In this article, we’ll discuss what malvertising is, how it works, and what you can do to protect yourself from them. <\/p>\n\n\n\n
What Makes Malvertising a Cyberthreat? <\/h2>\n\n\n
<\/p>\n
Malvertising refers to malicious advertisements that look real. These ads spread malware through legitimate websites. What makes malvertising particularly tricky is that users might not be able to differentiate between real ads and fake ones. After all, if an ad is displayed on a website that users trust, why would they question whether it\u2019s real?\u00a0<\/p>\n
<\/p>\n
<\/p>\n
If malware gets inside your device, it can:\u00a0<\/p>\n
<\/p>\n
<\/p>\n
- \n
- Gain\u00a0unauthorized access to\u00a0your\u00a0device,\u00a0\u00a0<\/li>\n
- Crash your system,\u00a0\u00a0<\/li>\n
- Monitor\u00a0your\u00a0actions\u00a0and capture sensitive information (such as passwords),\u00a0\u00a0<\/li>\n
- Encrypt and steal your data\u00a0via\u00a0a ransomware attack<\/a>,\u00a0\u00a0<\/li>\n
- Use\u00a0your\u00a0device\u00a0as part of larger\u00a0botnet attacks<\/a>\u00a0against others,\u00a0and\u00a0\u00a0<\/li>\n
- Engage in other\u00a0harmful activities.\u00a0\u00a0<\/li>\n<\/ul>\n
<\/p>\n
<\/p>\n
Scammers officially rent ad space on the reputed websites, insert the malicious codes in the advertisements, and publish them. The ads look genuine, tempting, and coming from a trusted source. The host website owner may or may not be aware that their website is displaying\u00a0malvertising.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
So, if you see an ad on a reputable website that promises \u201c25% off iPhones for Amazon Prime users,\u201d it might be a malvertisement. If you click on such an ad, you won\u2019t be redirected to the official Amazon website. Instead, it may take you to a malicious website or download malware onto your device. Either way, this is bad news for you.<\/p>\n
<\/p>\n
<\/p>\n
These are some of the popular websites that have been the victims of\u00a0malvertising\u00a0in the past:\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
- \n
- Yahoo.com,\u00a0\u00a0<\/li>\n
- Spotify,\u00a0\u00a0<\/li>\n
- London Stock Exchange,\u00a0\u00a0<\/li>\n
- MySpace,\u00a0\u00a0<\/li>\n
- The\u00a0New\u00a0York\u00a0Times,\u00a0\u00a0<\/li>\n
- Hindustan Times\u00a0<\/li>\n<\/ul>\n
<\/p>\n
<\/p>\n
\n![\"A](\"https:\/\/sectigostore.com\/blog\/wp-content\/uploads\/2020\/09\/image-4.png\")
\nImage source:\u00a0The New York Times\u2019 Twitter page<\/a>\u00a0<\/figcaption>\n<\/figure>\n<\/div>\n <\/p>\n
<\/p>\n
6 Types of\u00a0Malvertising\u00a0<\/h2>\n
<\/p>\n
<\/p>\n
Malvertisements\u00a0come in all shapes and sizes.\u00a0Hackers can even make invisible malvertisements using iframes\u00a0(which we\u2019ll discuss shortly)!\u00a0\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
1.\u00a0Content\/Text-Based\u00a0Malvertisements<\/em><\/h3>\n
<\/p>\n
<\/p>\n
Attackers\u00a0insert\u00a0malicious\u00a0codes in\u00a0simple\u00a0text-based\u00a0advertisements\u00a0on host websites, typically\u00a0in the sidebars\u00a0or in the\u00a0main\u00a0content\u00a0body.\u00a0Hackers might\u00a0also embed malvertising as\u00a0part of sponsored article\u00a0content.\u00a0\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
2. Banners<\/em>\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Attackers make advertisement banners in a way that they lure the website visitors into clicking on them.\u00a0Banner ads often display:\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
- \n
- Fake deals and coupon codes,\u00a0\u00a0<\/li>\n
- Fake virus infection-related messages to incite panic, or\u00a0\u00a0<\/li>\n
- Some other sort of tempting messages to indulge people in clicking on the banners.\u00a0\u00a0<\/li>\n<\/ul>\n
<\/p>\n
<\/p>\n
Attackers can also impersonate\u00a0reputable\u00a0companies and organizations, using\u00a0their logos\u00a0and product pictures to gain people’s trust.\u00a0\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
For example, look at the banner below. It looked like a genuine Bing ad offering a free advertisement credit. But it could be a\u00a0malvertisement, and when you click on it, you might be redirected to a spammy site, or\u00a0malware gets downloaded on your system.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
