Prevent malware in ad content

Google actively works with trusted advertisers and partners to help prevent malware in ads. All publishers, ad networks and ad operations teams should follow security recommendations detailed at

Google has developed proprietary technology and malware detection tools to regularly check creatives. Fourth-party calls or sub-syndication to any uncertified advertisers or vendors are forbidden. Our automated malware checker scans all creatives. Any ad that we detect distributing malware will be pulled to protect users from harm. Any Authorized buyer whose creative is found to contain malware is subject to a minimum three-month suspension. If you have a creative under policy violation, learn how to resolve it.

Find out more about how to avoid malware or report abuse and illegal activity.

Creatives that trigger automatic-redirects or pop-ups

Auto-redirects are a form of malvertising that automatically click and unexpectedly take users to an another site in a user’s browser or mobile app when rendered. Similarly, pop-ups are a form of malvertising that render system dialog boxes over the website enticing the user to click.

Google prohibits this behavior and is constantly improving publisher protections. The large majority of Ad Exchange and Google demand uses technical infrastructure called sandboxing to stop these malicious creatives in Chrome and other platforms.

Other exchanges, networks, and partners transacted through header bidding and line items might not have the same policies and protections. Ensure that your demand sources have adequate policies to prohibit and protect against this behavior.

Was this article helpful?
How can we improve it?