Respond to malvertising alerts

Malvertising is advertising that is used to distribute malware. DFP checks creatives and line items for malvertising that may include viruses, trojans, and URLs, fake GIF files or SWF (Flash) files found to contain malicious code. If a line item or creative is found to be compromised, DFP automatically stops it from serving and sends an email alert to the network contact.

 

What to do if you receive a malvertising alert

When DFP detects potential malvertising, it sets an in-product alert and sends an email to all users in your network with the default Administrator role. If you use custom roles, the email is sent to any user whose role includes the "Receive all malware notifications" permission.

If you receive a malvertising notification email or alert for one of your line items or creatives, check the line item or creative immediately. Do not click on or render the creative or line item. If it hasn't been deactivated automatically, deactivate it immediately. You can't reactivate the line item or creative until it's been cleared by the malware team.

Additionally, we recommend that you follow up with the third party that supplied you with the infected creative or link.

If you want alerts to be sent to a specific email address, such as an alias for a group within your organization, you can add the address to a user with the default Administrator role, or create a new Administrator user with that email address. Either way, the user needs to be assigned to the default Administrator role, not a custom role.

 

More about malvertising

Google actively works with trusted advertisers and partners to help prevent malware in ads. However, no system is perfect, and as a publisher you should conscientiously take steps to avoid accepting malicious ads. Doing so not only protects your site and preserves your inventory’s value, but it also helps ensure the vitality of the online ads ecosystem.

!!!Anti-Malvertising.com, which was created by Google’s Anti-Malvertising team, provides the following guidance, among other useful information:

Where necessary, work with your advertisers to employ these practices.

 

Types of malvertising

Malvertising can appear in the following forms:

  • Malicious creatives

    The creative is bad and likely advertises a fraudulent advertiser. These include iframes going to bad URLs and .swf files that act maliciously.

  • Third-party redirect to either an ad server or ad network

    The creative is a valid ad network redirect. However, in this instance we received a malicious creative from that ad network.

  • Compromised landing page

    The line item or creative was good and for a real advertiser. However, the landing page was compromised, so we are banning the line item or creative until they correct the landing page.

Was this article helpful?