Don’t click on that ad!
Stay away from sketchy websites if you don’t want to get infected. Sounds familiar, right? But does that mean that legitimate sites are always safe? Unfortunately, no. The risk comes from the ads embedded in the sites that may infect your computer.
But, how could a legitimate site embed a malicious ad, you may ask incredulously? Read on…
More information:
What is Malvertising
Microsoft
Malvertising
Malwarebytes
Why are you seeing so many bad digital ads now?
New York Times
To protect yourself from Malvertising, you can take the following steps:
- Be wary of suspicious ads: If an ad seems too good to be true, it probably is. Don’t click on ads that offer free stuff or outrageous enticements.
- Educate yourself: Recognize the difference between a browser popup and a windows popup. Malware may try to impersonate windows messages and warn you of “infections”, when they are nothing more than a powerless image posing as a Windows message.
- Keep your software up to date: Malvertising criminals often target vulnerabilities in outdated software. Make sure you update your operating system, web browser, and other software regularly.
- Use antivirus software: Antivirus software can help detect and remove malware from your computer. Make sure you keep your antivirus software up to date.
- Install an ad blocker: Ad blockers can help prevent Malvertising from appearing on your screen in the first place. However, some websites may not function properly with ad blockers enabled.
Almost all of us are annoyed by ads on websites. At best, they slow the page load by downloading extra, unsolicited, information which is often in the form of video (whose movement aims to grab your attention). At worst, the ad may link to a malicious site, or even download malicious software without you doing anything. Welcome to the world of Malvertising.
Malvertising, or malicious advertising, is a type of cyber attack that uses online ads to spread malware, potentially unwanted programs (PUPs), and other scams. Malvertising can appear on any site, even legitimate ones you visit as part of your everyday Internet browsing.
Legitimate and reputable websites sometimes display Malvertising because they do not directly control the ads that their visitors see. Instead, they delegate this task to a complex network of online ad companies that display ads targeted to each individual (based on the dossier of information collected about them).
The online ad industry relies mostly on “programmatic advertising,” a system that allows millions of advertisers to bid for and place ads on countless websites. The system uses computers to automate the process of bidding for available ad spaces, often in real-time. Therefore, the legitimate website you are visiting is responsible for choosing the online ad company but not the ads displayed. You are getting Malvertising because the online ad companies are failing in their responsibility of blocking malicious actors from bidding for and winning slots in their system.
How do Malvertisers try to infect your computer following steps:
- Luring ad: These ads, which usually have accompanying (and often salacious) images, try to entice you to click them by promising some specious information, or an offer that is too good to be true.
- Tech Support Scam: These ads use invisible web page elements to pop up alarming messages telling you (sometimes with accompanying audio) that your computer is already infected and that you should click a link or call a number to resolve the issue.
- Instant infection: Is this case Malvertisers exploit an unpatched vulnerability in your computer directly infect it. This is the most dangerous kind of attack because it does not require any participation from you and can happen in the background without your knowledge. Fortunately, this type of attack is not as common.
If you have questions about this, please let us know and we will be happy to assist you.
Take care,
