The Internet is inundated with online ads that cater to our interests. We find them almost everywhere; online shopping sites, social networking platforms, including other digital news hubs. However, the online advertising ecosystem is increasingly being used by attackers, using relevant or even legitimate ads to harvest information and install malicious code.
In the recent months, we uncovered a malicious campaign that uses malvertising ads to lure users to malicious sites. In this particular campaign, the malicious ads have been appearing on YouTube, leveraging on the popular platform and appearing on videos with more than 11 million views. The ads themselves don't point to malicious sites directly from YouTube, but instead goes through two ad networks before leading to a malicious site. Additionally, because the online ad networks allow anonymous bidding, it is easier and much more convenient for attackers to remain untraceable.
Much of the controversy that surrounds this security issue widely affects advertisers and users as online ad networks, as well as mobile ad networks, allow the former to track your physical location, know your browsing behavior, and even the kind of operating system and device you use. Based on your online profile and preferences, attackers can customize their ads to show your exact interests and use this against you to infect a larger system.
Due to the nature of online ads and how they can be set to reflect a particular user's interests, it becomes difficult to avoid checking them out. However, with the right knowledge and proper security software, you can prevent such threats from attacking you. Always be alert and wary of dubious ads even if they display offers that are relevant to you, and be sure to use security software that can block harmful ads.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.