Ad Tech & Ad Ops

Forced Redirect Ads: How Publishers Can Identify (and Avoid) Them

Pinterest LinkedIn Tumblr

When Chrome released its update to block forced redirects and pop-ups, we thought ad redirection is on verge of ending. However, it doesn’t seem like it’s happening so soon.

Web browsers like Chrome and Firefox block redirection, but they don’t really understand the difference between a good redirect and a bad one. Their codes are designed to simply block redirects and pop-ups which affect the user experience.

Well, this doesn’t sound like a solution. Because forced redirect ads are still there waiting for users to let their guards down. And publishers are unable to pinpoint the origin of forced redirect ads.

But why’s this happening? Is there any end to forced redirected ads? Here, we’ll try to answer all of your questions, but first, let’s clear out some basic.

What Are Forced Redirect Ads?

When a user opens a webpage to access the content of his choice, he is redirected to some other web page instead. This is an example of redirect ads. This can further lead to numerous pop-ups appearing on the screen and direct installation of malicious software.

At this point, the user can think that the publisher is involved in this practice. While in reality, the publisher might not even have an idea about such redirects. As a result, in order to deal with annoying pop-ups and redirects, the user installs ad blocker which affects the publisher’s earning.

How Are Redirect Ads Added?

According to industry professionals, forced redirects are difficult to detect because they appear only under specific conditions (such as the wireless carrier, geographical location, and time of day). Due to this, forced redirects manage to surpass the ad security protocols.

There are three common ways using which forced redirect ads are placed:

  • Ad request manipulation: An ad request goes through various parties such as an ad network, ad exchange, and agency before it reaches the destination and gets sold. During this journey of the ad request, bad actors infuse it with malicious code and send it back to the user’s device resulting in forced redirect ads.
  • Malicious code implementation: While creating the ad, it’s hard-coded with malicious redirection codes. These codes are designed to trigger when a user gives impression or click. Then the entire user’s screen is bombarded with ads and different tabs open up on their own. Sometimes, ad malware is added by third-party platform (using ad injections). And other times, it originates at the time of ad creation using HTML and/or JavaScript.
  • Meta refresh tags: These tags are used to redirect the user from one tab to a new tab or refresh the existing tabs. Here, fraudsters manipulate the meta refresh tags and put an invisible countdown. Once the countdown is over, a forced redirect is sent on user’s screen.

How To Identify Forced Redirect Ads?

Monitor the scam: For publishers, detection of ad redirection scam is the most difficult part. This is because most publishers do not notice redirect ads until they start losing users or see a decrease in their ad revenue. Hence, the first thing a publisher needs to do is monitor the scam and find out the source. To do this, you can start by using Charles Proxy (a web-proxy used to detect and record the data being sent and received on the browser) or similar services. This can give you insight on your site and the requests being transferred while accessing it.

Take help of technology: Redirect detection services help you detect the redirects for each ad unit and are further used to identify the fraudster behind these malicious practices. The only problem is, these services scan all the ad units on the web page before loading it on the user’s browser which increases page latency.

Reevaluate SSPs and Networks: As a publisher, make sure you are partnered with reliable demand partners. Of course, it’s beneficial to work with multiple SSPs and networks for a publisher. But before giving them access to your ad units, make sure you know they are not involved in practices like redirect ads.

Manually turn off partners: Sometimes, advertisers are the root cause of the problem instead of the network. In such a case, turn off the demand partner each at a time and check whether the redirects stopped or not. This experiment will take some time depending on a number of demand partners you have. Once you know which demand partner is causing the problem, immediately send an email to the partner asking to detect and turn down the advertiser causing forced redirect ads. This is possible only in case of header bidding and private dealing.

Is There Any Other Method?

Yes, SafeFrame.

Publishers can restrict the behavior of ad creative using SafeFrame technology. With SafeFrame, the ads will be put inside a safe iframe box which will not allow them to misbehave (like forcing redirects). But publishers seldom opt for this.

This is because it restricts third-party vendors (such as viewability analyzing tools or brand safety products) from accessing the data from publishers’ sites.

If we talk about Google Ad Manager, DFP automatically adds SafeFrame to all the ads to ensure safety. Although, publishers can turn off this setting when dealing with direct-sold campaigns.

Google is also dealing with forced redirection issues on a different level as well‒Chrome ad filtering and pop-up blocking technology. The system designed by Google is not perfect, yet. However, there will surely be updates to improve user experience by stopping annoying redirects.

Forced Redirect Ads: After Effects

According to Confiant, 0.5% of online ads are compromised (contain malicious codes) and show forced redirects. This percentage sounds like a low number, but, remember, due to redirects, a user is giving out thousands of impressions a day. And if a user spends much time online using such sites then he is definitely getting forced redirects on a regular basis.

“Like robbers, these fake online gift cards promise cash-in-hand, but once a user gives away personal information, their identities are stolen. The data is then resold to forgers that take the information to impersonate users. No publisher wants to stake their reputation on identity theft.” pointed by MartechAdvisor.

Due to the complex dealing mechanism, it’s hard to blame one party for such malicious practices and further make it difficult to eliminate them from the industry.

Skyword said, “Publishers are just as frustrated as consumers, as their ad platforms are placed under attack and their online user experiences are ruined by malicious content. The problem posed by malicious advertising is only getting worse. Way back in 2015, IAB estimated that malicious ads were costing online advertisers roughly $8.2 billion every year, and it’s widely believed that the prevalence of malvertising has increased every year since then.”

Clearly, a loss of advertiser also reflects on the earnings of the publisher. Hence, a forced redirect ad is an industry-wide issue, affecting everyone equally.

Write A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.