Special Report: Data Show Dramatic COVID-19 Impact on Criminal Activity
Criminals take advantage of crises by exploiting confusion, uncertainty, and fear, all of which are widespread in digital advertising during these tumultuous times. Not surprisingly, the Trustworthy Accountability Group (TAG) and member companies have tracked a significant increase in criminal activity across our program areas since the COVID-19 crisis began.
Following is a summary of some of the data we have been tracking over the last several weeks in each of TAG’s three program areas focused on criminal activity. TAG is also releasing a new white paper, Brand Safety in the COVID-19 Crisis, that provides additional information and recommendations for advertisers and other companies to mitigate their exposure to criminal activity and brand safety risks.
As the advertising industry’s first and only Information Sharing and Analysis Organization (ISAO), TAG serves an important role in ensuring the rapid exchange of information about new and emerging threats across the industry and with law enforcement agencies. That role is even more critical given the growing and fast-changing nature of COVID-related threats, with the FBI recently announcing that reports to its Internet Crime Complaint Center have quadrupled compared to the period before the pandemic.
Fraud – Risk of a “Perfect Storm” for Ad Fraud Grows
Surging traffic, falling CPMs, and unscrupulous intermediaries may create a perfect storm for ad fraudsters to exploit the crisis. While the industry’s broad adoption of TAG’s Certified Against Fraud standards will help protect inventory purchased through TAG Certified Channels, unethical actors outside of that ecosystem will likely try to profit from the dislocation.
As one indicator of that shift, Palo Alto Networks discovered a massive increase in registrations for coronavirus-related domain names tied to criminal activity. Malicious registrations, including domains connected to malware and phishing, increased by 569% from February to March to a total of 2,022 domains, while high-risk registrations with other indications of illegal or illicit activity increased by 788% to 40,261 domains.
Piracy – Visits to Pirate Sites Surge During Lockdown
Visitor traffic to sites hosting pirated content has skyrocketed since lockdowns went into effect worldwide in March, as consumers stuck at home have searched out illegal streaming content.
According to TAG partner White Bullet Solutions Limited, major pirate sites in the U.S., U.K., Germany, France, Italy and Spain served 50% more ads to users in the first quarter of 2020 over the prior quarter. Highlighting the interlocking risks of ad-related crime, 16% of those pirate websites globally had malware in their display advertising capable of stealing private information.
According to the Wall Street Journal, “pirate website operators have also capitalized on this spike in demand by enticing users into buying subscription packages, offering deals marketed as Covid-19 and self-isolation discounts, experts say.”
Malware – Malicious Ads Spike as Criminals Get Creative
Fake Ad Creatives Impersonating Major Brands to Distribute Malicious Code - Image Provided by Clean.io
As legitimate advertising has pulled back during the pandemic, criminals have stepped up their efforts to distribute fake and infected ads, taking advantage of low CPMs and market upheaval.
According to Clean.io, an analysis of tens of thousands of sites and apps in late March showed a surge in worldwide malicious activity. The TAG Threat Exchange is also seeing a shift toward malicious redirect threats involving coronavirus-related ads, as well as malware distribution via phishing schemes around COVID-19.
One malvertising campaign exposed by Avast has registered a range of domain names that appear to host useful information on the virus, such as covid19onlineinfo.com. Malicious ads drive users to the sites, which then use an exploit kit to infect their computers with malware.
According to security researchers, such malware attacks have grown exponentially in recent weeks, with Trend Micro identifying more than 737 pieces of COVID-19 related malware in the first quarter of the year. In addition to attacks intended to build bot networks, there has been a range of other malware designed to erase or damage user devices. In mid-April, Google said that it was blocking an average of more than 18 million malware and phishing emails each day related to COVID-19, including a large number of scams designed to appear to come from legitimate organizations such as the World Health Organization.
News Update: TAG Partners with China Advertising Association to Extend Programs
Earlier this month, TAG announced a new partnership with the China Advertising Association (CAA) to extend TAG’s programs to Chinese businesses operating internationally. Starting immediately, the CAA will promote TAG’s global self-regulatory standards to its 2,000 member companies in China, so Chinese businesses can participate in TAG certification programs around fraud, malware, piracy, and transparency.
In announcing the program, Zhang Guo Hua, Chairman of China Advertising Association, said, “As businesses emerge from the challenges of the recent COVID-19 crisis, China’s digital advertising industry is leading the way, and CAA is working to establish industry standards that ensure continued advertiser confidence and success. By extending the benefits of TAG’s international certification programs to our members, CAA is helping the Chinese advertising industry compete with its peers worldwide, while addressing cross-border challenges that impact the global supply chain.”
“CAA has been at the forefront of digital advertising self-regulation,” added Nick Stringer, Vice President of Global Engagement and Operations at TAG. “Our collaboration with CAA will enable Chinese businesses to benefit from robust international standards to tackle fraud, malware and piracy to ensure a trusted environment for brand advertisers.”
TAG IN THE NEWS
From an interview with Nick Stringer, Vice President of Global Engagement and Operations at TAG with Phybbit:
“Tackling criminal activity must be handled in a consistent approach across markets, but it needs to be right for national markets. TAG hopes to ensure its standards are apt for different national markets and cultures. …
“TAG has done research on the effectiveness of the standard in the US and Europe, and plans to do one for APAC soon. In 2019, it was found that TAG certified channels in the US exhibited 1.41% fraud compared to the industry average of 11.4%. In the five leading European markets (the United Kingdom, Germany, France, the Netherlands, and Italy), there was found to be 0.53% ad fraud in TAG Certified channels compared to a 9.2% industry average.
“Brands buying through agencies, DSPs, exchanges, SSPs that are adhering to TAG’s anti-fraud standards have significantly lower rates of fraud.”
A PR Reminder from TAG
We love it when TAG members highlight our work together to fight digital ad crime and improve transparency. Please send any TAG-related press releases, blogs, or other announcements to Andrew Weinstein at firstname.lastname@example.org for review before release.