If you think that online ads are just an annoyance, think again. One of the ways criminals harvest malware onto your computer is through the use of malicious online advertisements (malvertisements). Cybercriminals can serve them up by hacking into a trusted website and injecting their malware into third-party banners and online ads or first posing as a legitimate advertiser and then inserting malware into the code behind their ads after they have gained some traction. Both allow attackers to infect as many computers as possible in a short amount of time.
What makes malvertising attacks so powerful is that they can infect thousands of sites at once by infiltrating popular syndicated online ad services. Websites that run third-party ads can’t do much to protect their visitors from these malvertisements because syndicated ads are not under their direct control. After the damage is done, attackers can easily remove or discontinue their ad without a trace from an ad network infrastructure.
With some malvertisements, you do not even have to physically click on the malicious ad itself. Just having the malvertisement pop up on your screen is enough to unleash the malware onto your computer.
So, what can you do? Here are some tips that can help you protect your system.
• Make sure your operating system, browser, and browser plug-ins are up-to-date. This is one way to defend your system against attackers who look for opportunities to exploit vulnerabilities, like outdated software on your computer – this is a key tactic for today’s cybercriminals.
• Install an antivirus and two-way firewall and make sure your security software is up-to-date to keep your system protected from the latest malware attacks.
• Don’t click on any pop-ups that state you’ve won a prize. And beware of scareware pop-ups that claim your computer has been infected with a virus. These rogue security solutions are popular among cybercriminals who can use these applications to infect your system.
• Use your pop-up blocker or install an ad block add-on through your browser of choice (such as Firefox, Internet Explorer or Google Chrome). A pop-up ad can deliver a malicious payload as soon as the ad appears on the viewer’s screen. And in some cases, the malware will execute when the viewer clicks the “X” to close the pop-up window.
• Be especially careful of your browsing activity on the weekend. Cybercriminals tend to launch malvertising campaigns during off-peak times when IT resources are low and attacks are likely to go unnoticed.
Keep in mind that as companies continue to target people with online ads, malvertising will only become more prevalent. These are just a few ways to make sure any applications running on your system are legitimate and that you are never caught off-guard or tempted to click on what could quite possibly be not just an annoying but dangerous ad.