Go to top of page

Malvertising, are you at risk?

29 September 2017

Malicious advertising (or malvertising) is a rising concern for internet users and it’s as pervasive as they come. 

Malvertising is the use of legitimate online advertising to distribute malware with little to no user interaction. Malware is a contraction of ‘malicious software’. It refers to any software written to harm data, devices or people.

Hackers bury malicious code into ads, pay legitimate online advertising networks to display the infected ads on various websites, and in this way, expose users visiting these sites to the potential risk of infection. Legitimate advertising networks and websites are generally unaware they are serving malicious content.

You could be browsing your favourite news site or watching some YouTube clips and be exposed to this malware—without clicking on the ad.

Malvertising is becoming more popular with cyber criminals as it spreads easily, bypasses firewalls and other security measures and appears on legitimate websites and within legitimate advertising.

Essentially, it’s hard to identify and hard to guard against. Safe browsing habits will protect you against most threats—but not this one.

Malvertising targets prominent, high traffic websites and an estimated 70% of malvertising campaigns deliver ransomware.

How to stay safe

Unfortunately, if you use the internet you can’t avoid the risk of malvertising completely. But you can take steps to protect against it:

  • Use an ad blocker—ad blockers will stop you seeing most ads (including malicious ones), however, many prominent news sites will request users disable ad blockers to view content, as they rely on advertising for revenue.
  • Close browsers when not in use—online ads are usually refreshed every minute or more, so closing your browser will limit the number of ads you are exposed to, reducing your overall risk.
  • Keep your software updated—update your operating system, run the latest browsers, and remove any unnecessary software (especially Flash and Java). If you need Flash or Java, utilise your browser’s built-in features to restrict automatic actions such as executing Flash or Java content and make sure they are always updated to the latest version.
  • Practice safe browsing—it won’t protect you from malvertising sitting on reputable sites, but it will protect against other malware threats—and it’s always a good idea.

Read more about browsing the web safely.