Forced redirect ads
As a user, you look for enriching and quality interaction on the website but end up getting annoyed due to unwanted ad pop-ups and links that land you to undesired web address.
Unwanted redirects create poor quality and spam filled experiences for any user or publisher.
Some of the shady associate marketing approaches tend to annoy users as well as publishers, one of which is the forced redirects that out of the blue readdress the user to the unwanted sites. This redirect could be via links, disturbing pop ups or through a webpage overloaded with display ads.
In fact, many a time it has happened that the fake site managers try to create trust in publishers by posing as legal ad networks for certain period of time and then start dropping in malware in ad creative in order to force redirect destinations for the user.
There are generally three primary ways to insert forced redirect ads on the ad network or web path-
1. At ad request level
2. At Post Click level
3. Implementing malicious code
At ad request Level:
An ad request always goes through a number of different levels such as third parties, ad networks etc; before reaching its target. During this journey from start to end of any ad request, the bad actor infuses the code that sends the user to an unwanted destination.
At Post Click Level:
Whenever a user clicks on an ad, the click request is seized and the user is redirected to an unintended destination.
Embedded spam code:
This is one of the most widespread reasons for forced redirects. While creating the ad inventories or designing an ad creative, the malicious code is implanted. Its effect can be seen only when an ad appears and gets clicked.
Meta Refresh Tag:
Other than these mentioned ways, another common method is meta refresh tag, that takes user from one web page to another web page. In this the bad actor sets the countdown usually invisible to the user, and after the countdown ends the user is forced to visit a web page which might contain virus or any malware. But the good thing is almost all the frequently used browsers allow disabling the automatic redirect.
How to identify & resolve if your website has forced redirect setting
1. Start from monitoring your web traffic by using programs such as Charles Proxy that dwell between the internet and your browser in order to trace the interactions while a page is loaded. Such programs are beneficial as they allow you to record the interaction between user and the page load event along with tracing the third parties and other page redirects that are involved.
2. The entire ad creative is worked upon by the ad networks and the header bidder partners. If you have multiple header bidder partners, try turning off each of them one at a time and monitor if the redirect ads still pop up. This would assist in knowing which header bidding partner is the reason for redirect ads. Once you have found the header bidding partner contributing to forced redirect ads, you can email them informing the situation and ask them to immediately block the advertisers delivering redirect ads.
3. One can make use of the ad redirects detection services. In this, the service provider executes a complete automatic search daily on customer’s website to inspect for possible redirects. Such services assist in catching the redirects and also identifying the reasons or fraudsters behind them.
As per the recent report, with the start of coming year-2018, Google would start blocking the ad redirects in Chrome. We have already seen some of the features such as pop-up block, autoplay protection, Google will release new protection features for the ease of users and to provide them with enriching browsing experience without the annoying ad redirects.
If you are proactive towards monitoring and analyzing the site visitor and their behavior, it is very much possible that you can trace the spam ad redirects and work on removing them from your website.