Simply browsing your favorite website is putting your computer at risk, thanks to the increase in malicious ads – and the problem is only getting worse. In fact, security intelligence firm RiskIQ says up to 15,000 tainted ads have appeared online in May alone, rising tenfold over the previous year.
The “malvertisements,” as they’re being called, work in a “drive-by download” manner, meaning once clicked, software is automatically installed without user consent. A fake security warning is then triggered, followed by a deceiving antivirus “protection” offer which holds computers hostage until the user pays for the false protection.
Because the process of sneaking ads into distribution channels has become so streamlined, over a billion tainted ad impressions have appeared on the internet’s top 500 websites, likely infecting millions of PCs worldwide.
Major sites such as weather.com, foxsports.com, monster.com and us news.com, just to name a few, said Elias Manousos, CEO of Risk IQ.
Even SpeedTest.net, a popular website that measures broadband connection speeds, was hit by the infectious ads. The company, which uses the OpenX ad-handling program, was able to address the problem quickly, but others who employ the same system may not be as well equipped, leaving tens of thousands of sites vulnerable to the ads.
Malvertisements are a popular and extremely effective mechanism that take advantage of weaknesses within Web browsers, says Vincent Liu, managing partner of security consultancy Stach & Liu. The average home computer user faces a high risk of being attacked by malvertisements.
The news isn’t just bad for consumers, it’s bad for the websites. Consumers who have fallen victim to the ads have been quick to bad-mouth sites they believed caused the fake antivirus protection.
Website security firm Armorize said it has documented a number of complaints that have gone viral on places like Twitter, leading to a drop in site traffic.
Publishers are seeing their traffic and transactions drop in real time, said Matt Huang, chief operating officer of Armorize.
What’s more disconcerting is that hackers creating the ads are selling tutorials, tool kits and malicious ad placement services online, meaning the problem isn’t slowing down. The Online Publishers Association, an industry group of major website publishers, hasn’t gone beyond merely acknowledging the problem. Still, awareness is growing among key stakeholders like Yahoo, Microsoft and Google, that will hopefully lead to a reduced number of malvertisements sneaking onto popular sites.
How can consumers protect themselves? Make sure your anti-virus and web browsing software is up-to-date – extensions like NoScript and AdBlock are recommended. Consumers also need to ensure copies of popular applications like Adobe Flash and Adobe PDF are current.
Consumers will be doing a lot of online shopping over the next few months, making it the perfect time for the tainted ads to strike. Most of all, practice vigilance, even on popular sites you wouldn’t think contains a corrupted ad, tread with caution.
The Galaxy S20 Ultra's Space Zoom camera is amazing and a bit creepy
The Galaxy S20 Ultra supports up to 100X zoom, which Samsung calls Space Zoom, but is it any good? Can a phone really product usable photos at 100x zoom? We've got our Galaxy S20 Ultra already so join us to find out!
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Capture your best stream with the best capture cards
Watching people play video games is almost as much fun as playing them. If you want people to enjoy your gameplay, you will need one of these amazing capture cards.