\n![\"A](\"https:\/\/sectigostore.com\/blog\/wp-content\/uploads\/2020\/09\/image-7.png\")
\n\u00a0<\/p>\n
Image source:\u00a0prophet.ca<\/a>\u00a0<\/figcaption>\n<\/figure>\n<\/div>\n <\/p>\n
<\/p>\n
3. Video\u00a0Ads<\/em>\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Attackers make catchy video ads to grab users’ attention. These malware-laden\u00a0videos look like legit product\/services ads, or they might even have\u00a0clips of\u00a0video\u00a0games,\u00a0popular sports,\u00a0celebrity\u00a0interviews,\u00a0breaking news, etc.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
4. Animated\u00a0Ads<\/em>\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Attackers misuse Java scripts or flash player while making animated\/motion ads and insert malicious codes in them.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
5. Inline Frames (iFrames)<\/em>\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
An\u00a0iframe is one of the HTML features\u00a0that\u00a0developers use to showcase one platform’s content to another. But attackers exploit the iframe mechanism by keeping its dimensions\u00a0set to 0 x 0\u00a0pixels. That means the website visitors can’t see any content, but the host website still carries\u00a0it. Malware automatically downloads after website visitors spend a couple of seconds on the website or accidentally click on the iframe-inserted part.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
6. Popup\u00a0Ads\u00a0<\/em><\/h3>\n
<\/p>\n
<\/p>\n
Popups are the small windows that suddenly open up when you are browsing a webpage.\u00a0Attackers\u00a0use popups for\u00a0malvertising. Fake virus infection and free virus removal tools’ popups are quite popular. Sometimes attackers show popups for a survey, polls, coupon codes, lightning deals for a limited period of time, free products, free\u00a0subscriptions, etc.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Check out the example below. The popup makes\u00a0you think that you think you are lucky to win a Costco gift card, but it can just be a\u00a0malvertisement.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
\n![\"A](\"https:\/\/sectigostore.com\/blog\/wp-content\/uploads\/2020\/09\/image-5.png\")
\n\u00a0<\/p>\n
Image source:\u00a0b3nac.com<\/a>\u00a0<\/figcaption>\n<\/figure>\n<\/div>\n <\/p>\n
<\/p>\n
How Attackers Publish Malvertisements On Legit Websites?\u00a0\u00a0<\/h2>\n
<\/p>\n
<\/p>\n
You might be thinking, why would any reputable platform allow scammers to publish compromised advertisements on their site? After all, this could ruin their reputation! The thing is, there are many layers and complexity involved in online advertising \u2014 lots of sites, networks, and servers. Let\u2019s explore how attackers get their malicious ads on legitimate websites.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
1. Use Third-Party Ad Distributors to Extend Their Reach\u00a0\u00a0\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Scammers\u00a0use third-party ad distributors\u00a0such as\u00a0Google\u00a0Ads\u00a0(AdWords),\u00a0AdPlugg, Propeller Ads, etc.\u00a0to display their ads on legitimate sites.\u00a0These third-party advertising\u00a0platforms have huge networks\u00a0of\u00a0companies that want to publish advertisements and website owners (publishers) that want to\u00a0earn income from\u00a0displaying\u00a0ads.\u00a0VentureBeat reports that\u00a0Google delivers\u00a030 billion<\/a>\u00a0ads\u00a0every day, and no one is going to\u00a0scrutinize each code in those ads.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Just like any other advertiser, the perpetrator also\u00a0makes\u00a0a\u00a0free account on such sites, creates\u00a0some\u00a0malware-loaded\u00a0advertisements, bids\u00a0for the keywords, and\u00a0specifies\u00a0the\u00a0daily budget\u00a0and the target audience. The ad distributors\u00a0display the ads as per web visitors’ browsing behavior on their large pool of network websites (including highly reputed ones).\u00a0This is how the attackers manage to post their ads on the reputed sites.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
