Babar Khan Javed
Jan 8, 2018

Advertisers losing $1.1 billion a year to redirected links: GeoEdge

Multiple hacker networks involved in large-scale auto-redirect attacks are costing advertisers and publishers $1.13 billion annually, according to a new report.

Advertisers losing $1.1 billion a year to redirected links: GeoEdge

Multiple hacker networks are involved in auto-redirect attacks that cost advertisers and publishers $1.13 billion annually.

The finding is the basis for a report by GeoEdge, an ad verification company, based on the analysis of 650 million impressions. The mechanisms of attack include mobile click fraud, tech support claims, and malicious app installations. 

Distribution of malvertising issues

The umbrella term auto-redirect refers to any situation where the user's browser is sent to a location that was not the user's intended destination. In a common ploy, users often encounter purposely confusing web pages designed to trick them into downloading an app or a piece of malware. In other attacks, the redirect spawns a hidden frame or image that, unbeknownst to the user, carries out nefarious tasks that result in click fraud, attribution fraud or cookie stuffing, according to the company, which defines seven distinct types of redirect attacks.

In the case of click fraud, GeoEdge came across instances of a singular mobile browser managing to call upon a range of invisible iframes, including multiple URLs. In this case, a whitelist has been provided by GeoEdge for the domains that are commonly targeted for these attacks.

Auto-redirect attack breakdown

In terms of cost to advertisers, GeoEdge estimates that auto redirects, which make up 48% of malvertising events, are costing $210 million annually, while click fraud is costing advertisers and publishers $920 million annually.

Mobile devices make up 72% of malvertising, with the Apple iOS constituting 57% of the incidents, while Android users are attacked just 15% of the time.

Redirect geographic breakdown with average CPI.

Mobile users are being duped by messages that look like official notifications of Apple or Google, with the copy fixated on alerting users of device infection and prompting immediate action in downloading malware or dialing a scam number.

Scams maintain their legitimate appearance by redirecting users to a new window instead of a banner ad, lowering instances of being flagged or reported. While hacking a bank is taxing, replicating the home page of a bank in order to attain sensitive user data is relatively easy.

Advertisers can prevent these problems by investing in better incentives from their agencies and ad networks. One of the most common root causes cited by the GeoEdge report comes in the form of cost per install (CPI) which peaked at $1.24 for iPhone and $0.53 on Android in 2017.

Without a clearly defined goal, ad networks tasked with driving app downloads often deploy the tactics cited in this paper in order to drive traffic to an app-download page, banking on achieving single-digit conversion rates.

The onus is on the advertisers to incentivize white-hat best practices from their agencies and ad networks, with penalties on app page bounce rates and an in-depth understanding of the methodology to be deployed for driving traffic. 

Demand ultimately determines supply, and it's up to advertisers to partake in the quality conversations and contracts that ensure that their partners do not resort to redirects or phishing scams in a bid to generate app downloads or site visits.

Related Articles

Just Published

4 hours ago

Murdoch steps down: Succession stories aside, why ...

With Lachlan Murdoch now anointed as the heir to the Murdoch empire, real life appears less dramatic than TV.

4 hours ago

Samsung urges siblings to make the most of ...

Watch the film conceptualised by Cheil India here

12 hours ago

Formula One debuts the world’s first ‘kiss-activated...

Clearly innovation at F1 isn’t just limited to what’s under the hood—it extends to every aspect of the sport, including the way in which champions are celebrated.

13 hours ago

Cultural competency is critical to creative success ...

Whatever Hollywood may think, Asia is not a monolith. Rather, it's an incredibly complex region—home to 51 countries and over 2,300 languages. Mash's Rich Akers shares why what works for one Asian country may not work for another, and how brands can avoid partaking in what he terms as 'creative colonialism'.