Malvertising surged 10% in 2024, with forced redirects dominating attacks and over 70% of users now viewing online ads as untrustworthy, underscoring the urgent need for stronger ad security measures across the industry.
Every season, malvertising mutates, revealing new tactics designed to evade detection and inflict harm across the digital advertising ecosystem. From deceptive redirects to sophisticated phishing schemes, these evolving threats continue to wreak havoc—damaging victims, tarnishing the reputations of publishers and brands and undermining trust in the entire ad ecosystem. Each year, we analyze over one trillion impressions across premium websites, apps, and SSPs to track emerging threats. By sharing our findings, we aim to equip the broader industry with the knowledge needed to safeguard readers, customers, and reputations.
The 2024 Ad Quality Report found that over 70% of users now perceive at least half of online ads as untrustworthy—a trend fueled by a 10% year-over-year surge in malvertising levels in 2024. Malvertisers are increasingly exploiting social engineering tactics to deceive users, with holiday shopping events like Thanksgiving and Black Friday fueling a surge in clickbait scams.
Let’s look at some of the key highlights.
Forced Redirects Dominate
Forced redirects were the dominant attack method throughout 2024 (in October, these attacks accounted for 81% of all malicious ads). Unlike traditional scams that rely on user engagement, forced redirects automatically send users to malicious landing pages without requiring a click. These attacks often appear as fake pop-ups, deceptive security alerts, or fraudulent prize notifications, particularly targeting mobile users where security protections tend to be weaker.
Q4’s Perfect Storm for Malvertising
The final quarter of 2024 created ideal conditions for fraudsters, combining peak online shopping with heightened user urgency around Black Friday and holiday deals. Clickbait schemes offering misleading product offers (31%), tech support scams (23%), and financial scams (22%) were the leading themes. Malvertisers served the lion’s share of these scams in the United States.
Geographic Targeting and Platform Specifics
North America remained the primary battleground for forced redirects, with 55% of malicious ads in the U.S. and Canada originating from forced redirection attacks. While these attacks were present globally, they were significantly less common in Europe (30%) and APAC (32%).
However, the most striking regional difference lies in the sheer volume of malicious ads served. In the U.S., one out of every 160 ads was malicious, which is a slight improvement from 2023. Canada was a high-risk region, with one out of every 75 ads being malicious (a far worse ratio than most other markets). Meanwhile, Japan saw far lower exposure, with just one malicious ad per 1,295 impressions.
Mobile devices account for 56% of malicious ad traffic, primarily through forced redirects (68% of mobile attacks). Desktop users face more clickbait scams – 79% of these target desktop devices, likely because users are more willing to engage with text-heavy scam articles on larger screens. Mobile redirects succeed more often since they’re harder for the user to identify as a scan on mobile devices.
Supply-Side Platform Security Performance
We saw some concerning shifts in SSP quality throughout the year. Some platforms, including Google, improved markedly, while others became more vulnerable. For instance, the third-largest SSP experienced a substantial increase in malvertising rates, exceeding 10%.
Open marketplaces consistently showed higher vulnerability than their private counterparts, highlighting the critical need for enhanced demand pipeline screening
Content Blocking Trends and Regional Variations
Gambling remained the most blocked content category globally, with regional variations in restrictions. In the U.S., weapons-related content ranked as the second most blocked category, while APAC publishers focused more on restricting tobacco-related ads.
Mobile gaming ads also saw increased filtering, particularly in APAC, due to concerns over violent and inappropriate content, with publishers increasingly leveraging app store category-based blocking.
The Role of Advanced Targeting
ScamClub and similar groups deployed sophisticated fingerprinting and cloaking methods to bypass detection systems. This year, we saw, for the first time, a massive penetration of auto-redirects through video ads, not just display. These tactics proved especially effective on mobile, where forced redirects exploit both the limited screen space and users’ mobile browsing habits. With mobile users less likely to notice suspicious redirects, these attacks saw higher success rates than desktop platforms.
Looking Ahead
The surge in malicious activity over the past year reinforces the need for publishers and platforms to take a holistic approach to securing their assets across web, in-app, and CTV ads. While many have implemented stronger ad verification and security measures, the industry’s response remains uneven — some platforms have made significant progress in reducing malvertising, while others continue to struggle.
As malvertising fraud evolves with every season, the real winners in ad quality will be those who proactively protect users wherever they engage. Moving into 2025, success will require stronger industry-wide coordination, with publishers, platforms, and ad security partners working together and investing in both technology and user education to stay ahead of emerging threats.