In some cases, cybercriminals will steal legitimate advertisements from big name companies. But instead of linking back to those legitimate organizations, they\u2019ll instead link to their malicious websites.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
2. Rent Space Directly to Display Malvertising\u00a0\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Some website owners\u00a0(social media platforms, popular blogs, video streaming platforms, etc.)\u00a0offer\u00a0spaces\u00a0on their websites\u00a0directly to advertisers as rentals. They may opt to do this\u00a0instead of being part of\u00a0third-party ad distributor networks\u00a0to generate extra income.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Advertisers\u00a0display\u00a0many of the following on rented spaces:\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
- \n
- Ad\u00a0banners,\u00a0\u00a0<\/li>\n
- Videos,\u00a0\u00a0<\/li>\n
- In-line\u00a0text\u00a0ads, or\u00a0\u00a0<\/li>\n
- Even sponsored\u00a0articles.\u00a0\u00a0<\/li>\n<\/ul>\n
<\/p>\n
<\/p>\n
Some discussion forums like Quora\u00a0and\u00a0Reddit\u00a0allow advertisements\u00a0to post\u00a0in\u00a0Q&A format.\u00a0They charge fees as per the impression counts, the number of clicks, percentage of the sale, or as per the time slot\u00a0like\u00a0weekly, bi-weekly,\u00a0or\u00a0monthly.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Attackers\u00a0generally\u00a0put\u00a0benign\u00a0ads in the initial phase, and after gaining the trust of the\u00a0host\u00a0platform, they start adding malware in the ads.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
3. Take Advantage of Vulnerabilities on Host Platforms\u00a0\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Some hackers exploit websites\u00a0with weak security postures\u00a0by\u00a0manipulating them to display\u00a0their\u00a0malvertisements. In this method, the\u00a0affected\u00a0website owners\u00a0have\u00a0no clue that their websites\u00a0are\u00a0showing such ads, and they don\u2019t receive any money for such ads.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Examples of How Malvertising Works<\/h2>\n
<\/p>\n
<\/p>\n
You might be wondering, what exactly is going to happen if you click on a\u00a0malvertisement? Let\u2019s explore how attackers can defraud you\u00a0with\u00a0malvertising\u00a0examples and hypothetical\u00a0examples.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Hackers\u00a0Use\u00a0Malvertising\u00a0as a\u00a0Malware Delivery System\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
The\u00a0common types of malware<\/a>\u00a0that can be spread through\u00a0malvertisements\u00a0include\u00a0viruses, worms,\u00a0trojans,\u00a0and\u00a0root-kits.\u00a0The infected advertisements\u00a0insert\u00a0these\u00a0malicious codes or software onto\u00a0website visitors’ devices\u00a0to\u00a0execute various cyber-attacks against them.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Example 1:\u00a0Malvertising\u00a0Causes\u00a0Users\u00a0to Unknowingly Download Computer Viruses\u00a0<\/em>\u00a0<\/h4>\n
<\/p>\n
<\/p>\n
Bob\u00a0wants\u00a0to buy a\u00a0new\u00a0cell phone and\u00a0is\u00a0browsing\u00a0online\u00a0for a\u00a0good online deal.\u00a0He sees\u00a0an ad\u00a0stating,\u00a0“40% discount on any\u00a0Samsung\u00a0phone!”\u00a0on a deal-sharing website. He\u00a0gets\u00a0excited\u00a0and clicks\u00a0on the ad, which\u00a0takes\u00a0him to a genuine-looking ecommerce site.\u00a0When the page loads, it displays a message saying,\u00a0“Sorry, we are out of stock.”\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Disappointed, Bob closes\u00a0the tab and continues\u00a0searching for a good mobile\u00a0discount. But\u00a0what\u00a0Bob\u00a0doesn\u2019t know is that he isn\u2019t\u00a0returning\u00a0entirely\u00a0empty-handed. When he clicked on the advertisement,\u00a0he inadvertently downloaded a\u00a0dangerous virus on his device. This nasty little number\u00a0soon\u00a0crashes\u00a0his\u00a0entire system\u00a0and steals\u00a0all\u00a0of\u00a0his personal data!\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Example 2: Hackers Trick Users\u00a0<\/em>in<\/em>to Download<\/em>ing Trojans<\/em>\u00a0via\u00a0<\/em>Malvertising<\/em>\u00a0<\/em>\u00a0<\/h4>\n
