Babar Khan Javed
Jan 8, 2018

Advertisers losing $1.1 billion a year to redirected links: GeoEdge

Multiple hacker networks involved in large-scale auto-redirect attacks are costing advertisers and publishers $1.13 billion annually, according to a new report.

Advertisers losing $1.1 billion a year to redirected links: GeoEdge

Multiple hacker networks are involved in auto-redirect attacks that cost advertisers and publishers $1.13 billion annually.

The finding is the basis for a report by GeoEdge, an ad verification company, based on the analysis of 650 million impressions. The mechanisms of attack include mobile click fraud, tech support claims, and malicious app installations. 

Distribution of malvertising issues

The umbrella term auto-redirect refers to any situation where the user's browser is sent to a location that was not the user's intended destination. In a common ploy, users often encounter purposely confusing web pages designed to trick them into downloading an app or a piece of malware. In other attacks, the redirect spawns a hidden frame or image that, unbeknownst to the user, carries out nefarious tasks that result in click fraud, attribution fraud or cookie stuffing, according to the company, which defines seven distinct types of redirect attacks.

In the case of click fraud, GeoEdge came across instances of a singular mobile browser managing to call upon a range of invisible iframes, including multiple URLs. In this case, a whitelist has been provided by GeoEdge for the domains that are commonly targeted for these attacks.

Auto-redirect attack breakdown

In terms of cost to advertisers, GeoEdge estimates that auto redirects, which make up 48% of malvertising events, are costing $210 million annually, while click fraud is costing advertisers and publishers $920 million annually.

Mobile devices make up 72% of malvertising, with the Apple iOS constituting 57% of the incidents, while Android users are attacked just 15% of the time.

Redirect geographic breakdown with average CPI.

Mobile users are being duped by messages that look like official notifications of Apple or Google, with the copy fixated on alerting users of device infection and prompting immediate action in downloading malware or dialing a scam number.

Scams maintain their legitimate appearance by redirecting users to a new window instead of a banner ad, lowering instances of being flagged or reported. While hacking a bank is taxing, replicating the home page of a bank in order to attain sensitive user data is relatively easy.

Advertisers can prevent these problems by investing in better incentives from their agencies and ad networks. One of the most common root causes cited by the GeoEdge report comes in the form of cost per install (CPI) which peaked at $1.24 for iPhone and $0.53 on Android in 2017.

Without a clearly defined goal, ad networks tasked with driving app downloads often deploy the tactics cited in this paper in order to drive traffic to an app-download page, banking on achieving single-digit conversion rates.

The onus is on the advertisers to incentivize white-hat best practices from their agencies and ad networks, with penalties on app page bounce rates and an in-depth understanding of the methodology to be deployed for driving traffic. 

Demand ultimately determines supply, and it's up to advertisers to partake in the quality conversations and contracts that ensure that their partners do not resort to redirects or phishing scams in a bid to generate app downloads or site visits.

Related Articles

Just Published

2 days ago

Lalamove launches fast delivery campaign across ...

Lalamove wants to connect more with SMEs as they make up 90% of all business in these cities.

2 days ago

How brands and agencies are celebrating Singapore ...

Agencies and retailers are marking the city-state's 55th birthday with a mix of fun, sales and community giveback.

2 days ago

iQiyi to focus on driving product sales through ...

The Chinese video streamer is ramping up its offline activities like pop-up stores based on their original content.

2 days ago

A rebranding of… the dental clinic

New work by VMLY&R Australia is an ambitious attempt to make trips to the dentist ‘fun’ and ‘hip’.