Beware the Wolf in Sheep’s Clothing: a Quick Guide to Malvertising


The way we do lots of things has changed out of all recognition since the internet entered our lives. If we fancy a pizza, it’s just a few clicks away from being delivered. Need to know the capital of Nepal? Easy. Want to find out more about a product or service whose banner ad has caught our attention? Go for it.

But, along with ease and convenience, at least one of these developments has brought with it an element of risk. We’re not talking about getting a meat feast pizza when you’ve asked for vegetarian deluxe, but we are looking at the danger of being taken in by a fake online ad.

Called malvertising, it’s been in circulation for far longer than you might realise. The very first examples started to appear in 2007 and since then it has proliferated at a very alarming rate.

What can be done about it?

It’s always good to start with the positives and, fortunately, the arrival of malvertising has also led to the creation of a whole generation of businesses whose aim is to create software that can spot and snub it out long before it appears online. Various methods of ad verification are used to both identify the ads in question and to search for their source. This has helped to give publishers greater peace of mind and to stay one step ahead of the would-be fraudsters. It’s still worth getting clued up on the phenomenon, though.

What is it?

Put simply, it is the placing of fake ads on websites with the intention of getting people to click on them. This can do a number of things from taking them to fraudulent websites to installing malware on a device that will search for sensitive security information and sometimes even start to record keystrokes being made.

The real danger is that it can appear on even the most reputable sites. For example even the New York Times fell victim to it in 2016 when online readers inadvertently downloaded ransomware onto their devices.

Ransomware statistics” (CC BY 2.0) by Infosec Image

Even more worrying has been the development of so-called “drive-by downloads” that don’t even need the banner ads to be clicked on. In these, the damaging code can start to be transferred as soon as the page containing the infected ad is opened.

How does it happen?

The process of getting an ad to appear online can be a tortuous and complex one that involves a number of third parties. This makes it increasingly difficult to check who is placing the ads and creates an ideal opening for cybercriminals to pose as legitimate businesses and get their ads online. There have been many instances of whole fake ad agencies being created to carry off the scam.

So, before legitimate online publishers can possibly realise it, they are running fake ads. This not only costs them money in terms of lost revenue from genuine advertisers, it can harm the visitors to their sites and even leave their reputations in tatters.

Remember the reassurance from early on in this article: anyone using the internet can know that someone’s got their back – all the same, extra vigilance will always be required.


Leave A Reply