How to Tell Safe Advertisements From Dangerous Malvertising

How to Tell Safe Advertisements From Dangerous Malvertising

Advertising is the life blood of the internet. Some of the world’s biggest and most influential tech companies earn a large chunk of their revenue through harmless and safe advertisements, but some of the most successful cybercriminals also rely on advertising.


When good ad networks are tricked into delivering malware, it’s known as malvertising. Malvertising is often confused with adware, which is illegitimate software that displays ads and redirects searches to ad sites — neither are what you might call safe advertisements.


The Good News and Bad News About Malvertising


The ad verification company GeoEdge reported last year that automatically redirecting malvertising attacks cost $1.13 billion per year, and that figure is rising. The organization noted that pre-click attacks constitute around half of all malvertising attacks.


Malvertising uses legitimate advertising networks to spread malicious code, often on legitimate websites. The attacks tend to have three stages: First, the attacker needs to fool the advertising network and violate their terms of service without getting caught. Second, they need to create or modify some malware payload that exploits a technical vulnerability. Finally, the attacker’s ad will typically need to socially engineer users into taking actions that compromise their own security and/or that of their organization.


Malvertising takes a very special skillset that most cybercriminals don’t possess. Namely, the attacker has to be extremely skillful at advertising. They must understand the methods, tools and skills required to get people to engage with ads and also know how to bypass security systems.
Support the originator by clicking the read the rest link below.