It’s better to preview every creative before setting it live to catch bad behavior before it hits your site. Unfortunately there are some bad actors and it’s impossible to guarantee good behavior from a 3rd party tag.
What are some of the tricks a bad actor could play?
An ad could be setup to show two different creatives depending on the country or even city. Let’s say you’re in Los Angeles. You preview the creative and everything looks good. However, the advertiser has targeted all European users to see something else: auto-play audio or video, something offensive, who knows.. Note that this targeting happens on the advertiser’s own server. Sitting in Los Angeles, you’ll never know the difference! You could use geo-proxy to fake your location, but there’s no time to try every different geo.
The same trick works for devices, although at least the list is shorter and it’s easier to spoof a device than a geo.
It’s very common for an ad network to show PSAs (unpaid public service announcements) or show AdSense ads when they can’t verify the domain. This can happen when previewing ads. This is rarely malicious, but just a feature of certain ad servers. If you’re previewing an ad and get AdSense instead, there’s a good chance they’re doing domain detection. Check our other articles for a way to get around this.
An advertiser could show a static ad for 60 seconds, then replace it with an ad that auto-refreshes every 5 seconds. You click “preview” and everything looks good, so you don’t bother waiting because why would you?
The nature of 3rd party creatives is that they’re dynamically served from the advertisers own server. If the advertiser changes the code on their end, they can serve something completely different without notifying you first. An even trickier way to do this is to show a plain, boring creative until it gets 1000 impressions or even a few days, and then switch to auto-reload or something less user-friendly that cranks revenue for the advertiser. Everything looks good and you haven’t changed anything on your own for several days, making the problem very hard to track down.
How prevalent is the problem?
That’s very hard to say. It’s not pervasive, but the advertising ecosystem is incredibly dynamic and it does happen, either intentionally or not. Even the good guys can get hacked. There’s also plenty of disagreement over what constitutes bad behavior. What one company considers to be deceptive practices and terrible UX can be another company’s entire business model.
What can you do?
Unfortunately, not a lot! Several companies are developing services to improve this area. Be vigilant and take user complaints seriously. Be proactive in contacting advertisers about misbehaving ads and keep up your block lists.