This article originally appeared in Information Security Buzz on February 11, 2019.
Cybercriminals are launching bot networks to circumvent ads.txt protections, which are designed to allow publishers to list authorized sellers of their inventory according to security researchers at DoubleVerify.
Chris Olson, CEO at The Media Trust:
“It is absolutely crucial for all players along the ad supply chain to know who they’re doing business with, and only do business with players they trust. For publishers, that means closely and continuously monitoring all the domains and code executing in their digital environment. This will show them who’s there and how these players are affecting consumers who visit their sites or use their apps. They can then limit the domains and code to those they have authorized, and block those they haven’t. These measures will not only prevent ad fraud, but also shield their digital assets and their users from cyber crooks who commit identity and financial theft, as well as legitimate players who gather consumer data without authorization. Either could put publishers in conflict with a growing number of privacy laws like GDPR, California’s landmark consumer privacy law, HIPAA, and COPPA, among others.”