Online ads have been around for a long time now, and they are one of the most powerful online revenue generators. On the internet, anything that can make income usually attracts the bad guys, and they have been known to be in this niche for also a long time. Over the period, malvertising was a not a big problem such as ransomware. But over the last few weeks into 2018, almost every internet user has cried foul due to a new wave of ads which are misleading, hard to close and malicious. Attackers have taken their activities a notch higher, and now these malicious ads are popping up in top-tier websites including websites which host news articles and important content which users can read. This new wave kames matters worse by redirecting you to multiple spammy sites with malicious content.
In a nutshell, malvertising is when attackers buy ad space in legit and popular websites with a lot of traffic and then load the spaces with all kinds of malware that can be viable online. Most of these loaded ads are intrusive; they just won’t stop popping up. Its harder for site publishers to notice them until its too late. This is because at the moment there’s no way to discern if anybody buying an ad space has malicious intent. Its also hard due to the complexities involved when one is trying to detect or weed out malicious ads – unlike in the print media where ad owners submit their ads to publishers directly, online ad spaces involve complex exchanges and intermediaries. This is the case that makes it possible for you to experience ads on top-tier websites.
According to Chris Olson the CEO of The Media Trust,
“over the past two years, we have seen the amount of malware and mobile redirects, which might lead to malware, roughly double in the digital ad ecosystem.”
Media Trust is among the companies that provide security services for online publishers and ad providers. Other experts also say that the problem of intrusive and malicious ads worsens in the course of holiday and that the streak has not ended.
For instance, a security team from a company known as GeoEdge did a series of analyzing ad campaign behavior and found out that malicious auto-redirect activities generate over $1 billion in losses for publishers and marketers, an increase from last year. According to security experts, fighting unscrupulous ads is a cat and mouse game just like other issues in the cybersecurity realm. Every time experts come up with a mechanism to detect malicious ads; attackers also have a solution to bypass them through there army of developers.
Also, in alongside the malicious ads, researchers have discovered a surge in scripts that are used to mine cryptocurrencies; crypto jacking. Using a website, attackers use the scripts to tap into your devices’ CPU and tap its power to do some complex calculation. If you notice your devices hangs for some time when you visit a certain website, there’s a probability that you have been crypto jacked.
How to avoid malvertising
As a user, you can take the following steps to prevent malicious ads from exploiting you and your device.
- Get a good antimalware and antivirus software. Most antivirus software doesn’t have the capabilities of protecting your device when you are online. To combat malvertising, you must have defenses that can block malicious ads and other forms of cyber-attacks.
- Install an ad blocker. An ad blocker is one of the best things that can zap out intrusive ads, at times, they are bad to advertisers as they also block ads that are not malicious. But as a protection measure, an adblocker is a must.
- Disable Java. If you don’t like watching YouTube videos and other stuff that relates to streaming, you don’t need java enabled on your browser. This is a platform which malicious ads utilize open other more ads. Also use few trusted plugins, the fewer plugins, the lesser malicious ads you will get.
- Update your browser and plugin. Updates are good news as they patch vulnerabilities and other security loopholes which malicious ads use. Outdated or unsupported plugins also provide a backdoor for malicious ads.
Other times, you can also use a VPN to avoid geo-targeted ads.