<\/p>\n
<\/p>\n
Alice\u00a0is\u00a0scrolling her social media profile when\u00a0she sees\u00a0an ad\u00a0with clips of\u00a0an interesting\u00a0computer\u00a0game. Since she\u2019s\u00a0bored, she clicks\u00a0on the ad to play it. She\u00a0sees an\u00a0error message\u00a0stating\u00a0that the game will run only on the latest\u00a0Flash\u00a0Media\u00a0Player. The message also\u00a0includes\u00a0a link to install the latest\u00a0Flash player. So, Alice clicks\u00a0on the given link and follows\u00a0all the steps to install it on her PC.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
What Alice doesn\u2019t know is that it was a\u00a0trojan<\/a>\u00a0impersonating\u00a0the\u00a0media player.\u00a0A trojan\u00a0is a type of\u00a0malicious software\u00a0that cybercriminals\u00a0disguise to look like a legitimate computer program, application, or file\u00a0to\u00a0trick the users into downloading it.\u00a0Unknowingly, she has\u00a0just\u00a0installed and activated a trojan malware that can steal all her data, lock the files, and hijack the entire system.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
See how\u00a0a\u00a0trojan looks like in real life in the below screenshot. You think you are downloading a Flash player, but when you check the developer\/publisher’s name, you can see that it’s not coming from Adobe but some scam artist.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
\n![\"An](\"https:\/\/sectigostore.com\/blog\/wp-content\/uploads\/2020\/09\/image-6.png\")
\n\u00a0<\/p>\n
Image Source:\u00a0trendmicro.com<\/a>\u00a0<\/figcaption>\n<\/figure>\n<\/div>\n <\/p>\n
<\/p>\n
Malvertising\u00a0Leads Users to Phishing Sites\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
In the\u00a0phishing attacks<\/a>, the attacker impersonates a legit entity or the person to defraud the users. Phishing can be done via\u00a0emails<\/a>, phone calls,\u00a0SMS<\/a>, Wi-Fi\u00a0routers, websites, etc.\u00a0Malvertisements\u00a0redirect the users to\u00a0phishing websites\u00a0that look like replicas\u00a0of well-known, legitimate\u00a0sites. These\u00a0phishing websites\u00a0can make\u00a0users\u00a0download and install malicious applications or steal users’ personal\/financial information.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Example of\u00a0<\/em>H<\/em>ow\u00a0<\/em>M<\/em>alvertisements\u00a0<\/em>M<\/em>ake<\/em>\u00a0Users Victims of Phishing Attacks<\/em>\u00a0<\/em>\u00a0<\/h4>\n
<\/p>\n
<\/p>\n
John was reading an interesting article online when he\u00a0sees\u00a0an advertisement\u00a0mentioning that Macy’s has introduced a new store-credit card which will give a 20% discount on all the shopping done from their outlets. John\u00a0is\u00a0Macy’s regular\u00a0customer, so he obviously wants to take advantage of this\u00a0deal. He\u00a0clicks\u00a0on the ad, lands\u00a0on\u00a0what he believes to be the\u00a0Macy’s\u00a0website,\u00a0and fills\u00a0out a form to replace his current store credit\u00a0card.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
After submitting the form, John\u00a0also\u00a0receives\u00a0the message that\u00a0Macy\u2019s will send his\u00a0new card\u00a0soon\u00a0to\u00a0his residence. What John doesn\u2019t know is that website he filled out the form was a phishing website that looked exactly like Macy’s original site. And\u00a0instead of Macy\u2019s, the hackers have received\u00a0all the information he has filled out (name, email address, phone number, physical address, existing credit card details), and\u00a0they will make him a victim\u00a0of identity theft or financial fraud\u00a0pretty soon!\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Mavertisements\u00a0Spread\u00a0\u201cDrive-by\u201d\u00a0Malware\u00a0\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
Some types of\u00a0malvertisements\u00a0automatically\u00a0download\u00a0the malware\u00a0onto\u00a0website visitors\u2019 devices, even if they haven\u2019t\u00a0click on anything\u00a0or\u00a0press the download\u00a0button.\u00a0This type of malware is known as\u00a0drive-by malware<\/a>\u00a0because it doesn\u2019t require any actions from the users and auto downloads.\u00a0Drive-by malware can spread in many ways, and\u00a0malvertising\u00a0is one of them.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
