All You Need to Know about Malware Scanning

Malware Scanning

There are many definitions of malware, but in general, malware is a type of software that is harmful and may cause damage to your computer, server, etc. As some users employ online advertising to spread malware, we have to pay attention to this during the campaign approval process. Therefore, our team here at Voluum DSP implemented a malware scanning solution (The Media Trust scanner) in the campaign approval process

Below you can find some more details about this solution. Also, you’ll get to know what to do if your campaign fails the Security Scan and what to do if your domain is blacklisted.

What is Malware?

According to The Media Trust (TMT) definition, the scanner considers malware as:

“…any code, program or application delivered via content, advertisement, or tags that have an unwarranted presence on a device, network or digital asset”.

There are many types of threats that may be flagged. It could be some malicious software/programs, i.e. viruses, trojans, ransomware, adware, or some malicious practices, such as auto-downloads, crypto mining, or suspicious auto redirects. Therefore, TMT grouped them into several categories, called Incident Types:

  • Malicious
  • Malicious – Imminent
  • Malicious – Landing Location
  • Scam/Fraud
  • App Store Redirect/Out of Browser Redirect

The details of a particular incident for specific domains and used URLs vary case by case. All incidents have assigned levels of risks and such combinations are crucial in the Voluum DSP approval process.

Malware Scanning Process at Voluum DSP

Malware and ad fraud are a big problem in the advertising industry. Fraudsters cause million dollar losses every month. This is why our Voluum DSP team pays special attention to such problems during the campaign approval process. Each campaign is checked with an automatic malware scan to ensure our platform provides safe media for users. Malware scanning takes place simultaneously with the manual review. During this process, we are using a TMT scanning solution. TMT monitors the real-user experience and if the media scanner flags your app, website (domain), and/or ad tags we will receive a report with detailed information about the issue. Depending on the incident type, level of risk and information in scan details, campaigns may be rejected or allowed.

All campaigns undergo the scan in the pending stage and during their lifetime. If an issue is detected (for example malicious domain), the campaign is auto-rejected, and you will receive an email notification, titled Security Scan Failed. As already mentioned, the process is fully automated, but there are a few exceptions when the system may send your campaign for a manual review. In such cases, our Compliance Team will review the TMT scan details and decide if the campaign should be allowed or not. If the decision is negative, the campaign will be rejected with the given reason, in which you will also find a TMT scan report.

What to Do When You Receive a Notification?

When your campaign is rejected due to a failed malware scan, you will receive an email notification – Security Scan Failed. The email contains all the important information that should help you understand what happened. The email will contain:

  • Campaign Name
  • Affected Ad Exchange
  • Scanner Results
    • Info about Violation – type of incident, risk level, incident description
    • Flagged Domains
    • Link to the TMT Scan Results/Details

Cases may vary, therefore the method of solving the issue strongly depends on what is included in the report. If you are not sure what to do, you can always contact our Compliance Team, by replying to the received email.

In the TMT Scan Results you can find all the details about flagged content: 

Violation Summary with info about the type of incident and a description

Malware Violation with info about which domains used in your redirect path have been flagged

Call Chain with information about redirect path of campaign and details about website content

Other Details such as: Screenshot of the Landing Page, Creative Details, Domain Summary

By checking the details, you should be able to detect the main issue that caused campaign rejection and thereby allow you to fix or remove the flagged elements.

What to Do When Your Domain has been Blacklisted?

The most common issue is a blacklisted domain. It can be the domain you used as the landing page/offer, or the domain present in your redirect path. There can be many reasons why your domain was blacklisted: suspicious behavior, redirects or even page content. Blacklisting can also be caused by the historical record of the domain, especially when it’s co-shared between different parties.

In this case, the best option to resolve the issue is to contact TMT directly with a request to remove the domain from the blacklist. You will need to prove that the domain is not malicious and does not contain any malware. This solution will help avoid similar situations in the future, and it is especially recommended if you are the owner of the blacklisted domain. 

To complete TMT domain reclassification you will need to provide some specific information about the domain (proof of ownership, domain description etc.). If you would like to do that, just contact your Account Manager, and we will guide you through the process.

Final Thoughts

To sum up, remember that each campaign that is going through the Voluum DSP approval process is also checked by automatic TMT malware scanning. If your campaign fails the security scan, you need to check the scan details and find where exactly the issue is. To resolve it, you may need to clean up the redirect path or landing page content and after that, contact TMT directly. If you are not sure what to do, you can always contact us, and we will guide you 🙂

Voluum DSP advertising experts are here to help you!

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like