HomeResourcesAuthenticationResources

Resources

Resources developed by OTA and OTA members to enhance business and consumer protection from cybercrimes and deceptive business practices including  identity theft, spam, phishing, privacy exploits and account take-overs.

The working group works to help identity risk to the interactive advertising and content publishing ecosystems and facilitate multi-stakeholder best practices. One of the keys areas of concerns is malicious content and advertising known as "malvertising", is the cybercriminal practice of injecting malicious or malware laden advertisements into legitimate online advertising networks and syndicated content. It can occur through deceptive advertisers or agencies running ads or compromises to the ad supply chain including ad networks, ad exchanges and ad servers. It is a growing threat to the integrity of the ad supply chain and vector to distribute malware to unsuspecting users. A malicious advertisement exhibits behavior including, but not limited to, conducting a drive-by-download, delivering deceptive downloads such as fake anti-virus pop-ups and/or redirecting the user to sites that the user has not elected to visit.
As society and business become increasingly reliant on data, the threat landscape continues to exponentially expand. Online services introduce stronger and more innovative defenses against cybersecurity threats with each passing year. Unfortunately, cybercriminals simultaneously create new techniques and deceptive tactics that outpace such efforts. The result underscores the need for businesses to make security and data protection a priority, and to be prepared for a breach incident.
Email is the dominant form of online communication for citizens, businesses, and governments. The ubiquitous and open nature of email has also provided criminals with an ideal platform to perpetuate fraud, with upwards of 90% of today's email consisting of spam, phishing, identity theft attacks, attempting to capture personal and sensitive information, spread malware, and take-over a user's device.
Malicious threats continue to undermine online trust, compromising web sites, mobile apps, email as well as syndicated content and online advertising. OTA working groups and member committees work cross the ecosystem to address such threats including botnets, DDos attacks and threats to the content publishing and advertising supply chain. Efforts including blocking and detecting malicious email, spear phishing and malvertising.
Adhering to best practices, operational discipline and emerging standards in both web and mobile applications is paramount to to staying ahead of the cyber criminal. Thorough benchmark reporting, OTA continues to discover misconfigured servers and mobile apps which are vulnerable to abuse.