The dangers of malware are nearly as old as computers themselves, but the concept of malvertising is a relatively new one to businesses and consumers alike. While the term malware can mean malicious software of any sort delivered by any means, “malvertising” refers to the use of digital advertisements – including creative, tags and landing pages – specifically to distribute malware, often for financial gain.

Malvertising is now a problem at scale. Recent research suggests that despite improvements in the digital ad landscape, nearly 1 in every 100 ad impressions were still impacted by a malicious or disruptive ad, suggesting that more than 20% of user sessions may be impacted by malvertising. The financial impact of malvertising has grown apace as well. In 2018, it was estimated that the industry lost $210 million annually to auto-redirects, and another $920 million from the ads auto-redirects facilitated with click fraud.

TAG coordinates an industry-wide effort to improve defense against malware to create a safer, more enjoyable experience for consumers and a more trustworthy system for advertisers. In 2017, TAG became the Information Sharing and Analysis Organization (ISAO) for the digital advertising industry, a Department of Homeland Security designation making TAG the primary forum for sharing threat intelligence in our industry.


Certified Against Malware

Since 2014, the Trustworthy Accountability Group (TAG) has partnered with industry leaders to design and strengthen the Certified Against Malware Program, providing companies with a roadmap for taking on the complicated issue of malvertising.

The recent Brand Safety Consumer studies, conducted jointly with the Brand Safety Institute (BSI), found that over 80% of UK and US consumers would reduce their spending on an advertised product by more than half if the ad had infected their computers or mobile devices with malware – and over 57% would stop buying that product altogether.

This consumer behavior trend definitely caught the attention of digital advertisers, resulting in a significant increase in the implementation of industry best practices against malware since the Certified Against Malware program began. 

Find Certified Partners Get Certified!

TAG Certified Against Malware Guidelines Version 4.0 (PDF)


Malvertising Taxonomy

First published in November 2022, the Malvertising Taxonomy was created to help standardise the definition of Malvertising within digital advertising. Developed in collaboration with the TAG Community, the taxonomy includes:

  • a glossary of commonly used terms in Threat Intelligence reporting. 
  • malvertising event techniques
  • and more


TAG Threat Exchange

Proactive sharing of threat intelligence helps build industry resilience against evolving threats. TAG has facilitated threat-sharing across the digital ad industry since 2015, and the suite of threat-sharing activities available to the TAG Community has grown and evolved significantly over time to include curated tools for anti-fraud and anti-piracy threats, as well as all-hands briefings to facilitate the digital ad industry’s coordinate response to major malvertising and ad fraud attacks.

The TAG Threat Exchange enables the TAG Community to share real-time intelligence about threats they see, stay abreast of new and emerging threats that could affect their operations, and protect the digital advertising supply chain as a whole.

Powered by TruSTAR technology, the Threat Exchange enables companies to:

  • Leverage a centralized intelligence platform to collaborate within your company, with other companies working to combat the same threat, or with the TAG Community as a whole;
  • Share and receive timely, actionable and highly relevant threat intelligence between trusted parties in the TAG Community;
  • Enrich, enhance, and shorten your own investigations with high-fidelity intel.

While the concept of sharing threat intelligence is fairly new to the digital advertising ecosystem, the industry has already enjoyed several huge wins against malvertisers thanks to companies sharing information about the threats they uncover with one another and partnering with law enforcement to take down the criminal rings responsible.

If your company is interested in participating in TAG's Threat Exchange program, send an email to info@tagtoday.net requesting more information.

[W]e also shared intelligence with other key players in the digital ad ecosystem through the Trustworthy Accountability Group (TAG) Threat Exchange.

By presenting information about persistent and malicious third-party code in the TAG malware group, there is a network effect that occurs. Working together with customers and the industry, our goal is to greatly reduce the impact of these types of large-scale attacks across the advertising ecosystem.

Chris Olson

"ICEPick-3PC Spikes During Pandemic"

Anti-Malware Working Group

The Anti-Malware Working Group coordinates industry-wide efforts to improve defense against malvertising attacks to create a safer, more enjoyable experience for consumers and a more trustworthy system for advertisers.

Learn More

Threat Data & Insights

TAG malware-related research highlights the challenges, successes and best practices vital to wining the fight against malvertising.


TAG Industry Briefings

Find all of TAG's Data & Insights research here

2022 Initiatives & Partnerships


Cyber Security Awareness Month-Cyber Champions!

October is Cyber Awareness month and TAG are Cyber Champions! 

What does Cyber Champions mean? 

This means that throughout October, we'll be sharing tips, cheat sheets and more on how you can stay #CyberSmart and #CyberSafe. 

Head to the Cyber Awareness Month Page to get the information you need!

#CyberSmart Resources



RSAC - Association Partner

For 2022, TAG is RSAC's Association Partner!

Attend expert-led sessions, inspiring Keynotes, innovation programs, and much more! Join us at RSAC 2022 on June 6-9, in person in San Francisco or virtually.

TAG Members have access to an exclusive discount for passes to the event. Please email us at info@tagtoday.net to request the code.