It is quite difficult to\u00a0insert the drive-by malware\u00a0into a clean and reputed site. So, the attackers rent advertisement space and insert the drive-by malware in the ads.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Example of\u00a0<\/em>How\u00a0<\/em>Malvertisements\u00a0Deliver Drive-by Malware<\/em>\u00a0<\/h4>\n
<\/p>\n
<\/p>\n
Todd runs a successful traveling blog, which attracts more than a million website visitors every year. Todd\u00a0was\u00a0shocked\u00a0to receive\u00a0an angry email stating, “STOP SPREADING VIRUSES!”\u00a0But it didn\u2019t stop with one email. Within 24 hours, he received more than\u00a030 such\u00a0furious\u00a0emails complaining about \u201csuspicious software downloads\u201d when people visited\u00a0his website.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
He anxiously thought,\u00a0\u201cHow come I spread malware when I don\u2019t know a single line of coding or anything about hacking? I just write my blog content\u00a0<\/em>on<\/em>\u00a0a simple WordPress platform.\u201d<\/em>\u00a0\u00a0\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
What Todd doesn\u2019t know is that the person who is paying him a $100\u00a0a\u00a0month to publish\u00a0a\u00a0hotel\u2019s advertisement on his\u00a0blog is a hacker\u00a0and the real culprit behind all this mess. He has inserted\u00a0the\u00a0drive-by malware in the blog via advertisements. Whenever a website visitor visits Todd’s blog, they inadvertently\u00a0download the\u00a0drive-by malware in their devices.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
The people who are complaining are the lucky ones whose security software could alert them about\u00a0such malware\u00a0insertion. But the rest of\u00a0the unfortunate\u00a0website visitors\u00a0are not even aware of such\u00a0download\u00a0and\u00a0have become victims\u00a0of the drive-by malware attack<\/a>.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Hackers Use\u00a0Malvertising\u00a0to Distribute Exploit Kits\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
An exploit kit<\/a>\u00a0is an instrument to exploit the vulnerabilities of a software or application. Software vulnerability means errors or bugs in the software, which\u00a0hackers can use as loopholes to insert malware into\u00a0victims\u2019\u00a0systems. Exploit kits\u00a0contain\u00a0special codes that can scan the connected host’s systems, find the vulnerabilities, and deliver the payload as per the vulnerability type. Sometimes attackers use\u00a0malvertisements\u00a0to distribute exploit kits.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Example of How Malware Trick Victims\u00a0<\/em>in<\/em>to Download<\/em>ing<\/em>\u00a0Exploit Kit<\/em>s<\/em>\u00a0<\/em>\u00a0<\/h4>\n
<\/p>\n
<\/p>\n
Eva was watching a video online when an ad caught her attention, stating,\u00a0\u201cIs your device is getting slow?\u00a0<\/em>It might be due to virus infection<\/em>! Scan your device for FREE today!\u201d<\/em>\u00a0Eva immediately clicked on that ad because she was frustrated with her painstakingly slow laptop. As\u00a0the ad promised, the free antivirus program started to scan her laptop\u00a0right away without charging a single penny!\u00a0<\/p>\n
<\/p>\n
<\/p>\n
What Eva doesn\u2019t know is that\u00a0the security\u00a0software\u00a0is an exploit\u00a0kit\u00a0that is also scanning all the applications she has installed and\u00a0finding\u00a0vulnerabilities in them. After finding\u00a0various\u00a0vulnerabilities, the exploit\u00a0kit inserts\u00a0malware into some of her\u00a0applications, browsers, and software!\u00a0<\/p>\n
<\/p>\n
<\/p>\n
7\u00a0Malvertising\u00a0Protection Tips\u00a0<\/h2>\n
<\/p>\n
<\/p>\n
By now, you\u00a0likely have a better idea of what\u00a0malvertising\u00a0is and\u00a0how dangerous\u00a0it\u00a0can be.\u00a0Now, let\u2019s explore some basic ways to protect your device from\u00a0malvertisements.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Malvertising\u00a0Protection\u00a0Tips\u00a0for\u00a0Website\u00a0Visitors\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
