The digital advertising industry faces threats from criminals’ intent on causing harm to consumers and the supply chain. The act of abusing the ecosystem to inflict harm - such as financial fraud or delivering malicious software - is coined as malvertising, and criminals will stop at nothing to test the industry’s defenses.
As part of the response to this threat, in 2017 TAG became the first Department of Homeland Security-designated Information Sharing and Analysis Organization (ISAO) for global digital advertising , making TAG’s initiatives the primary forum for sharing threat intelligence within the industry.
Given the scale and complexity of the threats facing, TAG uses a multi-pronged and collaborative approach to collectively defend against these dangers. For more information on the impact of TAG’s threat intelligence mission, see the 2024 Impact and Compliance report.
[W]e also shared intelligence with other key players in the digital ad ecosystem through the Trustworthy Accountability Group (TAG) Threat Exchange.
By presenting information about persistent and malicious third-party code in the TAG malware group, there is a network effect that occurs. Working together with customers and the industry, our goal is to greatly reduce the impact of these types of large-scale attacks across the advertising ecosystem.
Chris Olson
TAG’s AdSec Threat Exchange enables digital advertising intermediaries and security vendors to share intelligence on the latest threats observed in malvertising (Malvertising Threat Exchange (MTX)), cybersecurity (Enterprise Threat Exchange (ETX)), and piracy (Piracy Threat Exchange)). Intelligence is regularly shared, on a near real-time basis, whilst more detailed analysis on new and novel threat actor tradecraft are shared routinely.
As of 2024, the initiative has active threat-sharing members in 11 countries across seven time zones, spanning 21.5 hours of human coverage on a typical working day.
If your company is interested in participating in TAG's Threat Exchange program, send an email to info@tagtoday.net requesting more information.
As well as providing the industry individual pieces of intelligence in the AdSec Threat Exchange that may have a short term impact, TAG also seeks to analyze and understand criminal behavior in order to stay abreast of the latest criminal tradecraft - i.e. Tactics, Techniques, and Procedures. By sharing that analysis with TAG Members, they can develop more holistic approaches to defending against threats.
Our intelligence reports can be found on our Data & Insights page.
Since its inception, TAG has partnered with industry leaders to strengthen the Certified Against Malware (CAM) Program, providing companies with a roadmap to combat malvertising. Research shows that over 80% of UK and US consumers would reduce their spending by more than half if an advertised product infected their devices with malware, and over 57% would stop buying that product entirely.
This shift in consumer behavior has driven digital advertisers to adopt industry best practices against malware, leading to significant improvements since the CAM program's launch.
The certification guidelines are updated by the Anti-Malware Working Group, who coordinate efforts to improve defenses against malvertising, creating a safer and more reliable experience for consumers. The group ensures that TAG’s anti-malware standards and tools are aligned with the latest industry best practices.
TAG’s Threat Intelligence tools provide the community with a means to assist in the identification and mitigation of threats in digital advertising.
First published in 2022, the Malvertising Taxonomy was created to act as a resource across the cybersecurity industry to provide common language around the definition of malvertising and examples of malvertising events. Additionally, the taxonomy is intended to support and act as a companion to existing frameworks e.g MITRE ATT&CK Framework, Confiant’s Malvertising Attack Matrix, etc.
Developed in collaboration with the TAG Community, it includes:
In 2024, TAG launched “Project Brand Integrity 2.0” (PBI 2.0), a significant expansion of TAG’s proven anti-piracy initiative to defund the criminals who profit from stolen content while protecting advertisers from unintentional exposure to unsafe websites.
As part of this evolution, TAG facilitated the introduction of the Pirate Domain Exclusion List (PDEL) — a list designed to help prevent ad misplacement on pirate sites.
PDEL provides ad tech companies with a resource for identifying domains that have been flagged as pirate domains by TAG members.
For more information about the Pirate Domain Exclusion List, or to access the tool, please contact us at info@tagtoday.net.
Cybercriminals are exploiting the vulnerabilities within the media more and more. From malvertising attacks to utilizing digital advertising for social engineering tactics, cybercriminals are leveraging the latest technologies to level up their game.
As the first and only Information Sharing and Analysis Organization (ISAO) for digital advertising, TAG is collaborating with the wider TAG Community, local law enforcement agencies and international government to bring threat intelligence forecasts, research and information to help mitigate these evolving threats.
How can I contribute to the AdSec Threat Exchange?
Please email us at info@tagtoday.net and one of the Threat Intel team will get back to you.
Where do I download a copy of the Malvertising Taxonomy?
Please refer to the Malvertising Taxonomy section of this page.
How do I become a CAM-certified company?
Please refer to section 2 of the CAM Guidelines.
I've got a question about my CAM Certification Application. Who should I contact?
Please email us at info@tagtoday.net and someone from the Policy and Compliance team will get back to you as soon as possible.
My company holds the CAM Seal for the current year but the guidelines have just been updated. Will my company fall out of compliance immediately?
No, your company will not fall out of compliance immediately.
When we release an update to one of our certification programs, all currently certified members are given a grace period of at least 6 months to come into compliance with the latest version.
All companies applying for certification and recertification in the upcoming year will need to show compliance with the latest version.
My company hasn't achieved the CAM Seal yet but is working towards achieving the certification. The guidelines for the program have just been updated. Which version of the program guidelines should I follow?
We recommend that you start working towards compliance with the latest version of the program's guidelines. This will ensure:
All companies applying for certification and recertification in the upcoming year, will need to show compliance with the latest version.
When is Recertification/Certification?
Recertification/Certification happens in January every year. All applications for any (or all) of TAG's seals should be submitted by January 31st. We will then take 4-6 weeks to process all applications and notify member companies of the result(s).
How do I check my company's and other TAG Member Company's certification status?
You can check your company's certification status on the TAG Registry.
You can also search for other TAG Member's status on the TAG Registry as well.
