What is Malvertising?

Oxford Dictionary defines malvertising as ‘the practice of incorporating malware in online advertisements.’ Short for malicious software, or malware advertising, this is the practice of attacking viewers or consumers with fraudulent information that is inserted into sometimes (but not always) legitimate advertisements.

How Does It Work

Malvertising works in conjunction with the online advertising ecosystem by initiating multiple redirects after the user clicks or views an infected advertisement.  This is done by cyber criminals hiding a small bit of code within legitimate advertising content.  This can be integrated into ad servers, publishing servers, or other platforms that work together to display online ads.  For example, the New York Times publishes content from its writers as well as content that is in partnership with businesses that have hired ad agencies to provide digital ads.  This means that there are multiple moving parts that work together to provide the ad interface and content for readers to access the ads.  Along with other legitimate sites like the BBC, The Onion, The London Stock Exchange, and many other websites, they have been injected with malicious ads that led to readers being hijacked and redirected to sites demanding a ransom to unlock their computers.

Because of the vulnerabilities of some browsers, the installation of the malware can happen simply by viewing the advertisement. Malvertising isn’t the actual virus, but it can lead to the deployment of one.  It is threatening because it isn’t always detected right away – or ever – and it doesn’t require action by the reader or viewer to be deployed and dangerous.

Not All the Same

Malvertising is not the same as ad malware or adware. Adware (short for advertising-supported software) is installed usually without knowledge from the user.  This can include pop-up ads that are automatically and repeatedly displayed without the ability to stop or control them by the user.

How Do You Stop It?

AllSafe IT recommends the following best practices:

• Deploy a multi-layered stack of security solutions like AllSafe IT’s Safe Total, which includes endpoint protection, advanced email security, multi-factor authentication, security awareness training and compromised credential monitoring.
• Make sure your browser is up to date to ensure that any vulnerabilities or bugs are patched.
• Train users to make smart cybersecurity decisions, as this is one of the first lines of defense when it comes to protecting a business from cybercrime.  While we can provide them with the latest plug-ins and software updates, they must be continually on alert in today’s threat landscape against the tactics that hackers will use to gain access to their network or disable their ability to work.
• Have a malware recovery plan. Speaking of preparing for the worst, make sure you have an incident response plan in place. This will enable your IT team to quickly mobilize when a malware attack starts and may even be able to stop an attack before data can be encrypted.

AllSafe IT is proud to have spent over 15 years providing IT services to hundreds of companies in many different sectors. Our specialized services are uniquely tailored to provide our customers with the reliability, protection, and fast services needed to ensure 100% uptime and maximized data security. From comprehensive and preventative cybersecurity strategies to 24/7 customer support, AllSafe IT understands the unique needs of your business.