Imagine if simply opening an envelope in the mail or answering a phone call was enough to let a criminal into your house. In the digital world, however, the equivalent can be true, as something as innocuous as visiting an infected website can allow an attacker to take over your home computer or wireless device. This type of criminal activity, known as malware, presents an ever increasing threat to consumers. When malware is distributed through infected ad creative, known as Malvertising, there is incredible damage done to the brand that delivered the malicious code.
The fight against malware is one of the four pillars of TAG’s work, along with efforts to tackle fraud, piracy, and lack of transparency, but our anti-malware efforts may have the greatest benefit for consumers, as criminals are able to steal personal information from infected computers and devices. The criminals are also able to stitch these devices together to create botnets, a system of millions of infected devices, which can create massive amounts of non-human internet traffic (NHT). This NHT allows criminals to defraud marketers of billions of dollars in ad spend.
That’s why we’re delighted to take a big step forward in the fight against Malvertising with today’s release of TAG’s Best Practices for Scanning Creative for Malware, a white paper that helps every participant in digital advertising better understand the steps they should take to block the distribution of malware through the channels they manage.
The white paper was developed through the coordinated efforts of TAG’s Anti-Malware Working Group, which includes nearly fifty companies and organizations involved in the fight against malware. It includes detailed analyses of what types of advertising content should be scanned, who should be responsible for the scanning, what processes should be followed at each step, how often scanning should take place, and what types of creative present higher risks and require additional actions.
TAG’s Best Practices for Scanning Creative for Malware is one element of the larger TAG Certified Against Malware Program, which will be rolled out to participating companies later this Fall. Like TAG’s Certified Against Fraud and Certified Against Piracy Programs, the Certified Against Malware Program will award a TAG seal to companies that meet the highest standards for malware prevention.
In addition to those industry-led efforts, TAG and the Anti-Malware Working Group are also working closely with federal law enforcement agencies like the U.S. Department of Homeland Security, the FBI, and the U.S. Department of Justice. TAG’s Malware Summit, held earlier this Summer in New York with each of these agencies, helped develop a formal public/private information sharing collaboration. This partnership will allow TAG to share the information we gather with the proper authorities to assist in criminal prosecutions against the distributors of malware through digital advertising.
To facilitate our information sharing program, TAG is working with leaders in the industry to create a technology platform that will provide the most current threat intelligence to participating companies and our law enforcement partners. We invite the entire industry, from marketers and agencies, to intermediaries and publishers to join our efforts. We have a shared interest in hardening the digital supply chain against Malvertising, which will protect our valued consumers and increase trust in the digital supply chain.
If you’d like to become part of this group or have any questions about TAG’s efforts to fight malware, please contact Jamie O’Donnell at firstname.lastname@example.org.