1.\u00a0Use cybersecurity software to help identify threats:<\/strong>\u00a0Antivirus, antimalware, and anti-spyware software are going to be the first line of defense against\u00a0malvertising.\u00a0Some\u00a0programs\u00a0are signature-based, while others are behavior-based.\u00a0\u00a0If anything downloads to\u00a0your device,\u00a0these\u00a0programs\u00a0will alert you. Plus,\u00a0they\u00a0will scan all the downloads and installations and remove the\u00a0malware loaded stuff\u00a0from your device.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
2.\u00a0Manually check your systems to identify suspicious programs and files:\u00a0<\/strong>Manually check your download folder,\u00a0C:\/Program File,\u00a0C:\/Program Files (x86), and\u00a0C:\/Windows\/Temp\u00a0folders\u00a0for\u00a0any\u00a0unknown or suspicious\u00a0programs, files, and\u00a0software.\u00a0If you find an application that\u00a0you\u00a0didn\u2019t download,\u00a0you should do\u00a0some research\u00a0about it and its manufacturer\/developer online. This way, you\u00a0cano\u00a0ensure the program is legitimate.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
3.\u00a0Put ad-blocking software to use:\u00a0<\/strong>There\u00a0are some\u00a0adblocking software<\/a>\u00a0and browser extensions available in the market that successfully block the ads. They block all types of advertisements, whether they are harmless or malicious.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
4.\u00a0Keep your system patched with updated software:\u00a0<\/strong>Keep all your software components, applications, browsers, and operating system patched and updated to the latest version.\u00a0The old versions generally have security bugs that attackers can exploit to insert malware into\u00a0your\u00a0devices and IT\u00a0systems.\u00a0<\/p>\n
<\/p>\n
<\/p>\n
5.\u00a0Be vigilant\u00a0while surfing online:\u00a0<\/strong>If you are redirected to a website,\u00a0carefully inspect the URL, and make sure you have arrived on the company’s official website.\u00a0<\/strong>If you\u2019re\u00a0unsure\u00a0whether\u00a0the company’s\u00a0web address is real\u00a0or find\u00a0product\u00a0prices, discounts,\u00a0or other information\u00a0suspicious or “too good to be true,”\u00a0conduct a separate\u00a0Google\u00a0search\u00a0about it.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
You can\u00a0also\u00a0click on the padlock sign in the address bar to check the website and organization\u2019s information\u00a0in\u00a0its SSL\/TLS certificate.\u00a0Of course, if the site isn\u2019t using one of these certificates, that should already be a red flag.\u00a0\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
6. Use official\u00a0resources\u00a0and websites (avoid downloading from third-party sites)<\/strong>:\u00a0Be sure to only download browser extensions, media players, or updated versions of any applications\u00a0from their official websites.\u00a0For example, if the game you\u2019re\u00a0trying to play online shows the message that it will run only on the latest version of Chrome, download the latest version of your browser only from\u00a0google.com\/chrome<\/a>.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
If you see a popup showing that your system is suffering from virus infection, instead of clicking on that ad, scan your device with your trusted\u00a0antivirus or\u00a0anti-malware software only.\u00a0\u00a0\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
Malvertising Protecetion Tips for Website Owners\u00a0<\/h3>\n
<\/p>\n
<\/p>\n
7.\u00a0Use website scanners:\u00a0<\/strong>Use\u00a0legitimate\u00a0website scanners\u00a0that continuously monitor, scan, detect, and remove the malicious codes on your website.\u00a0<\/strong>So, if someone has inserted malware-laden advertisements, these types of scanners can quickly detect it before it’s too late.\u00a0\u00a0<\/p>\n
<\/p>\n
<\/p>\n
- Use\u00a0your\u00a0device\u00a0as part of larger\u00a0botnet attacks<\/a>\u00a0against others,\u00a0and\u00a0\u00a0<\/li>\n