Have you heard of Malvertising?
It’s the latest weapon used by cybercriminals. Malvertising is also known as malicious advertising.
Essentially, it is a malicious attack disguised as a legitimate piece of advertising. Cybercriminals inject code into inoffensive websites, directing readers to a malicious or fraudulent website which then infects their system with malware.
Malvertising takes advantage of large numbers of online ads that are submitted every day. Legitimate advertising networks don’t have the time or resources to scan every single submission for potential threats, meaning that malicious ads are mixed in with legitimate ones.
Confusing for both consumers and the companies and platforms who rely on advertising revenue and display ads on their sites. Some significant players who have inadvertently displayed and shared malvertising ads include The New York Times, Reuters and The Daily Mail.
How does Malvertising work?
Malvertising can work in two ways. The first way lures the reader to a website that’s infected. It triggers an alert that you have to click on. This could be telling you that your software needs updating or offering a free programme or video to watch. Once you click, you’re infected.
The other, possibly scarier way, is known as a ‘drive-by-download’. In this instance, you don’t even need to click on the infected advert to be infected, but just have to load the page it was on.
The infection will then redirect you to a landing page that then exploits the vulnerabilities in your browser or holes in your cybersecurity. From that point, the infection can install malware, ransomware, spyware or viruses on to your device.
How to protect yourself from Malvertising
There are several steps that you can take to protect yourself from malvertising threats. The first is to avoid clicking on unprofessional-looking adverts or on ads that offer free downloads. Anything that looks too good to be true probably will be. Additionally, avoid poorly built or unprofessional looking sites.
However, as we’ve already mentioned above, avoiding these won’t always work as malicious ads can appear on legitimate websites and can also affect your device even if you don’t click on them. As a result, it’s vital that you keep your security solutions up to date. Check that you have a reliable firewall and antivirus system in place. Ensure that your browser, software and operating system is up to date. Making sure that you have downloaded the latest patches will protect you against other threats as well. This will be especially important if you are running Windows 7 after January 2020.
If you are worried that you may have been affected by a malvertising attack or are concerned that your cybersecurity may not be up to scratch, get in touch with our team. Click here.