The company rebranded their media and marketing services and ad platform units under Amazon Advertising, launched a slew of new Echo offerings and surpassing Microsoft and Verizon’s Oath to become the third-largest digital advertising platform.
In late September, Amazon achieved another milestone – becoming the first platform to file a lawsuit in federal court against malvertisers running ads which automatically redirect users from the intended web page – in this case, an Amazon page – to the malicious advertiser’s page.
Auto-redirect ads are unfortunately a growing trend in digital advertising, with publishers paying the price, both in terms of lost revenue and a poor user experience for their users who fall victim to auto-redirect campaigns.
In their suit, Amazon claimed the “Defendants’ malvertising scheme hijacks legitimate online advertising processes by injecting malicious code into advertisements that render (display) on popular websites… then forcibly redirects a user from the desired page to a website controlled by Defendants replete with Amazon’s trademarks and other indications of Amazon’s brand… deceiv[ing] users into believing Defendants’ website is affiliated with Amazon—all of which entices users to click on Defendants’ websites, participate in purported surveys and other offerings, and provide their personal information.”
In many auto-redirect attacks, the perpetrators are phishing for personal user information like email addresses, social security numbers, credit card numbers, etc.
Amazon isn’t alone.
There were an estimated 30 different malvertisers running malicious auto-redirect campaigns using Amazon’s images and creative during the last week. Multiply that by all the users targeted on an annual basis and the tremendous scale of this problem becomes evident.
A second factor which needs to be remembered is that Amazon, through its Amazon Web Services division, is the largest host of nefarious advertising, reports The Wall Street Journal.
It’s great Amazon takes issue when it is the target of malicious advertising, but few publishers have such resources — and legal actions alone won’t solve the problem.
That addresses the real issue at hand: Publishers can’t rely on marketers and the rest of the demand side to tackle this problem. Only publishers can solve the malicious ads problem and protect their site audience.
Publishers have spent too much time playing defense, turning a blind eye on some of the malvertising. That’s because many legitimate companies in the digital marketing industry actually profit from the malicious ads run by others.
Instead, publishers need to be playing offense – actively seeking out and stopping the nefarious players in the industry. Publishers need to do a better job of holding their demand partners accountable if they try to supply them with malicious ads.
Today, it’s possible to approach a zero malicious ads level entirely with real-time blocking, so publishers need to demand that level of tolerance from their demand partners regarding bad ads.
And when evaluating demand partners, in addition to revenue, publishers should also consider the percentage of malicious and low quality ads being supplied due to the negative user experience they create.
Or, publishers can wait until the problem of malicious ads gets out of hand, and then watch Congress or lawyers try and solve the problem for them. Does the industry really want that?
Most malicious marketers operate with changing aliases using encrypted communications, so a lawyer’s ability to stop the problem will be limited.
Judging from the questions Mark Zuckerberg received when he testified before Congress, its doubtful the legislature understands digital advertising sufficiently to enact laws that will effectively address the challenges users face from malicious advertising.
The only true hope for the industry is for publishers to take the lead in eliminating malicious ads and hold their demand partners accountable.