In an ideal world, the advertisements you see online are genuine and harbor no ill intent. Unfortunately, some advertisements spread malware or steal information.
Fortunately, I’ve spotted tons of malvertisements over the years, and this is how I spot them every time.
What Is Malvertising?
Malvertising is a portmanteau of “malware” and “advertising.” At first, it sounds like ads selling malware to criminals, but it’s actually about advertisements that pretend to be legitimate while hiding a dark secret.
The main goal of malvertisements is to infect your PC with a virus and steal your personal information. There are two ways that a malvertisement can achieve this:
- Pre-click malvertisements: These are especially nasty, as they don’t require your input. As soon as your browser loads, the malware is sprung.
- Post-click malvertisements: These don’t activate when your browser loads them. Instead, they will bait you into clicking on them, leading you to a malicious website. This website may try to give you a virus or ask you for your personal details in a phishing attack.
Note that malvertising differs from adware, which are unwanted apps designed to show you advertisements. However, you’ll sometimes see the two working hand-in-hand, with bad actors deploying adware on people’s computers to show them malvertisements.
In an ideal world, malicious ads are caught during the advertisement vetting stage and won’t make it onto websites. However, some unkempt websites that use subpar advertisement plans may end up serving malvertisements to their users, whether it knows it or not.
How Do Malvertisements Appear?
Malvertisements have a long and storied history, and plenty of examples illustrate how they work.
Malicious SYS01 InfoStealer Ads Flooding Facebook
As proof that the largest websites aren’t “too big” to get malvertisements, there was a flood of SYS01 InfoStealer ads attacking Facebook users. This wave promised users free access to popular services and software like Netflix and Photoshop.
Of course, these were just tricks to get people to click on the ads and download the SYS01 InfoStealer, which stole the victim’s Facebook accounts and used them to spread more malvertising.
Google Sponsored Links Showing Malicious Content
You’d think that the internet giant Google would be pretty good at spotting malvertising, but even it can slip up sometimes. Sometimes, Google will slip in a few sponsored links into a search result related to what you’re looking for, but sometimes, those links go a little awry.
As reported by CNBC, cybercriminals have been slipping malicious ads into these sponsored links. Sometimes, they impersonate real websites and sometimes promise things that seem “too good to be true.” The worst part is that people tend to trust these sponsored ads because they’re served up by Google itself, which people inherently trust without a second thought.
Some sneaky criminals will even create identical search results for legitimate websites and sponsor them so they appear at the top of the list. When people search for that website, the sponsored link appears at the very top and tricks people into believing they’re clicking the search result for the real website when, in fact, they’re headed into a malware-filled trap.
Cybercriminals Boosting Malvertising Using Paid Social Media Posts
Some social media websites allow people to “boost” the visibility of their posts by paying a sum. Cybercriminals can use these to boost their malvertisements and hijack people’s accounts, only to use those accounts to post and boost more malvertisements.
Trend Micro reported a case where cybercriminals performed this trick with Facebook posts. They stole accounts using fraudulent customer support messages and used those to boost posts advertising a fake AI photo editor. Once people download and run the fake app, it gives the bad agent remote access to their computer.
How I Stay Safe From Malvertisements
Malvertisements sound scary on paper. However, they have several weaknesses that make it easier to spot them than the real deal.
Be Extremely Cautious Around “Too Good to Be True” Ads
You have to remember that malvertisers want as many people to click on their bad ads as possible. And because they’re not actually selling a proper product, they can get away with making ludicrous claims or deals because they don’t have to back it up.
As we saw with the SYS01 InfoStealer, the scammers advertised free Netflix and Photoshop access. Claims like that should reek of malvertisements the moment you see them. If an ad seems “too good to be true,” it probably is.
Look for Strange Wording or Grammar
Malvertisements are created quickly and unprofessionally. As such, if you see an ad that “sounds weird” but claims it’s from an official source, there’s a good chance it’s a malvertisement.
Look for “Unprofessional” Graphic Design
Similarly, malvertisers won’t have a fully-paid graphics designer on their team to create graphics for advertisements. As such, bad ads often “look bad” in some way; perhaps they look poorly made or use pixellated assets. Legitimate companies will put a lot of time and money into their ad campaigns, so the shoddier one looks, the more likely it’s bad.
Cross-Reference Deals With the Real Company
Does a deal look good, but you’re unsure if it’s a malvertisement? To double-check if it’s the real deal, open a new tab and visit the company’s official website or social media.
If the advert claims to be from a trusted company, whatever it advertises should be on its website or posted on its social media. If the advert was from a company you haven’t heard of, you can check for red flags for a bad website and see if it fits the bill.
Be Careful What You Click On
It’s tempting to click on things to get your work done faster quickly, but try to take the time to think about where you click. Remember the Google malvertisement trick where scammers create adverts that look like legitimate search results? You can dodge that one by not clicking on any results marked as an ad. Instead, scroll down and click on the legitimate website’s search result.
Use a Secure Browser
So far, we’ve only covered ways to dodge post-click malvertisements. However, what about the pre-click malvertisements that fire the moment they’re loaded? Fortunately, if you pick a good browser, you’ll have a good first line of defense against these.
We’ve ranked the most secure browsers available, so give them a look if you want to stay safe online. And if you opt for Brave, you can grab the best security extensions for Brave browser too.
Given how prevalent online advertisements are, bad actors are always looking for ways to manipulate people into downloading something bad. Now you know how to sniff out the malicious ones and surf safely.
