In adtech, we have to confront a lot of pitfalls. As we grow our technology, fraudsters grow theirs to spam the Internet. But, in the end, publishers are held liable by the readers. Forced redirect ads are on their way to make the condition even worse. So, here’s the guide to deal with it.
Before we start with anything, let’s have a quick refresh of the basics.
What are ‘forced redirect ads’?
When a user tries to access a webpage (known), they’ve been redirected to an unknown site(s) where the user has been spammed with ads or malware.
This redirect could be via links, disturbing pop-ups or through a webpage overloaded with display ads. In fact, fraudsters develop trust with publishers by posing as a legitimate ad network for certain period of time and then start dropping in malware through ad creative in order to forcibly redirect destinations for the users.
“This comes up every year – and this is the worst case [we’ve seen in] the past several years”
– Dave Pond, GM of display and programmatic at Vox Media.
How is it done?
There are generally three primary ways to insert forced redirect ads on the ad network or web path:
1. At ad request level
2. At Post Click level
3. Implementing malicious code
At ad request Level – An ad request always goes through a number of different levels such as third parties, ad networks, etc. before reaching its target. During this journey from start to end of an ad request, the bad actor infuses the code that sends the user to an unwanted destination.
At Post Click Level – Whenever a user clicks on an ad, the click request is seized and the user is redirected to an unintended destination.
Malicious Code Implementation – This is one of the most widespread reasons for forced redirects. While creating the ad inventories or designing an ad creative, the malicious code is implanted. Its effect can be seen only when an ad appears and gets clicked.
Meta Refresh Tag – Other than these mentioned ways, another common method is meta refresh tag, that takes the user from one web page to another web page. In this, the bad actor sets the countdown usually invisible to the user, and after the countdown ends the user is forced to visit a web page which might contain a virus or any malware. But the good thing is almost all the frequently used browsers allow disabling the automatic redirect.
Dealing with the forced redirect ads
Start by monitoring your web traffic by using programs such as Charles Proxy that dwell between the internet and your browser in order to trace the interactions while a page is loaded. Such programs are beneficial as they allow you to record the interaction between user and the page load event along with tracing the third parties and other page redirects that are involved.
Manual On & Off
The method is quite tedious and exhaustive. If you have multiple header bidder partners, try turning off each of them one at a time and monitor if the redirect ads still pop up. This would assist in knowing which header bidding partner is the reason for redirect ads. Once you have found the header bidding partner contributing to forced redirect ads, you can email them informing the situation and ask them to immediately block the advertisers delivering redirect ads.
You can also make use of the ad redirects detection services. In this, the service provider executes a complete automatic search daily on customer’s website to inspect for possible redirects. Such services assist in catching the redirects and also identifying the reasons or fraudsters behind them.
For instance, Confiant, a redirect/malware prevention company scans ad units on your website and determines whether the ads are made to redirect users or not. However, to scan an ad unit, it takes 50ms. So, it might make your pages load a bit slow (depending on the number of ad units.).
Trusted Exchanges and SSPs
The root is from the demand and when you cut the bad actors from the supply, the volume of redirect ads will obviously reduce to a great extent. Partner with reliable ad exchanges and ensure your SSP is also following the same. After all, your SSPs are handling your demand partners.
That’s why at Automatad, we test, verify, and partner with trusted ad exchanges and DSPs to ensure quality ads. In fact, our publishers have never experienced calculable redirects before.
Google is already blocking the ad redirects on its browser and it will continue to release updates to improve the user experience. In addition, users who’re frustrated with the redirects have installed ad blockers. The more we wait, the worse it gets. Once we start screening and blocking the forced redirect ads from the buy-side, users will eventually give up on ad blockers (of course, with the right messages and quality ads).
We’re dedicated to helping the publishers not just with monetization; with all the problems and optimization.
Note: We’re running a decode series (email series) for publishers with a goal of demystifying adtech jargons. We discuss from ABCs to deep insights, so feel free to sign up. It’s free.