Imagine you’re browsing the web when suddenly your PC slows down, pop-up windows appear, and your personal data is stolen.
Does that sound like something straight out of a cyber-thriller? Well, it’s actually the bitter reality of malvertising. This invisible threat disguises itself behind harmless ads and can cause a lot of damage.
Here’s a quick explanation of what malvertising is, how it works, and what you can do to protect yourself and your devices.
What is malvertising?Malvertising (short for malicious advertising) is the use of online ads to spread malware and/or redirect users to malicious sites.
Cybercriminals may place infected ads on legitimate websites, including ones you visit on a daily basis. These ads can infect your device with malware—even if you never click on them.
Related: The best PC antivirus software
How malvertising worksOnline advertising is complex, consisting of many different entities, processes, and services working together. As a result, there are numerous vulnerabilities that can be exploited by cybercriminals.
Here’s how a typical malvertising attack works:
Sometimes, the malware isn’t directly downloaded. Instead, the malicious code can intercept your browser requests and redirect you to fraudulent websites. These are called malicious redirects.
Malvertising vs. adwareMalvertising and adware are two different threats that are often confused with each other. Here are the main differences:
Malvertising spreads via legitimate websites. Cybercriminals don’t need to install anything on your device to display their infected ads. Infections often occur without you having to click on anything.
Adware requires prior infection of your device to become active. Once infected, you’ll start seeing ads in unusual places, such as browser pop-ups or system notifications.
If you think you’ve been infected by adware, learn how to remove malware infections from your PC.
The different types of malvertisingThere are many different methods that cybercriminals use to carry out malvertising attacks. Here are some of the most common:
Steganography: This technique hides malicious code in seemingly harmless images. Hackers change a few pixels so that the difference is invisible to the human eye, while the code is executed in the background.
Polyglot images: These images contain both malicious code and the scripts needed to execute the code. This makes them particularly dangerous as they can trigger multi-layered attacks.
Tech support scam: Malicious ads hijack your browser and ask you to call a hotline. The scammers on the other end of the line then try to get money or personal information from you.
With so-called “scareware,” you’re shown fake virus pop-ups that scare you into downloading malware disguised as solutions.
With so-called “scareware,” you’re shown fake virus pop-ups that scare you into downloading malware disguised as solutions.
Summit Art Creations
With so-called “scareware,” you’re shown fake virus pop-ups that scare you into downloading malware disguised as solutions.
Summit Art Creations
Summit Art Creations
Scareware: These are pop-up ads that claim your computer is infected with viruses and ask you to download a “solution.” This so-called solution is either useless or malicious itself.
Get-rich-quick scams: These ads promise high profits for simple tasks such as completing surveys or leaving reviews. In reality, they’re trying to steal your personal data or install malware.
Fraudulent software updates: You’re asked to download supposedly necessary updates that actually contain malware.
The dangers of malvertisingMalvertising can cause considerable damage. One of the biggest threats to regular people? Theft of personal data.
Cybercriminals use spyware installed via malicious ads to capture your personal information and pass it on them. In addition, fake websites can trick you into entering login credentials, which are then stolen.
Another danger is blackmail through ransomware, which can also be distributed via malvertising. Ransomware locks your files and demands a ransom if you want those locked files to be released.
There are also attackers who want to cause sabotage and chaos through malvertising. An infected device can compromise entire networks and cause significant damage by paralyzing businesses and agencies.
How to protect yourself against malvertisingOne of the most basic safeguards? Use reputable antivirus software—like AVG Internet Security, Bitdefender Total Security, or Norton 360 Deluxe—that offer real-time protection against malware and other threats.
Our current top pick for best antivirus Norton 360 Deluxe Read our review Price When Reviewed: $49.99 for the first year Best Prices Today: $19.99 at PCWorld Software Store | $49.99 at NortonRegular software updates are also essential to close security holes and protect your system from new threats. It’s important to always keep your software up-to-date to prevent attacks.
A secure browser is also key. Browsers with built-in ad blockers and real-time protection, such as AVG Secure Browser, can prevent malicious ads from loading in the first place. Ad blockers minimize risk by blocking ads before they reach your device.
You should also deactivate unnecessary browser plugins and only update the most necessary ones regularly. Browser plugins can be a gateway for malware, so stick to trusted ones when possible.
Smart web browsing practices are also helpful. Look for HTTPS encryption and complete terms and conditions pages to recognize fake websites. Learn how to identify phishing attacks and other scams.
Recognizing and dealing with malvertisingAre you worried that your device is infected? If so, the first rule is always the same—stay calm! Then, do the following steps in order to restore the security of your device:
With these measures, you can significantly minimize the risks of malvertising, keep your devices safe, and recover from potential attacks. Stay vigilant and protect yourself from this modern threat.
Antivirus, Security Software and Services