WTF is ad injection?

WTF is ad injection?
Ad injection is a technique by which ads are surreptitiously inserted in webpages without getting the permission of site owners or paying them. The practice takes multiple forms. In one, ads are inserted on top of those that already appear, making the original ads impossible to see (and hurting publishers’ viewability scores). Injected ads can also replace other ads entirely, or appear on pages that weren’t supposed to include ads at all.

How does it work?
Ad injection starts when a Web user downloads and installs a browser extension or app that’s bundled with software that quietly injects unwanted ads into users’ browsers. Software such as PDF converters or browser toolbars, for example, are often offered for free to the consumer and monetized through deals developers make with ad injectors, who shell out affiliate fees to software developers every time someone installs their software or clicks an injected ad.

Give me an example.
There are plenty of those. A browser plugin called Rewards Arcade used ad injection to IAB-standard ads for on both Facebook and Dropbox, for example. The technique has also been used to inject ads for Target on Walmart.com, and spots for H&R Block on Apple’s homepage, which doesn’t include ads at all. Adware Sambreel injected ads on YouTube.

But this isn’t new, right?
It isn’t. The industry has been wrestling with ad injection for years. Adware company Gator turned heads as far back as 2001 for its software, which replaced sites’ banner ads with its own. Gator infringes “on the trademark, copyright and intellectual property rights of Web publishers and advertisers,” Then-IAB president and CEO Robin Webster said at the time.

Seems pretty innocuous. Who is this actually hurting?
Just about everyone. When an injected ad replaces one on a publisher’s homepage for example, that publisher loses revenue because its ad tags aren’t loading. “These publishers are essentially being stolen from by having someone else monetize their impressions,” said Aaron Doades, vp of media quality for DoubleVerify.

It’s also bad news for advertisers, who often get tricked into thinking that they’re buying directly from publishers when they’re actually buying from an unrelated third-party. Users also lose out with ad injecting software, which also typically comes with a host of other privacy and security concerns.

Okay, so who do we blame? The developers? Advertisers?
In a way, you can blame the realities of programmatic buying, which is a complex web of buyers, sellers, ad networks and exchanges. “If you’re buying programmatic, you end up losing the transparency of where your inventory is showing up,” said David Sendroff, CEO of Forensiq. “You may think you’re buying inventory directly on a premium publisher site because their domain is what’s coming through on the exchange, but that’s not the case here.”

Ad Injection Demonstration by Forensiq from Forensiq on Vimeo.

Do all advertisers object to this?
“There’s probably a handful that don’t mind,” Doades said. “If you’re really focused on direct response and these ads are working and converting, it’s possible that some advertisers don’t mind working through ad injectors.” Just like there are some advertisers who don’t mind their ads appearing on sites others might find objectionable, like porn sites.

“Some advertisers that say within their insertion orders that they will allow ad injected inventory,” Sendroff added.

Is that why this problem is so hard to fix?
It’s part of it. Doades said that the biggest challenge to fixing the ad injection problem is knowing it’s occurring in the first place. This is a problem for both publishers and advertisers, which are often unknowing victims of the practice. “Publishers are caught in the crossfire. This is the last thing they want to deal with,” he said.

Photo: Flickr