When you juxtapose “malicious” or “malware” and “advertising,” you get the portmanteau “malvertising.” Although malvertising has existed for about 30 years, it is not yet a household word, even among many computer techs. That is probably going to change following a malvertising attack discovered on Google June 2, 2017.

The attack caught users unaware as they innocently clicked on a sponsored AdWords search engine response to the big box retailer, Target. Expecting to land at Target’s website, users were unwittingly redirected to another URL where they were greeted with a Microsoft look-alike site that warned them to call a phone number to remove an infected file on their computer. The file itself was non-existent.

Malvertising typically works because the malware is not on your PC. It is propagated by inserting malicious codes into ads on trusted websites. Malvertising is particularly pernicious in that neither the site nor the advertiser are aware of the code that redirects users to a malicious server. According to the Center for Internet Security, “The software could allow the attacker to perform a number of actions including,

  • allowing full access to the computer
  • exfiltrating financial or sensitive information
  • locking the system and holding it ransom via ransomware, or
  • adding the system to a botnet so it can be used to perform additional attacks.

This entire process occurs behind the scenes, out of sight of the user and without any interaction from the user.” Because all of this activity takes place “behind the scenes” and because internet ads are changed at a rapid pace, malvertising is unusually difficult to combat. The New York Times and NFL websites have already been malvertising victims.

The best practices for guarding your technology against malvertising are to ensure that all of your software and extensions are up-to-date, disable the automatic use of Flash, and close windows not currently in use when connected to the internet.

Tech Sentries is always on duty helping you “GUARD YOUR TECHNOLOGY” at all hours of the day and night. Don’t wait. Contact us today. (843-282-2222).