Imagine you’re browsing the web when suddenly your PC slows down, pop-up windows appear, and your personal data is stolen.
Does that sound like something straight out of a cyber-thriller? Well, it’s actually the bitter reality of malvertising. This invisible threat disguises itself behind harmless ads and can cause a lot of damage.
Here’s a quick explanation of what malvertising is, how it works, and what you can do to protect yourself and your devices.
What is malvertising?
Malvertising (short for malicious advertising) is the use of online ads to spread malware and/or redirect users to malicious sites.
Cybercriminals may place infected ads on legitimate websites, including ones you visit on a daily basis. These ads can infect your device with malware—even if you never click on them.
Related: The best PC antivirus software
How malvertising works
Online advertising is complex, consisting of many different entities, processes, and services working together. As a result, there are numerous vulnerabilities that can be exploited by cybercriminals.
Here’s how a typical malvertising attack works:
- The purchase of ad space: A cybercriminal buys ad space either directly on a website or through an ad network. These networks are intermediaries between advertisers and website owners, providing a platform where ad inventory can be bought and sold.
- Deployment of the infected ad: The cybercriminal creates a malicious ad that seems harmless with its images and/or text, but actually hides malicious code in the background. This ad is placed on the purchased ad space, usually on legitimate websites.
- Infection when the ad is loaded: When you visit a legitimate website, you likely have no way of knowing if an ad is malicious—and as soon as a malicious ad is loaded, the contained malware can be activated in various ways:
- Click-based infection: You click the ad, which activates the malicious code and downloads the malware to your device.
- Drive-by download: In many cases, you don’t even have to click on the ad. Simply loading the ad is enough to execute the malicious code and install the malware.
Sometimes, the malware isn’t directly downloaded. Instead, the malicious code can intercept your browser requests and redirect you to fraudulent websites. These are called malicious redirects.
Malvertising vs. adware
Malvertising and adware are two different threats that are often confused with each other. Here are the main differences:
Malvertising spreads via legitimate websites. Cybercriminals don’t need to install anything on your device to display their infected ads. Infections often occur without you having to click on anything.
Adware requires prior infection of your device to become active. Once infected, you’ll start seeing ads in unusual places, such as browser pop-ups or system notifications.
If you think you’ve been infected by adware, learn how to remove malware infections from your PC.
The different types of malvertising
There are many different methods that cybercriminals use to carry out malvertising attacks. Here are some of the most common:
Steganography: This technique hides malicious code in seemingly harmless images. Hackers change a few pixels so that the difference is invisible to the human eye, while the code is executed in the background.
Polyglot images: These images contain both malicious code and the scripts needed to execute the code. This makes them particularly dangerous as they can trigger multi-layered attacks.
Tech support scam: Malicious ads hijack your browser and ask you to call a hotline. The scammers on the other end of the line then try to get money or personal information from you.
Summit Art Creations
Scareware: These are pop-up ads that claim your computer is infected with viruses and ask you to download a “solution.” This so-called solution is either useless or malicious itself.
Get-rich-quick scams: These ads promise high profits for simple tasks such as completing surveys or leaving reviews. In reality, they’re trying to steal your personal data or install malware.
Fraudulent software updates: You’re asked to download supposedly necessary updates that actually contain malware.
The dangers of malvertising
Malvertising can cause considerable damage. One of the biggest threats to regular people? Theft of personal data.
Cybercriminals use spyware installed via malicious ads to capture your personal information and pass it on them. In addition, fake websites can trick you into entering login credentials, which are then stolen.
Another danger is blackmail through ransomware, which can also be distributed via malvertising. Ransomware locks your files and demands a ransom if you want those locked files to be released.
There are also attackers who want to cause sabotage and chaos through malvertising. An infected device can compromise entire networks and cause significant damage by paralyzing businesses and agencies.
How to protect yourself against malvertising
One of the most basic safeguards? Use reputable antivirus software—like AVG Internet Security, Bitdefender Total Security, or Norton 360 Deluxe—that offer real-time protection against malware and other threats.
Regular software updates are also essential to close security holes and protect your system from new threats. It’s important to always keep your software up-to-date to prevent attacks.
A secure browser is also key. Browsers with built-in ad blockers and real-time protection, such as AVG Secure Browser, can prevent malicious ads from loading in the first place. Ad blockers minimize risk by blocking ads before they reach your device.
You should also deactivate unnecessary browser plugins and only update the most necessary ones regularly. Browser plugins can be a gateway for malware, so stick to trusted ones when possible.
Smart web browsing practices are also helpful. Look for HTTPS encryption and complete terms and conditions pages to recognize fake websites. Learn how to identify phishing attacks and other scams.
Recognizing and dealing with malvertising
Are you worried that your device is infected? If so, the first rule is always the same—stay calm! Then, do the following steps in order to restore the security of your device:
- Until the malware is cleaned, refrain from logging into important accounts so your personal data is protected.
- Disconnect from the internet to prevent the malware from transmitting data and causing further damage.
- Restart your device in safe mode. This will allow you to safely scan your system to isolate potential threats.
- Delete temporary files (e.g., using Disk Cleanup or similar tools) to remove potentially malicious files.
- Check for suspicious programs that might indicate malware. To do this, open the Task Manager and look for programs that are using an unusually large amount of memory or CPU power.
- Run a malware scanner to identify and remove infected files.
- Repair your browser by reinstalling it or deleting unwanted plugins.
With these measures, you can significantly minimize the risks of malvertising, keep your devices safe, and recover from potential attacks. Stay vigilant and protect yourself from this modern threat.
This article originally appeared on our sister publication PC-WELT and was translated and localized from German.