Cleaning up misleading advertisements

The Microsoft Malware Protection Center is committed to protecting our customers and their Windows experience. We use our evaluation criteria to determine if a program should be detected by our security products. As the software ecosystem evolves, so does our evaluation criteria.

We are currently updating our evaluation criteria to address new technology changes, industry trends, customer feedback, and our desire to help better protect our customers. We are working with the industry and our partners to understand and implement these changes.

One of these changes will enable our systems to better detect misleading advertising. There has been a recent increase in the number of online advertisements that are intentionally misleading in nature. We’ve found that these types of advertisements often try to convince a user to do something, the consequences of which they may not fully understand, such as visiting an infected website or downloading a program that can negatively impact their browsing experience.

We will enforce our updated evaluation criteria from June 1, 2015.

Changes to our unwanted software evaluation criteria

We are including the following updates to our objective criteria:

Advertisements: The advertisement should not mislead you into visiting another site or downloading files.

Advertisements shown to a user:

  • Must not mislead or deceive, or confuse with the intent to mislead or deceive
  • Must be distinguishable from website content
  • Must not contain malicious code
  • Must not invoke a file download

Misleading advertisements

Misleading content

The following examples show some of the advertising types that are considered misleading according to our updated evaluation criteria:

misleading advertising

Figure 1: Examples of misleading advertising

Misleading downloads

Another example of misleading advertisements are those that prompt a download when the advertisement is clicked. This reduces user control over their browsing experience. The expected behavior is that the program will be downloaded from a product landing page, and not directly from an advertisement.

Indistinguishable content

Advertisements that make it difficult to tell whether a user is looking at website or advertisement content will also be detected as misleading. In many cases these ads are created so that a user doesn’t realize that they are looking at an advertisement.

Malicious code

Advertisements that include malicious or exploit code are already detected. However, our updated evaluation criteria is now more explicit. Such behavior is not tolerated.

Enforcing our criteria

When SmartScreen Filter is turned on, Internet Explorer will notify you about sites that contain an advertisement that is detected under our evaluation criteria. The warning will look like the following example:

Smartscreen Filter warning

Figure 2: SmartScreen Filter warning for a webpage with misleading advertising

For more information about how this technology works, see the SmartScreen Filter page.

Michael Johnson and Barak Shein

Comments (10)

  1. leelo7 says:

    Why wait till 1 June, do it now!

  2. Federico says:

    Hello yeah! This *** is the cancer of the web.

  3. Peter Whitehouse says:

    I take it this applies to Spartan/Edge as well?

  4. Craig Herberg says:

    This looks like a great development. I hate it when people are tricked into installing spyware and trojans, thinking they are solving a problem!

  5. cleaning service tips says:

    I like the clean up check-list and the
    tips about the page elements. Do you think it is a good idea to close
    comments on some posts? I used to do it but then a friend of mine
    said it is not a good idea and I stopped.

  6. adwbust says:

    i prefer that smartscreen block the offensive/rogue ad servers rather than the whole site. but at least, i guess that would straighten up "nifty" site owners and force them to choose safer, reputable revenue streams or they'll lose visitors indefinitely
    lol. better yet, just use TPLs to block those ads. at times though, TPLs cant block some of them due to limitations. use a browser other than IE. 😀


    when I get Microsoft edge for windows 7 sp1 professional

  8. Icarus51 says:

    It does work. It blocked the website of an unscrupulous business firm that I had encountered. Now more honest advertising is needed on the search engines. I don't object to tech support firms when then advertise for a software firm's customers unless they
    conceal their identity then it becomes a con game. Undoubtedly it happens to other customers. Too many ads focus on the service but don't list the name of their business in the ad. Why can't an agreement be reached that any ad placed by a business, must contain
    their name?.

  9. adwbust says:

    if you have android, you will know that most ads now redirect you to a scareware page that may lead to a site, apk download or open play store. chrome’s safebrowsing is useless against it. i have yet to see such ad redirect if using a windows phone. if ever that trend goes to windows phone, i hope smartscreen filter is ready. 🙂

    maybe microsoft should lease smartscreen filter (cloud) service to google to supplement safebrowsing since safebrowsing is used by chrome, firefox, safari, opera, etc. include download reputation service? microsoft will earn money while keeping users of other browsers and other OS safe. 😀 but yeah i understand, google might pilfer the smartscreen database and technology so probably not good idea. why not release edge browser with smartscreen to other OS (pc and mobile)? that’s a good compromise? 🙂 but yeah that might over extend microsoft and just be a waste of resources…but that might increase user share of microsoft web services like bing and enable you to collect data/metrics on why a certain mobile OS is more popular than windows phone… 😀

  10. R. Price says:

    I was hoping to find some info on why MS Edge browser is throwing a False Positive on an Amazon Affiliate store I setup at
    Google Adsense is installed and working fine. There are no misleading ads or anything else like the examples above. I clicked the ‘Safe Site’ button when it displayed, closed/re-opened the browser, still getting the ‘potential’ phishing site warning. Hopefully this issue will auto-correct on it’s own soon.