DUBLIN — AdSecure has released its "2020 Violations Report" detailing cyber criminal activity throughout the prior year.
A rep explained how AdSecure analyzed more than 1 million ad campaigns "across multiple regions, devices and browsers" for its partners between January 1 and December 31, 2020. "These findings provide insights into cyber criminal behavior throughout the year: Where they were most prolific, how they delivered their attacks, their malicious weapons of choice, and what AdSecure's detections revealed in order to stop and protect end users from malicious ads."
Following are a number of findings in the "2020 Violations Report":
Key Insights
42.48% of scans detected some form of malvertising: Compared to 2019, AdSecure detected 4,248 violations (up 57%) out of every 10,000 scans in 2020. The main types were adware, malware, scareware, phishing URL, auto downloads and auto redirects.
Malvertisers can place malvertising throughout the digital ad flow
Cyber criminals can place threats inside the ad format creative, and in the landing page to which the ad redirects; the bad actor then locks the user on the landing page whilst malware automatically downloads to the victim’s device. AdSecure found 10.01% of analyses contained at least three violations and 4.21% contained at least two violations; those are up 3.1% and 4.76%, respectively, compared to 2019.
The COVID effect
During the first lockdown of 2020 malicious attacks grew exponentially, hitting a peak of +116.14% on 28 March. AdSecure detections discovered that some malvertisers used ad creatives using logos of well-known brands including the World Health Organization, Google Play, Walmart, Amazon and Intermarché for phishing URL and auto-download violations.
Top GEOs for malvertising attacks
Throughout 2020, as lockdowns were lifted and then reintroduced, AdSecure tracked which GEOs were the biggest prime targets for malvertising attacks. AdSecure detected that the United States was the top GEO for malvertising attacks followed by other English-speaking GEOs Canada, United Kingdom and Australia. Brazil, France and India were also top targets.
Malvertisers' weapons of choice
AdSecure looked at the top-five GEOs for violations in 2020 and discovered that both Scareware 48.84% and Browser Lockers at 43.63% were, by far, the most common choice for malvertisers. The top GEO for Scareware was Israel with a huge 90.24% of the country's detections. India had the most Browser Locker detections at 78.84%.
Germany had the largest share of Malware detections at 5.35%. The top country for Phishing URL was Brazil at 14.89%.
AdSecure Sales Manager Bryan Taylor noted that, throughout 2020, "malvertisers showed how quick they could be to adapt to new situations in order to extract profit from bad ads."
"There is opportunity in crisis, and the COVID-19 pandemic provided the perfect cover with which to manipulate digital consumers through online ads," continued Taylor. "From social engineering scams that play off the iconography of major brands, to scareware attacks that took advantage of the massive increase of remote workers and the very fear of the virus itself, bad actors showed no qualms about extracting profit from misery."
These types of behavior will likely continue into 2021, said Taylor.
"With more people online than ever before, malicious, misleading and scam ads will continue to challenge the digital advertising industry," he noted. "In order to stop these ads from harming end users, dissolving consumer trust, and weakening the overall ecosystem, digital platforms and publishers need the resolve to tackle the problem head on, and the right tools to eliminate them."
Read the complete "2020 Violations Report" attached to this story; for additional details, reach AdSecure at contact@adsecure.com.