ExoClick and Malware and Google ad compliance

Malware distribution via digital advertising is a continual battle for ad networks. It is important for all of them to protect their publishers and end users from being exposed to malicious ads. Malvertising might happen on any ad network at some point in time, including giant ones like Google. Here are news articles of some recent attacks:

Bot Malware Attacks Rise, As Search Engines Blacklist Fewer Sites

Good Morning Android infection

Malicious Activities with Google Tag Manager

This is why it is imperative for ad networks to quickly detect and eliminate all forms of malware as soon as they are discovered and hopefully even before they are live.


In 2018 ExoClick stopped 2,005 malware campaigns on its network. Here are statistics from Q1 2019:

January: 258 malicious campaigns detected, consisting of:

February: 118 malicious campaigns detected, consisting of:

  • 40% Malware issues
  • 25% Browser lockers
  • 20% Phishing
  • 15% Scareware

March: 258 malicious campaigns detected, consisting of:

  • 41.6% Looping Push Notification landing pages
  • 32.4% Malware issues
  • 13.1% Scareware
  • 8.2% Phishing

April: 147 malicious campaigns detected, consisting of:

  • 44.9% Looping Push Notification landing pages
  • 28.5% Malware issues
  • 10.9% Phishing
  • 10.2% Browser Lockers
  • 4.8% Scareware
  • 1.4% Ransomware

May: 123 malicious campaigns detected, consisting of:

  • Looping Push Notifications: 39.3%
  • Malware Issues: 36%
  • Phishing: 11.5%
  • BrowserLocker: 8.2%
  • Scareware: 4.9%

June: 75 malicious campaigns detected, consisting of:

  • Looping Push Notifications: 32.7%
  • Malware Issues: 29.8%
  • Phishing: 18.9%
  • Scareware: 10.8%
  • BrowserLocker: 2.7%
  • Auto Redirections: 4.1%
  • Ransomware 1.4%

July 2019 – 113 malicious campaigns detected, consisting of:

  • Looping Push Notifications: 46%
  • Malware: 21.3%
  • Phishing: 15.1%
  • Browserlocker: 10.7%
  • Scareware: 4.4%
  • Ransomware: 1.8%
  • Auto Redirections: 0.9%

August: 70 malicious campaigns detected, consisting of:

  • 38.60% Malware
  • 17.10% Looping Push notifications
  • 14.30% Scareware
  • 12.90% Phishing
  • 12.80% Browserlockers
  • 5.70% Ransomware


How does ExoClick detect malware?

ExoClick uses multiple AI detection tools including AdSecure, to scan all ad creatives, links and landing pages. We scan on average 4,000 campaigns a day. Additionally, ExoClick’s Compliance team works everyday around the clock 24/7, 365 days a year in order to check campaigns and landing pages manually for malvertising and non compliance. ExoClick is the fastest in the industry, once malware is detected it is removed from our network instantly.


Once Malware is detected

ExoClick has zero tolerance for all malware including browser locking, randsomware, phishing, etc. Once detected all of the advertiser’s campaigns are immediately blocked and taken off our network. The advertiser receives an instant email notification with a report featuring all links that were flagged and in which countries they were detected. The advertiser’s account is also suspended and could lead to a lifetime ban from ExoClick’s network. Additionally, ExoClick also informs the publisher(s) where the malware appeared and that it has been stopped.

ExoClick is a part of the same battle that other ad networks face, including Google, in taking down malware and keeping the internet a safe place for users globally.


Google compliance

Our network protects our publishers from non-compliant advertising creatives. Google’s Abusive Experience Report and Better Ads Standards introduced in 2018 aimed to penalise publishers who showed ads considered to be annoying to end users. We have developed a labeling system in our admin panel so that publishers can automatically block with one click all ad formats that are not Google compliant. All explained in this blog post ‘Google’s new rules: ExoClick’s solutions for publishers.


In December 2018 Google released Chrome version 71 which introduced further restrictions by blocking what Google considered were abusive ad experiences and we updated our labelling system to incorporate these new restrictions entitled ‘Misleading Elements.’ This way publishers can maintain and continue to grow their revenues whilst staying Google compliant and our advertisers can continue to convert their offers. Check out this blog post ‘ExoClick updates its advertiser guide to Google restrictions.


Giles Hirst