Malvertising – what is it anhow to detect it quickly?

As a heavy internet user, you probably see dozens of ads every day. Although it feels good to catch a great deal for a product you want randomly, sometimes it is you who might get caught.

Malvertising, or malicious advertising, is a technique for perpetrators to inject malicious code into any advertising network (even a reputable one) to spread malware.

That is, even if you see a tempting ad on a legitimate website, it might not be an ad of the brand you expected. Let’s discuss what malvertising is and how you can detect it quicker than cyber criminals want you to.

What is malvertising?

Malvertising is a malicious activity that manipulates browser-based advertising campaigns (created for you to want to click on it). Usually, this involves some form of social engineering (psychological manipulation) such as scarcity (or FOMO, or Fear Of Missing Out), free access, gifts, deals, or warning alerts.

Once you click on it, the ad redirects you to multiple servers. During these redirects, a tiny piece of code is downloaded and installed on your computer that sends information about your computer to the criminal command and control servers (C&C). Those servers will analyze data about you – location and software – and send you malware that your PC will be most vulnerable to.

How is malvertising different from adware?

As the name suggests, malvertising is usually mixed up with adware because they both include online advertising and damage that comes from them. Adware, differently from malware, runs on a user’s computer as a program (installed without the user knowing about it). Adware shows undesired ads, continuously redirects users to malicious websites and mines data about them.

Malvertising, differently, works only in browsers and apps and only while a user is viewing an infected web page.

Even most legitimate websites sometimes show malicious ads

Malvertising is dangerous because you can never be sure if an ad you are clicking on is a legitimate one.

Well-known and frequently visited websites and apps such as Spotify, New York Times , BBC, and WordPress have become victims of malvertising. That means trusting a legitimate website might not always be the best strategy. There’s more to it.

How to detect malvertising quickly and protect yourself?

• Make sure you have antivirus software that it is up-to-date.
• Be cautious of every ad you click – learn to recognize attention-grabbing words such as “free”, “best”, “attention”, “warning” and avoid clicking on them.
• Use adblocker. Although some websites will still ask you to stop it from running on their websites, you will still see considerably fewer ads overall. This means less malicious ads, too.
• Avoid using Flash or Java, Adobe reader, or Quicktime plugins – the majority of malvertising campaigns rely on exploiting the weaknesses of these plugins. Enable them only when you need them and make sure disable them afterwards.

Protecting yourself against well-thought malvertising campaigns is not that difficult. It is first essential to recognize stereotypically flashy, bright, and too-good-to-be-true ads that contain so-called “power” words. That should be enough to protect against most of the malicious ads out there.

Plus, if you use updated antivirus, ad blockers and avoid automatically running plugins, that should be enough to protect yourself even if you accidentally click on the ad.

All that said, educating yourself, as well as using the internet with caution and skepticism might be the best malvertising prevention strategy, as usual