Malvertising Campaigns, coined by the combination of both malware and adverts, is nothing new. However, it has contributed to the rise of investment scams and new strains of malware. The most likely place to come across this is through your search results; you might have come across sponsored ads coming up as legitimate results on your search entry. All these tactics are used by cyber criminals to target their victims online.
The How
Cybercriminals rely on three methods to carry out malvertising campaigns.
· Placing malicious codes within an advertisement: Cybercriminals appeal to people’s emotion through alerts or baits to download free anti-virus software leading to malware infection after installing.
· Drive-by-download: Here, your device gets infected just by loading the website, hosting the malicious ads by redirecting you to malicious web pages to exploit your sensitive data.
· Exploit-kit: This is a form of malware which scans a computer system and then exploits its vulnerabilities.
Malvertising Campaigns
· Fake Software Updates: Clicking on these genuine looking updates leads users to malicious websites.
· Tech Support Scams: Scammers frustrate Windows and Mac users into calling fake tech support for help.
· Clickjacking: Users unknowingly trigger malware infection hidden by legitimate ads when they click on it.
· Phishing Attacks: Users are tricked into entering their sensitive data on a malicious website.
Impact
1. An employee whose device has been breached after clicking on a malware ad can cause the whole organization to be at risk.
2. Malvertising campaigns reduce traffic potential, leading to financial loss.
3. System Disruption, network crashes and downtime are usually experienced by organizations that have been breached.
4. Organizations spend money, time and effort to back their trust and establish their presence.
Prevention
1. Disable browser plugins by modifying your browser settings and reducing the number of plugins by default.
2. Always update your software, it reduces chances of malvertisements exploiting your system.
3. Use of Ad-blocker is encouraged
4. Only Install software from legitimate sources.
Remember to think twice before clicking on that ad!
.png)
.png)