criminals, scammers, and fraudsters to just unscrupulous advertising companies.
The key aspect to why the rise of programmatic has given scope for the rise of Bad Ads is the anonymity at scale the ecosystem affords them. Bad Ads slip through the net and often those providing Bad Ads disguise themselves as legitimate units often targeting vulnerable ad slots offering a direct route to the user and their device.
For fraudsters, Bad Ads are easy to deploy, either by presenting misleading information or spreading fake news or even tricking users into clicking on an ad. This is often driven by celebrity or product links for more information that end up leading to scam sites, unrelated content or false offers phishing for user information.
Types of Bad Ads
As we have discussed, fraudsters and bad actors revel in the anonymity programmatic advertising at scale gives them. When it comes to the types of Bad Ads favored by these Bad Actors they fall into quite a few categories. Here we explore the most common:
On the face of it, these units often look legitimate. The aim is to encourage the user to click onto the ad and be taken to a landing page with a fraudulent service or product. In this type of scam, the unit itself may either be a spoof of an actual business, service, or product that leads to a completely different or unrelated landing page. A great example is ads offering gossip or an insight into a celebrity’s life only for the unit to lead to a page encouraging investment into Bitcoin.
These ads are designed to extract personal data from a user. Once again, the user is encouraged to click on the ad and be taken to a landing page where a phishing scam often asks the user to enter their personal information. A common example of this involves a landing page with either a celebratory message stating a user has won a prize or a warning message stating a user has a virus. The aim here is for the user to enter their details to move forward.
These types of Bad Ads are more sophisticated in nature, often downloading malware onto the user’s computer affecting their browser or system itself. The removal of Flash from Google Chrome is an example of cutting one of the access points for malicious ads. All bad actors need is access to an unsecured ad slot in order to unleash malicious code as malvertising such as trojan horses, auto-redirects, ransomware, to name a few. The most common type of malicious code activity is redirects. One version sends a user down a rabbit hole of redirects and windows trying to get back to the original site accidentally installing malware, the other happens without a user even knowing. In this version the redirect opens an invisible iframe or image serving as an instrument for cookie stuffing, attribution fraud or most commonly click fraud.
These types of Bad Ads are more to do with quality than anything more sinister. Despite this, the content in question can often carry very serious messaging that is often inappropriate and can lead to the spread of fake news. Often this could be inappropriate ads with imagery and offers that do not match the content of the site or are not age-appropriate. More recently, political ads or ones spreading ideologies or scientific concepts have come to the fore and are typical of the kind of content publishers wish to avoid.
These serve to seriously disrupt the user experience. Typically this is represented by aggressive ad formats that either make it difficult to close, continually pop-under site content, or auto-play video somewhere on the page. These types of poor-quality units are typically found on poor-quality sites or sites that do not offer premium or unique content, such as streaming sites. That is not to say those poor-quality ad units cannot find their way onto a publisher’s site. A position under the fold or a low fill position that does not receive many bids from premium demand may end up displaying a Bad Ad from one of these bad actors. Likewise, a network or exchange could be infiltrated with poor quality units that a bad actor buys through them programmatically.
How can you stop Bad Ads?
Unfortunately, the sheer scale and ease for bad actors to activate Bad Ads makes it near impossible to stop them from being distributed. Programmatic platforms operate in a reactive fashion and so need to identify a Bad Ad before being able to stop them. The scale of programmatic advertising makes it difficult to check and verify each unit, in fact, it would be too time-consuming and costly to have people verify each ad.
Ultimately, prevention is difficult, the need to fill impressions opens up the opportunity for bad actors to fill the gap. The perennial battle for publishers between maintaining a high fill rate and maximizing monetization with ensuring user safety and providing good content makes for the perfect storm for bad actors.
The publisher pays the price if the user loses confidence in their ability to protect them from Bad Ads. The increase in ad blocking software is a testament to this. At the end of the day, the whole ecosystem suffers if users decide to block all units, whether they are indeed bad or in fact good.
How can you avoid Bad Ads?
While it is safe to say that no-one is immune to Bad Ads, technology can help in identifying when they appear. Publishers have a decision to make when it comes to implementing advertising on their site.
For direct campaigns, control is easier as you can check creatives, pixels, and landing pages before uploading them to your adserver. For 3rd party ad campaigns, you must continually scan in real-time all your live campaigns in terms of creative and landing pages and if you are using a verification service, that real-time notification of malicious activities are activated.
Only larger publishers with resources at hand are able to sell directly at scale vetting all advertisers before they access their inventory. This is why networks, exchanges and programmatic advertising with multiple demand sources bring so much value.
Initiatives such as the Coalition for Better Ads bringing forward The Better Ads Standards are designed to give publishers basic guidelines on quality and serves as a starting point to understand which ad formats and advertising experiences consumers think are the most annoying and disruptive.
What should you do?
The first thing to do if you see a Bad Ad on your site is to list down what you can see:
- Take a screenshot
- Who is the advertiser?
- What are the date and time?
- What device and platform are you using?
- If you are brave enough – Where does the ad click through to?
The more information the better, ultimately you want to be able to identify which demand sources are causing this problem as they may not even be aware of the Bad Ads running through them. If you identify the source is coming through a partner such as an SSP or a network or even a partner providing you with a specific ad format, let them know as soon as you can.
By working with your partners you can help them isolate the bad actor and help you protect your users and your reputation.