Many people find advertising irritating when trying to browse or buy online. However, malvertising – effectively turning adverts and pop ups into a malware delivery channel – takes this to a new level. There are two ways in which malvertising is used by hackers and fraudsters – the first is to use all means necessary to try to convince a user to click on and download malicious software. The second is to attack web browsers, and related software such as the Adobe Flash plug-in, using holes in software security to force your machine to access, download and then run malicious software. Malvertising is not new but it is gaining traction – so, what do you need to know about it?
1. Ad blocking won’t solve the problem
Although millions is spent on ad blocking every year, this isn’t the only way that malware can make it onto your device or network and cyber criminals are well known for their ingenuity and forward thinking when it comes to finding new channels through which to deliver their wares, from emails to message programmes.
2. Malvertising relies on ad networks to deliver the malicious code
This makes it difficult for consumers to judge what is malvertising and what is not. It’s also hard for the networks to make these distinctions as the malvertising is uploaded to the ad network and paid for as it is were a real piece of advertising.
3. Malvertising is more effective
Because it doesn’t have to direct you to a malicious website in order to achieve its aim of getting malware into your system it’s not as conspicuous as some other malware delivery methods. Instead, the malware can essentially sit on a legitimate website and wait for someone to click on the advertising link – there is no need to trick or persuade a consumer other than to produce a click-worthy ad.
4. Most malvertising attacks have historically taken place against Windows systems
However, the first attack against Firefox on Windows, Linux, and Mac happened recently so no system is safe.
There are steps that you can take to protect yourself against malvertising:
– Make sure any plug-ins that you leave installed are updated to the latest version.
– Ensure your web browser is regularly updated too.
– Install an ad blocker that you know how to use but don’t rely on it to be an entire solution.
– Use a security vendor you know will be on top of the latest malware developments.