Il malvertising it is an exploitative illicit activity advertising banners and fake digital advertising actions. Thanks to malvertising, the bad guys on the web they deceive users and take them to visit on malicious sites.
Their ultimate goal is infect your device of the victim with malware of various nature: malicious programs that can generate more or less serious malfunctions.
Malware represents a real threat to the IT security of users and in some cases can lead to the theft of sensitive personal information.
Fortunately, however, also malvertising can be contrasted. And in many cases the user doesn’t have to do anything else raise the level of attention with which he reads Internet pages and contents.
What is malvertising and when does it arise?
The term “malvertising” is a portmanteau of the words “malware” e “advertising”. It is no coincidence that the term “malvertising” is used to describe various activities spread of a malicious program through activities apparently attributable to advertising.
With the big difference that the digital advertising in question is bogus. This is a simple excuse for capture the user’s attention and lead him to unknowingly install the malware.
For example, malvertising could invite the user to click on advertising links or banners that will take him to download infected attachments. Or maybe ad land on malicious sites.
Malvertising, from many points of view, is not all that distinguishable from other illicit activities who travel on the web. More or less complex scams, which aim to distract the victim to get it to perform a specific behavior. And which, sooner or later, culminate with theinstallation of malware.
The term malvertising began to circulate in 2007 and within a few months the fake advertising banners spread like wildfire
At the same time the term begins to spread between 2007 and 2008. More precisely when some platforms of the time, MySpace above all, they start to come “populated” by suspicious advertising banners.
Within a few months the announcements of malvertising they would even land on the web pages of the New York Times and this particular type of attack would quickly become known to the general public.
Nonetheless the hacker they still managed to get in platforms and systems apparently impregnable: starting from Spotifyuntil you get to YouTube e Google.
And sometimes malicious digital advertising activities have gotten it record profits. This is the case, for example, of a famous cyber attack involving the DoubleClick and Zedo advertising networkswhich it seems to have infected more than 600,000 devicesgenerating a income of over one million euros.
Hidden dangers of malvertising
A first aspect to keep in mind about malvertising is that it often strikes two categories of victim at the same time. The best known ones are the end users: those who click on advertising banners and find themselves with a infected device.
But we must not forget that also the publishers oh owners of the web pages are victims of the attack. In fact, the latter find apparently harmless contents in their hands, which however will bring their users up malicious sites and often their devices are the first to come damaged by malware.
Then there is another fundamental element of malvertising which is often underestimated. A user without extensive computer skills might think this is enough do not click on links or malvertisement banner to avoid taking risks.
In reality there are also cases of malware pre-clicwhich are inserted directly into the script of a web page. Or perhaps within the so-called attacchi download drive-by.
It is possible to find yourself a victim of malvertising even without clicking on advertising links or banners
The attacchi download drive-by they are scams that exploit the browser vulnerability and which lead the victim to install malicious code without even realizing it.
Fake digital advertising malware can also be installed via automatic redirects. In this case the user thinks he is browsing to a site “X”, but is redirected to others malicious sites.
Finally, be careful not to trust too much SERP of the search engine. In fact, it may happen that malvertising links succeed in rank at the top of the answers.
In this case, hackers exploit particular technologies that they deceive the ranking algorithms. With the aim of exploiting the presumption of authority resulting from good positioning, however deceive their victims.
How to protect yourself from malvertising
To significantly reduce the malvertising riskit is necessary to adapt a series of usage behaviors of your device. Good standards for the benefit of IT security and the protection of privacy online.
The first aspect to pay attention to are clearly the advertising banners and, more generally, all those digital advertising activities potentially harmful.
In this sense the aspects to keep in mind are not too different from those that identify others online attacks: for example those of phishing. It is therefore necessary check each text carefullybefore performing actions such as clicking.
It is also highly advisable to install a antivirus. Or any type of software meant to run device scans and filter unwanted content on the Web.
Installing an efficient antivirus is always a good solution to protect your PC from any external attack
As well as it is highly preferable to keep all the software in uso constantly updated: from operating systemuntil we get to browser used for online browsing.
Finally, users who want to further reduce the level of risk can consider the possibility of give up the use of specific programs. This is the case, for example, of Flash e Java.
The first is a graphic software for the creation and visualization of vector animations, which hasn’t been updated in years. The second is a programming language as widespread as it is targeted by hacker attacks.
To know more:
- Computer security: guide to safe browsing on the web
- Digital Advertising, how to implement a winning strategy