Malvertising Affects Web Users

Malvertising might perform the following attacks on users viewing the malvertisement without clicking it:

• A “drive-by download” — installation of malware or adware on the computer of a user viewing the ad. This type of attack is usually made possible due to browser vulnerabilities.
• Redirect of the browser to a malicious site.
• Displaying unwanted advertising, malicious content, or pop-ups, beyond the ads legitimately displayed by the ad network.

Malvertising Affects Publishers

The threat to publishers is damaged reputation, loss of traffic and revenues, and legal liability to damages caused to users visiting their sites.

While publishers are aware of the problem, they find it difficult to test for or block malicious ads. Ad networks serve ads from millions of advertisers, and display ads dynamically according to real-time bidding, making it very difficult to test all the ads that are actually shown to users.

Malware in ad calls — when a website displays a page that contains an ad, the ad exchange pushes ads to the user via many third parties. One of these third party servers may be compromised by an attacker, who can add malicious code to the ad payload.

Malware injected post-click — when the user clicks on an ad, they are typically redirected between several URLs, ending with the ad landing page. If an attacker compromises any of the URLs along this delivery path, they can execute malicious code.

Malware in ad creative — malware can be embedded in a text or banner ad. For example, in HTML5 it is possible to deliver an ad as a combination of images and JavaScript, which might contain malicious code. Ad networks that deliver ads in Flash (.swf) format are especially vulnerable.

Malware on a landing page — even on legitimate landing pages served by reputable websites, there may be clickable elements that execute malicious code. This type of malware is particularly dangerous because users click an ad, land on a real, legitimate landing page, but are infected by a malicious on-page element.

If you have any experiences with these scams do let me know, by email.

Malvertising  means the use of online advertising to spread malware. This may include computer viruses and other nasty malware that try to hijack your computer or download your confidential information.

Online advertising is largely through advertising networks. You pay for your ad to appear but don’t necessarily which sites it will appear on.

Malvertising is where the scammers inserting malicious adverts into the legitimate advertising networks. Typically this is done by the scammer putting in legitimate adverts for a while then switching to the malvertising ones.

Malvertising is hard to combat because of the complexity of how the advertising networks operate and how quickly ads can be inserted then disappear.

It was estimated nearly 10 billion ad impressions last year were compromised by malvertising.

The identities of those responsible are often hard to trace, making it hard to prevent the attacks or stop them altogether, because the ad network infrastructure is very complex with many linked connections between ads and click-through destinations.

There have been Malvertising attacks against, eBay, answers.com, talktalk.co.uk and many others involving the hacking of various advertising networks.

Don’t automatically trust adverts on respected websites as they may not realise what’s being advertised.

Malvertising is an attack in which perpetrators inject malicious code into legitimate online advertising networks. The code typically redirects users to malicious websites.

Scammers can target users on highly reputable websites, e.g., The New York Times Online, The London Stock Exchange, Spotify and The Atlantic, all of which have been exposed to malvertising.

The bait and switch price scheme is where a customer is lured into a purchase by an unrealistically low price then finds out the real price is much higher for what they want or the product/service offered is far less than they believed.

This scam is common with many types of product and service sales but has recently become a bigger problem in the world of locksmiths with many adverts appearing on local websites such as Gumtree, for  locksmiths services advertised at false prices. Customers find out after the work is completed that the cost is actually dramatically higher than they believed.

Typically, these services are offered at £39, £49 or £59 for a lock fitting, lock replacement, emergency access etc. but the customer ends up being charged several hundreds of pounds or more.

If a locksmith offers services at prices that are dramatically lower than the industry prices then there is almost certainly a scam going on.

1. Always get multiple quotes and specify as clearly as possible what you want and ask exactly what will actually get for the quoted price.
2. Make sure to be clear on what the call out price is and what the cost per hour or per task is on top of that.
3. Ideally get a detailed written / email quote for the work
4. Select a local company, not a national business where you may be talking to someone in a call centre hundreds of miles away
5. Ideally you want to talk to the locksmith who will do the job, not to an admin person.

If you have any experiences with bait and switch scams do let me know, by email.