RESTON, Va., April 15, 2016 /PRNewswire/ -- Today, comScore (NASDAQ: SCOR) announced that comScore Labs has discovered a sophisticated new form of placement laundering that that has been used to generate considerable amounts of invalid traffic to take advantage of advertisers over the past year. Like other placement laundering attacks (a form of ad fraud originally identified by comScore Labs' Jeff Kline in 2014), this exploit enables ad requests to appear to originate from high quality publishers, thereby enabling requesting entities to derive significantly higher ad prices for low quality placements.
SafeFrame, defined by the Interactive Advertising Bureau (IAB), is intended to allow information to pass between ad creatives and publishers in a secure and standardized manner. The goal of SafeFrame is to protect publishers from misbehaving or malicious advertisers, but it was not designed to protect advertisers against invalid traffic. Google has its own implementation of SafeFrame, which analysis indicates is used in an unintended way as part of the exploit.
Since discovery and diagnosis of the attack, comScore Labs has worked closely with Google's Ad Traffic Quality team to understand the implications of the attack. Google has indicated that the use of SafeFrame is orthogonal to placement laundering via a tainted encodeURI function. This same exploit could be conducted without a SafeFrame environment. In general, any ad tech that relies on an overridable component is at some risk. Detailed analysis of Google's ad traffic shows no evidence that its systems are affected by this particular placement laundering attack. Indeed, Google's ad systems have significant placement laundering safeguards including automated infrastructure and review by operations teams to exclude traffic that is falsely represented as coming from a different website.
Similarly, comScore Labs has developed comprehensive capability to identify and remove placement laundering attacks from all of its reporting products.
comScore, Inc. (NASDAQ: SCOR) is a leading cross-platform measurement company that precisely measures audiences, brands and consumer behavior everywhere. comScore completed its merger with Rentrak Corporation in January 2016, to create the new model for a dynamic, cross-platform world. Built on precision and innovation, our unmatched data footprint combines proprietary digital, TV and movie intelligence with vast demographic details to quantify consumers' multiscreen behavior at massive scale. This approach helps media companies monetize their complete audiences and allows marketers to reach these audiences more effectively. With more than 3,200 clients and global footprint in more than 75 countries, comScore is delivering the future of measurement. For more information on comScore, please visit comscore.com.
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/comscore-labs-discovers-placement-laundering-attack-in-safeframe-300252170.html