What is malvertising and do you need to be afraid of it? The answer is a resounding yes...
Malicious advertising, also known as malvertising, is spreading across the digital world like wildfire. In fact, according to security company, RiskIQ found that malvertising increased by almost 19% from quarter one to quarter two of 2017, and it’s an area that is constantly changing and evolving.
When you look at the financial return, it’s easy to see why. In a joint report by the Interactive Advertising Bureau and Ernst & Young, the estimated annual cost of malvertising stood at £795 million.
With SMEs firmly tapping into the digital marketing and online advertising trends, this figure represents a real threat to businesses. If a virus or worm manages to infect your network it could result in severe disruption to operations across the board.
One of the biggest problems facing businesses in this area is that malware is decidedly hard to spot. Malvertising authors work by hijacking authentic online advertising platforms and implanting their own malware-laced adverts into unsuspecting websites. Users are then easily tricked into clicking, which can lead to all types of damage including:
- Altered files
- Identity theft
- Financial loss
- Stolen data
Malvertising can inject spyware onto computers and systems, embed ransomware, or load nuisanceware that can hinder a computer or network’s regular functioning. In the most severe cases, the malware can even turn infected machines into bots to produce more malware or carry out DDoS attacks.
One of the most recent serious incidents involving malvertising was reported back in January 2018 when researchers uncovered a huge malvertising operation which bought approximately 1 billion ad views under the guise of 28 fake ad agencies. Dubbed Zirconium, the malvertising group managed to reach 62% of ad-monetised websites every week and attacked users with forced redirects with the purpose of employing affiliate fraud or malware infection of systems.
How exactly does malvertising work?
While the word ‘malvertising’ in and of itself seems to suggest just one mechanism of infection, it actually spans a variety of forms of malware adverts that include toolbars, adware, email, and website corruption. Whatever the form, the goal is always to infiltrate third-party computers.
There are two main ways in which malvertising usually works...
1. Tricking users into clicking an ad
Users are taken to a fake website, instead of the advertiser’s website. The redirected page is full of malicious code, which ensures infection of the computer or system. One way this works is using pop-ups, like a fake alert that tells users the computer is infected and that they need to download the given software to fix it.
For most businesses, the risk here is mainly via employees accidentally clicking on malware. This malware could very quickly get hold of your data or cause disruption. For companies that trade online, or have a customer-facing business, customers could also be at risk by visiting your website and clicking on an infected ad. This could damage brand reputation for you, and cause loss of money for the customer.
2. Drive-by downloads
This version of malvertising works without the user’s participation. A machine can be infected just by a user unwittingly visiting a site that contains malicious adverts. The download is added to the computer system silently and malware is installed, causing disruption and potentially stealing valuable information.
Here's how to prevent malvertising from harming your business...
1. Install all security patches
Maintaining good patch management is key to preventing malvertising. Not regularly and consistently install patches will weaken your security and allow potential malvertisers to much more easily infiltrate your network and systems.
2. Enable click-to-run ads
If you have adverts on your website then make sure they are not automatically loading when a user visits. By making sure Flash doesn’t automatically play adverts you are ensuring there is added layer of protection for those using your website, as malvertisers won’t be able to run their exploit kits as easily.
3. Invest in adequate security software
Anti-virus and anti-malware software is a necessary investment if you really want to protect your business and customers from adverts. Ensuring you have the necessary web security will keep you safer from attack. A multi-layered security solution provided by a managed IT support provider can really help.
4. Consider blocking ads
If you don’t rely on adverts as a source of revenue, and you only need to protect yourself from malvertising that could be contracted by employees mistakenly clicking on bad links then it might be a good idea to install an ad blocker on your company computers.
5. Think about employee internet usage
Consider how your employees use the internet and what kind of access they have. The majority of malvertising threats come from large popular websites such as Ebay, Forbes, Yahoo, and more. If your employees do not need to access to these kinds of websites you might consider restricting them to avoid potential malvertising attacks. This is quite a severe tactic, but it will offer you a good level of protection.
6. Train your employees
According to a study led by CompTIA, human error accounts for 52% of data breaches. Despite this, businesses still tend to rate human error in security as not that big of a deal. However, training employees to be aware of the risks of malvertising is a strategy that really pays off. Make sure to have a policy on safe internet usage and ask employees to adhere to it.
At Xenace, we offer customisable web security solutions to keep your business safe from malware. Contact us now for a quick chat about how we can help you.