[r1ch]

Adwords is becoming increasingly bad with these kind of ads lately. Yahoo are lucky that they don't have the automatic redirecting version that simply takes visitors away from your site onto these fake landing pages. Most of them seem to be coming from compromised adwords accounts.

As a publisher it's very difficult to do anything about this since Google apparently let adwords publishers insert arbitrary javascript into their ad code. This makes it so the ad creative and "destination domain" in the review center mean absolutely nothing, and since the JS won't execute from the review center you have no idea which ads are responsible.

[coldpie]

I have no idea why ad networks don't have two fields for advertisers: a plain PNG image and a URL to link to. I guess the answer is somehow "money," but I feel like client websites would have enough incentive to switch to the network that works this way to avoid this BS for their users.

[phamilton]

Most ads use multiple tracking pixels for various 3rd party analytics and measurement. Some of these analytics require runtime inspection of the page to confirm things like domain, viewability, height and width, page language,etc. So your average ad requires loading a dozen empty images ("pixels") and running a bit of JavaScript.

[coldpie]

And people are baffled when they learn I use NoScript.

[wdr1]

As others have pointed, it doesn't look like this a Google ad. However, as a publisher, you do have a fair bit of control. You can choose to only allow text ads, and you can also block specific advertisers, categories & the like.

https://support.google.com/adsense/answer/180609?hl=en

[r1ch]

Unfortunately even the simple HTML 5 image ads (rendered using canvas) can have malicious scripts in them. The only way to stop the bad ads would be to only use text ads from Google which would likely lead to unsustainable revenue loss.