Malware comes in many forms, and one of the most prevalent types is “malvertising.” This malicious advertising appears across various platforms, including social media, websites, and even Google search results.
Malvertising is becoming increasingly dangerous for two key reasons. First, hackers are leveraging AI to make these ads more convincing. Second, its prevalence is rising rapidly. According to Malwarebytes, malvertising saw a 42% increase in the fall of 2023, compared to the previous month.
Staying informed about this online threat is crucial. Knowledge is your best defense, especially when it comes to malicious cybercriminals. In this post, we’ll help you understand what malvertising is and provide tips on how to recognize and avoid it.
What Is “Malvertising?”
Malvertising refers to the use of online advertisements for malicious purposes. A notable example occurred during the initial release of the PlayStation 5, when the high demand created an ideal opportunity for hackers. Numerous deceptive ads appeared in Google searches, misleading users into believing they were visiting official websites. Instead, they were redirected to counterfeit sites designed to steal personal information, including login credentials and credit card details.
While Google makes efforts to regulate its ads, hackers can often manage to keep their malicious ads running for hours or even days before they’re detected. These deceptive ads appear just like any other sponsored listing in Google search results.
Malvertising isn’t limited to Google. It can also appear on popular websites that have been compromised, as well as on social media feeds.
Tips for Protecting Yourself from Malicious Online Ads
Review URLs Carefully
You may notice slight misspellings in the URL of an online ad. Similar to phishing, malvertising often uses copycat websites. Always double-check links for any suspicious or unusual details.
Visit Websites Directly
The most effective way to protect yourself is to avoid clicking on any ads. Instead, visit the brand’s website directly. If there’s a legitimate “big sale,” it should be listed there. This advice applies to all types of phishing—simply skip the links and go straight to the source.
Use a DNS Filter
A DNS filter helps protect you from accidental clicks by redirecting your browser to a warning page if it detects a potential threat. These filters monitor for red flags and block access to harmful sites, ensuring your safety even if you inadvertently click on a malvertising link.
Do Not Log in After Clicking an Ad
Malvertising often directs you to a counterfeit site, where the login page may closely resemble the legitimate one. Phishers are typically after login credentials, which can be sold for a significant profit, especially for accounts on high-value sites like Netflix, banks, and others.
If you click on an ad, avoid entering your login credentials on the site, even if it appears legitimate. Instead, open a new browser tab and visit the brand’s official site directly.
Don’t Call Ad Phone Numbers
Phishing can also occur offline, with some malicious ads providing phone numbers to call. Unwitting victims may not recognize that the people on the other end are fake representatives involved in a scam. Seniors, in particular, are often targeted by malvertising scams, where they may end up sharing personal information with scammers over the phone.
Never call numbers listed in online ads. If you find yourself on a call, avoid sharing any personal information—simply hang up. Keep in mind, this is a sophisticated scam. Scammers often exploit emotions like fear and work hard to build trust in order to manipulate you.
Don’t Download from Ads
“Get a free copy of MS Word” or “Download a free PC cleaner” are typical malvertising scams. These ads lure you into clicking a download link, often offering a popular program or freebie. However, the link actually installs malware on your system, giving hackers the opportunity to cause further damage.
Avoid clicking on any download links in online ads. If you come across an ad offering a direct download, it’s likely a scam.
Warn Other When You See Malvertising
If you come across a suspicious ad, warn others to help protect your colleagues, friends, and family. If you’re uncertain, try searching the ad on Google—you’re likely to find scam alerts that confirm your concerns.
It’s essential to stay informed and arm yourself with knowledge. By sharing this information with others, you can help build a more cyber-aware community. This collective awareness strengthens online security for everyone and keeps you alert to emerging scams.
Article used with permission from The Technology Press.