Hot Features
Premium
Register for streaming realtime charts, analysis tools, and prices.
Summer’s over, and it’s not just the kids heading back to school. Cybercriminals seem to be following suit. Avast senior malware analyst says that data shows a significant jump in cyber threats detected across various channels in September compared to the carefree summer months. Malvertising, where sneaky ads hide malicious code, saw two especially sharp spikes.
This September surge likely coincides with the shift back to work and school routines. With everyone reconnecting online, cybercriminals see a golden opportunity. They might be counting on this busier period to spread malware or steal personal information through increased online activity.
What is Malvertising?
Malvertising is short for “malicious advertising.” It’s a sneaky tactic cybercriminals use to infect your devices with malware through online advertisements.
Imagine you’re browsing the web and see a cool ad for a new game or a great discount on something you want. You click on it, and bam! Malicious code hidden within the ad infects your device.
Here’s how it works:
• Hiding in Plain Sight: Malvertisers sneak malware into seemingly legitimate ads displayed on websites you visit. These ads can look just like any other ad, making it hard to tell the difference.
• Targeting Networks: Cybercriminals may target legitimate advertising networks with their malicious ads. These networks might not even be aware of the hidden malware.
• Infection Methods: Once you click a malvertising ad, the malware can infect your device in various ways, like:
Drive-by Downloads: The ad exploits vulnerabilities in your software to install malware automatically without your knowledge.
Redirects: The ad redirects you to a malicious website designed to steal your information or infect your device.
Malvertising Mayhem: From Pushy Notifications to Phony Finance
Malvertising is constantly evolving, but here’s a glimpse into two sneaky tactics making the rounds this quarter:
Push Notification Pestering: Imagine browsing a website and suddenly having a barrage of “Allow Notifications” pop-ups bombard you. This is a push notification scam, often disguised within a redirect chain. These deceptive pages have one goal: to trick you into clicking “Allow” and unknowingly subscribing to a stream of spammy notifications.
Mobile users, beware! Malicious push notifications can mimic system alerts, appearing as missed calls or unread messages. Once clicked, they can bombard you with unwanted ads or even lead to phishing attempts.
Social Media Shenanigans: Social media platforms, considered safe havens by many, are unfortunately breeding grounds for malvertising. Scammers exploit these platforms’ targeted advertising to create eye-catching ads, often featuring celebrities or trending topics. This approach makes them highly effective, as they blend in seamlessly with your social feed.
One recent example involved fake ads promising a lucrative “Elon Musk/Tesla” investment opportunity. Clicking on them led to phony websites mimicking BBC News or other reputable sources. These deceptive sites lured users into submitting personal information through a registration form, which then became the scammer’s key to contacting victims via phone for real financial exploitation.
The takeaway? Be cautious with online ads, especially on social media. Don’t be fooled by flashy visuals or familiar names. If an offer seems too good to be true, it probably is.
Shielding Yourself from Malvertising:
Malvertising can be tricky, but here are some smart habits to keep you safe:
• Be Wary of Unsolicited Contact: Don’t share personal information, documents, or financial details with unknown contacts, especially those initiated through online ads.
• Maintain Digital Gateways: Never provide remote access to your computer, and avoid logging into sensitive accounts (like online banking) while someone is connected remotely.
• Scrutinize Financial Transactions: Be cautious of requests to authorize payments or share bank codes.
• Security Essentials: Always have a reputable antivirus program installed and keep it updated.
• Minimize Banking Exposure: Consider setting lower transaction limits on your online banking and only raising them when necessary.
Remember: If an offer seems too good to be true, it probably is. Be skeptical of online ads, especially those that pressure you to act quickly.
Learn from market wizards: Books to take your trading to the next level.
