What is Malvertising?

Cyber Security

There are 560,000 new pieces of malware detected every day, according to a report by AV-Test Institute. Malware is one of the most notorious threats to cybersecurity out there. However, there's a lesser-known type of malware called malvertising. Malvertising is a trap anyone could fall for, and businesses are susceptible to it.  

What is Malware?

Malware is malicious software designed to cause damage to a computer, server, user, or network. In relation, malvertising campaigns are when malware is incorporated into online display ads.

It’s typically found on web browsers and other internet-connected programs that look like legitimate websites, which is why many people often get fooled. After users click online ads, hackers can quickly access sensitive information such as usernames, passwords, credentials, etc. 

 

How Does Malvertising Work? 

Malvertising is a type of clickbait and extremely easy to fall victim to. Because it’s often found on legitimate popular websites, people find clickable ads that they believe are trustworthy.

Advertisements can come in the form of an infected ad, which can sometimes be harmful just by clicking on it. Others must be downloaded, and the malware can cause significant damage once they are. 

Cybercriminals obtain malvertising simply by purchasing an ad space from an advertising network and embedding the ad with malicious code. Some legitimate sites will run these ads on different landing pages believing they’re verified, which is how they gain such a large platform to promote themselves.

Some of the advertisements require being downloaded, and once they are, they can begin infecting your device. Until they’re discovered and removed, they’ll continue to wreak havoc on your computers and network.

 

What Are Some Malvertising Examples & How Can They Harm My Business? 

Once the cybercriminal has access to confidential information, they can release or delete it at their choosing. They can gain access through a variety of crafty methods. There are several forms of harmful malvertising examples that should be avoided, which include the following: 

 

Pop-up Ads: 

Websites often use pop-up ads to provide additional information on a product or service. They’re a way to advertise online without being overly disruptive. You could get unwanted or untrustworthy pop-ups by downloading content such as images, free music, free movies, etc. These pop-ups can be malicious and, when clicked upon, may infect your computer with viruses or give someone access to sensitive information. For this reason, it’s essential to be careful with the sites you choose to visit and what you’re clicking on. 

 

Banners: 

Banner ads are used to attract people to click on them. They often highlight fake deals, coupon codes, or warning signs to scare you into thinking you have a virus. Or they could be any content that’ll grab your attention. They can look natural, so it’s essential to be careful when clicking on them.

 

Video Ads: 

Videos are an easy way to grab the attention of website viewers. Video ads often consist of games, sports, celebrity news, or even a current event that will incentivize you to click on them. 

 

Inline Frames: 

An inline frame is an HTML feature used to embed videos, documents, and media into a page. You can include content from other sources and integrate the content anywhere within your page. Inline is a great tool, but it can be very harmful when hackers get a hold of it. Hackers embed inline frames with trafficked websites and redirect them to a malicious page. 

 

Who Can be Infected by Malvertising? 

Several highly credible sites have been affected by malvertising, including The New York Times, The London Stock Exchange, and The Atlantic.

With malvertising, most people, if not everyone, are targets. Hackers can access sensitive information, deceive people, and convince them to give personal information or pay money, or even prohibit your ability to use your computer. 

 

How Do You Avoid Malvertising? 

Although they can be tricky and difficult to detect, there are steps your business can take to help avoid falling victim to malvertising.  

  • Install antivirus software to protect against drive-by downloads or malicious codes. 
  • Install Ad Blockers, which will block all ads and minimize your risk of clicking them. 
  • Keep your browsers and plug-ins up to date to prevent malvertising attacks. 
  • Be careful not to click on anything that you’re not 100 percent sure about–always be on the side of caution.

Protect Your Business From Cyber Threats 

To stay safe from becoming a victim of this scheme, we recommend speaking to a professional who can walk you through the necessary precautions you and your users should take to protect your identity. Usherwood employs a team of experts up to date on all the recent cybersecurity threats and how best to avoid them.  

We have many services that can help protect your business against all malicious actors. To learn more about other cyber threats, look at our “Common Cyber Threats to Look Out For” article or reach out to us for a tech evaluation. 

Get a Tech Evaluation

About Darrian Breedlove, Content Writer

Darrian Breedlove is Usherwood's Content Writer. She manages Usherwood's message by integrating educational content into our company culture.