Overview

The dangers of malware are nearly as old as computers themselves, but the concept of malvertising is a relatively new one to businesses and consumers alike. While the term malware can mean malicious software of any sort delivered by any means, “malvertising” refers to the use of digital advertisements – including creative, tags and landing pages – specifically to distribute malware, often for financial gain.

Malvertising is now a problem at scale. Recent research suggests that despite improvements in the digital ad landscape, nearly 1 in every 100 ad impressions were still impacted by a malicious or disruptive ad, suggesting that more than 20% of user sessions may be impacted by malvertising. The financial impact of malvertising has grown apace as well. In 2018, it was estimated that the industry lost $210 million annually to auto-redirects, and another $920 million from the ads auto-redirects facilitated with click fraud.

TAG coordinates an industry-wide effort to improve defense against malware to create a safer, more enjoyable experience for consumers and a more trustworthy system for advertisers. In 2017, TAG became the Information Sharing and Analysis Organization (ISAO) for the digital advertising industry, a Department of Homeland Security designation making TAG the primary forum for sharing threat intelligence in our industry.

Certified Against Malware

44-01

Since 2014, the Trustworthy Accountability Group (TAG) has partnered with industry leaders to design and strengthen the Certified Against Malware Program, providing companies with a roadmap for taking on the complicated issue of malvertising.

A survey of U.S. consumers conducted by the Brand Safety Institute (BSI) found that 93% of respondents would reduce their spending on an advertised product if the ad had infected their computers or mobile devices with malware – and 73% would stop buying that product altogether. The digital advertising industry has reacted to that consumer attention with greater vigilance and a strengthening of anti-malware practices, and the number of companies holding the Certified Against Malware Seal grew by more than 44% in the past year alone, making it TAG’s fastest growing certification program.

Find Certified Partners Get Certified!

TAG Certified Against Malware Guidelines Version 3.0 (PDF)

TAG Threat Exchange

Proactive sharing of threat intelligence helps build industry resilience against evolving threats. TAG has facilitated threat-sharing across the digital ad industry since 2015, and the suite of threat-sharing activities available to the TAG Community has grown and evolved significantly over time to include curated tools for anti-fraud and anti-piracy threats, as well as all-hands briefings to facilitate the digital ad industry’s coordinate response to major malvertising and ad fraud attacks.

The TAG Threat Exchange enables the TAG Community to share real-time intelligence about threats they see, stay abreast of new and emerging threats that could affect their operations, and protect the digital advertising supply chain as a whole.

Powered by TruSTAR technology, the Threat Exchange enables companies to:

  • Leverage a centralized intelligence platform to collaborate within your company, with other companies working to combat the same threat, or with the TAG Community as a whole;
  • Share and receive timely, actionable and highly relevant threat intelligence between trusted parties in the TAG Community;
  • Enrich, enhance, and shorten your own investigations with high-fidelity intel.

While the concept of sharing threat intelligence is fairly new to the digital advertising ecosystem, the industry has already enjoyed several huge wins against malvertisers thanks to companies sharing information about the threats they uncover with one another and partnering with law enforcement to take down the criminal rings responsible.

If your company is interested in participating in TAG's Threat Exchange program, send an email to info@tagtoday.net requesting more information.

TAG Hires Former Citigroup Head of Threat Intelligence, Danielle Meah, as Director of Threat Intelligence

"In the eternal cat-and-mouse game between good guys and criminals, TAG just hired the Bengal tiger of threat intelligence,” said Mike Zaneis, CEO of TAG. “Danielle is a world-class expert on the tools and techniques used by criminals to exploit holes in the digital supply chain, and she will help TAG expand our threat intelligence and threat sharing capabilities to help the digital ad industry build a rapid reaction system that identifies, analyses, and disseminates information on new and emerging threats."

Read the press release

Learn more about Danielle Meah

[W]e also shared intelligence with other key players in the digital ad ecosystem through the Trustworthy Accountability Group (TAG) Threat Exchange.

By presenting information about persistent and malicious third-party code in the TAG malware group, there is a network effect that occurs. Working together with customers and the industry, our goal is to greatly reduce the impact of these types of large-scale attacks across the advertising ecosystem.

Chris Olson
CEO

"ICEPick-3PC Spikes During Pandemic"

Anti-Malware Working Group

The Anti-Malware Working Group coordinates industry-wide efforts to improve defense against malvertising attacks to create a safer, more enjoyable experience for consumers and a more trustworthy system for advertisers.

Learn More

Malware Data & Insights

TAG malware-related research highlights the challenges, successes and best practices vital to wining the fight against malvertising.

White Papers

TAG Industry Brief

Find all of TAG's Data & Insights research here