Hackers are increasingly using online advertising for malicious purposes. Usually, it happens through a regular Google search.
These schemes are known as malvertising, and cybercriminals are making their attacks more frequent and more sophisticated. Fall 2023, cybersecurity software companies Number of malware bytes tracked Jérôme Segura, senior research director at Malwarebytes, said malvertising incidents in the United States increased 42% month-on-month. Brands of all types are being targeted, whether for phishing purposes or actual malware. “What I see is just the tip of the iceberg,” he said.
Many of these rogue ads appear as sponsored content during search engine queries on desktop or mobile devices. But malicious code can also be hidden in ads that appear on popular websites that consumers frequently visit. Erich Kron, a security awareness advocate at KnowBe4, said some of these ads simply trick consumers who click on them, but in some cases people may be attacked in a more passive way — sometimes just by visiting a compromised website. . training company.
Corporate employees may also be targeted by malicious ads, Segura said. He cited some recently discovered practical examples involving large corporations. Lowe’s staff through Google Ads claiming to be affiliated with the retailer’s employee portal. Clicking on the link “myloveslife.net” (which contains a misspelling of the company name) takes users to a phishing page with the Lowe’s logo. This can be confusing for employees, as many don’t know the URL of their internal website. “You see the brand, even the official logo of the brand, and that’s enough for you to think it’s authentic,” Segura said.
also very safe quoted an advertisement intended to impersonate salespersonOwned communication tool Slack. Initially, by clicking on the ad, he was redirected to the pricing page on the official Slack website. But Segura suspected a bad actor was at work, so he dug deeper and discovered an impersonation strategy that included trying to convince unsuspecting users to download something purporting to be the Slack app.
It’s not Google’s fault, but don’t believe it
Malvertising is not new, but cybercriminals are getting smarter and the ads are often very realistic and easy to fool. This problem is exacerbated by the fact that many malicious ads can be found on Google since many people use and trust Google as a search engine. This isn’t a problem with Google itself; Malvertising may also appear in queries using other search engines, such as Microsoft’s Bing. It’s just that Google is such a widely used search engine that people trust it and let their guard down. “When you see something on Google search, you assume it’s valid,” said Stuart Madnick, a professor of information technology at MIT’s Sloan School of Management.
Consumers may also fall victim to malicious ads on trusted websites they frequently visit. Many of these ads are legitimate, but some bad ads may be missed. “It’s like the post office. Does the postman check every letter you get to make sure it actually came from Publishers Clearing House?” Madnick said.
Be careful where and when you click
Consumers can take steps to protect themselves from malicious ads. For example, they should avoid clicking on sponsored links that appear during web searches. Typically, the first ad below the sponsored ads will be the product they are looking for, and since it is not sponsored, it is less likely to be excluded by malicious code or phishing attempts.
If you do click on a sponsored link, check the URL at the top of the page to make sure it’s actually where you intended to go before taking any other action. For example, if you try to visit Gap.com, make sure you are not actually visiting Gaps.com. Avinash Kolis, assistant professor at Carnegie Mellon University’s Heinz College, said consumers who find themselves on suspicious websites should close the window immediately. He said in most cases this would avoid further trouble.
Consumers also need to be careful when clicking on ads they see on trusted websites, Kron said. For example, they may see ads for products that cost significantly less than elsewhere. But Kron recommends not clicking and instead visiting the trusted website of the product seller. Most of the time, he said, consumers will be able to search the provider’s website for a special offer, or the offer will be highlighted on the homepage of a trusted site.
Also avoid calling the phone number listed in the sponsored ad as it may be a fake phone number. Chris Pierson, CEO of BlackCloak, a cyber security and privacy platform that provides digital executive protection for business executives, said that if you call it, cyber thieves may gain access to your computer or personal information, depending on The plan.
Consumers should make sure the phone number they call comes from official product documentation they have, Pearson said. Alternatively, consumers can visit the company’s homepage to obtain this information. “Conducting (online) searches may return non-company-sponsored results and phone numbers associated with cybercriminals. All it takes to post an ad is money, and of course the cybercriminals who steal the money have the ability to pay for the bait. cost,” Pearson said.
Avoid “drive-by downloads”
Consumers should also ensure that the operating systems and internet browsers on their computers and mobile phones are up to date.
So-called drive-by downloads, which often rely on vulnerabilities in users’ browsers, can affect users who simply visit a website infected with malicious code. For those who keep their browsers and browser extensions up to date, this isn’t much of a threat, Kron said.
Consumers may also consider installing anti-malware software on their computers and mobile phones. Another option is to avoid ads by installing an ad blocker extension, such as uBlock Origin, a free and open source browser extension for content filtering (including ad blocking). Some consumers may also choose to install a privacy browser on their personal device, such as Aloha, Brave, DuckDuckGo or Ghostery. Many privacy browsers have ad blockers embedded; consumers may still see search ads, but they will see fewer ads, minimizing the chance of malicious advertising.
Collis said consumers who encounter suspicious ads should report them to the applicable search engine for investigation and removal if they are deemed to be malicious. This can help protect others from falling into the trap.
Proper security precautions are especially important because there are millions of ads online and cyber thieves are ruthless. “You should assume that no matter how careful you are, this could happen to you,” Mednick said.
About The Author
