Malvertising

By: Tim O’Pry | Chief Security Officer

As tech terms go, this is one of the few that is a simple portmanteau, a combination of Malware and Advertising. As the name implies these are website ads that attempt to infect your system directly when you click on the ad or trick you into downloading malware. On the web, the majority of ads that are displayed on any page are delivered from an advertising network. The website owner has little to no control over this content other than to add that network to their site. The actual ads that are displayed are controlled by the ad network. Once a bad actor gains access to a network, they have the potential to infect users throughout the world.

What can the average user do?

1. Don’t click on any ads. Clicking on any unverified link is risky, and Malvertising can be made to look like it is from any company: Amazon, Walmart – anyone.
2. Use an ad blocker. There are numerous free blockers available. Adblock is one of the more popular and the one I use. FYI: There is a downside to ad blockers. Some websites (especially news sites), detect their use and will NOT load while the ad blocker is enabled. Fortunately, it is simple to temporarily suspend the ad blocker or exclude that site if it’s one of your favorites.
3. Use endpoint protection (what was once called anti-virus) that looks for and blocks this type of exploit. The one I use and recommend is Webroot or Malwarebytes, but most of the major vendors offer this protection. Even with good endpoint protection, you should still avoid clicking on ANY link whenever possible. Links in email and on websites are the single largest vector for malware. If you don’t click, you don’t get sick. The 21st-century version of “Just Say No!”

As with all advertising, if it sounds too good to be true, there is a hook or it’s a scam. Malvertisers, after all, do not deliver on their false promises, they simply want to entice you into action.

As a Henssler client, should you have a cybersecurity-related question or concern, we are here to help! Contact us at cybersecurity@hensslerfinancial.com, or through your associate.

Disclosures: The investments referenced within this article may currently be traded by Henssler Financial. All material presented is compiled from sources believed to be reliable and current, but accuracy cannot be guaranteed. The contents are intended for general information purposes only. Information provided should not be the sole basis in making any decisions and is not intended to replace the advice of a qualified professional, such as a tax consultant, insurance adviser or attorney. Although this material is designed to provide accurate and authoritative information with respect to the subject matter, it may not apply in all situations. Readers are urged to consult with their adviser concerning specific situations and questions. This is not to be construed as an offer to buy or sell any financial instruments. It is not our intention to state, indicate or imply in any manner that current or past results are indicative of future profitability or expectations. As with all investments, there are associated inherent risks. Please obtain and review all financial material carefully before investing. Henssler is not licensed to offer or sell insurance products, and this overview is not to be construed as an offer to purchase any insurance products.