In digital marketing, online ads are indispensable to reach mobile and web-based consumers and drive their engagement. As brands continue to shift focus to digital platforms to effectively target and engage audiences, global digital ad spending will continue to grow.
However, every ad risks cybercriminals who might attempt to exploit a brand's ads to spread malware. This is a tactic known as malvertising, and it can undermine brand integrity and compromise customer trust. Brands must understand how malvertising works, the dangers it presents, and how to identify it to protect both themselves and customers alike.
Learn what malvertising is, why it matters and, most importantly, how to keep it from compromising campaigns.
What is malvertising?
Simply put, malvertising -- short for malicious advertising -- refers to when bad actors insert malware into what appear to be legitimate ads. This tactic is frustratingly effective, because malicious ads often make their way onto highly reputable sites through third-party ad networks, making it hard to spot the danger.
Cybercriminals use various methods to get unsuspecting users to click on -- or at least view -- an infected ad:
Phishing ads.Phishing attacks are disguised as legitimate content but redirect users to fake sites designed to steal login credentials, credit card details or other sensitive information.
Forced redirects. With this tactic, the ad automatically redirects users to dubious sites, sometimes leading to downloads of malicious software. Often, users do not even need to click for these ads to take them off track.
Drive-by downloads. Just viewing the ad can trigger a download of malware if the user's software or browser has vulnerabilities. This tactic is especially troubling because it can infect a device without any interaction from the user.
Overall, a malvertising incident can erode customer trust, damage a brand's reputation and turn potential conversions into security nightmares.
Ad malware is a virus already on the device, while malvertising uses the ad network itself as the attack vehicle.
Malvertising vs. ad malware: What's the difference?
People often confuse malvertising and ad malware, but the two have important distinctions. Ad malware specifically targets ad platforms to display unauthorized ads, hijack revenue or steal user data. It infects a user's device, lurks in the background and spreads ads or redirects from within the system.
Malvertising, on the other hand, uses legitimate ad platforms to plant malware. It is sneaky, operating within regular ad networks, and embeds malicious code in visible ad content to hit users directly.
Put simply, ad malware is a virus already on the device, while malvertising uses the ad network itself as the attack vehicle. Both pose risks, and knowing the difference helps defend against both.
Is malvertising dangerous?
In a word: yes. Malvertising can have severe consequences for individual users and businesses.
Some examples of malvertising's consequences include the following:
Data theft and privacy violations. Malicious ads often steal sensitive data, such as login details, payment information or personal identification. When theft happens, it can lead to identity theft, financial fraud and data breaches.
Reputational damage. Even if the malvertising is not directly from the brand, customers might associate a negative experience with it afterward. If someone experiences a security issue after seeing a brand's ad, their trust in that business could take a hit.
Performance issues. Malware from these ads can drain device resources, slow down systems and cause devices to overheat or crash, which can frustrate users.
Account compromise. Some malware tracks keystrokes or login attempts, leading to account takeovers. A single compromised account could lead to broader breaches, especially with re-used passwords or unprotected accounts.
How to identify malvertising
While users might struggle to spot every instance of malvertising, these warning signs can help them avoid it:
Poorly designed ads. Malicious ads often lack polish. If an ad looks low quality or slapped together, with odd fonts or pixelated images, it might be more than poor branding.
Spelling and grammar errors. Cybercriminals sometimes skip quality checks. If an ad has obvious errors, approach it with caution.
Overly aggressive pop-ups. If a pop-up reappears continuously or is hard to close, it is often a tactic to frustrate the user into interacting with it.
Suspicious redirects. If clicking on an ad leads to an unexpected website, close it immediately. Redirects are a common malvertising trick, leading users to sites that push malware.
All organizations should have a malware plan in place -- to protect themselves and their customers from it.
How to protect against malvertising
Marketing and sales leaders can take several steps to reduce the risks malvertising poses:
Use ad blockers. Installing ad blockers can help filter out some malvertising threats. While not foolproof, ad blockers can prevent many malicious ads from appearing.
Run antivirus and antimalware software. Regularly scan devices with up-to-date antivirus software. Many antivirus tools come with web protection features that help detect and block malicious ads in real time.
Keep software updated. Cybercriminals love targeting outdated software. Make sure browsers, OSes and plugins are all updated with the latest security patches. Enabling automatic updates can make a significant difference.
Educate team members and customers. Awareness is key. Educate teams on the signs of malvertising and consider sharing security tips with audiences. When people know what to watch for, they are less likely to fall victim to these attacks.
Partner with trusted ad networks. When buying ads, stick to well-established ad networks with stringent security practices. These networks often have better screening processes, reducing the chance that malvertising will reach customers.
By implementing these practices, marketing and sales leaders can reduce their exposure to malvertising. Staying proactive is key. While malvertising will continue to evolve, the proper defenses can keep pace if organizations remain vigilant and informed.
Robert Peledie is an enterprise architect, solution architect and director of CRM consultancy 365Knowledge Ltd. He has several years of consulting experience in global organizations.
