Skip to content

The hidden dangers of malvertising: How cybercriminals exploit online ads

Online advertisements are a staple of the internet experience, funding countless services and websites. However, not all ads are as benign as they seem. An insidious threat known as malvertising is on the rise, putting users' devices and personal information at risk.

The hidden dangers of malvertising-1

‍What is malvertising?

Malvertising, a blend of "malware" and "advertising," involves embedding malicious software within seemingly harmless online ads. These deceptive ads can infiltrate various platforms, from popular websites and social media to mobile apps, posing a significant threat to unsuspecting users.

How it works

Cybercriminals design malvertisements to look legitimate, using enticing offers, fake prizes, or alarming messages to lure users into clicking. Once clicked, these ads can automatically install malware on a device or redirect users to fraudulent websites designed to steal sensitive information, such as login credentials or bank account details.

A particularly devious tactic involves abusing notification permissions. Suspicious sites or apps may request permission to send notifications, which they then exploit to bombard users with fraudulent links long after they have left the site.

abusing notification permissions

Why is it so effective?

The effectiveness of malvertising lies in its ability to blend in. Ads are generally perceived as harmless, and a tempting offer can make even the most cautious user click. Additionally, notifications from compromised sites can appear to come from legitimate apps, making it harder to identify the threat.

Protecting yourself and others from malvertising

  1. Be skeptical of clickbait: If an ad seems too good to be true, it probably is. Avoid clicking on ads that promise unbelievable offers or prizes.
  2. Monitor notification requests: Be wary of sites or apps that request permission to send notifications. Only allow notifications from trusted sources.
  3. Educate yourself and others: Awareness is key. Stay informed about the latest cybersecurity threats and share this knowledge with friends and family.
  4. Add a network security product to your telco product portfolio: DNS security products, such as the ones provided by Whalebone, are among the most effective weapons in fighting malvertisement.

How Whalebone safeguards your customers

1. Blocking malicious sites: Upon clicking a malicious ad, Whalebone blocks access to the harmful website, rendering the attack useless. This real-time protection ensures that users are not exposed to malware or phishing sites.

2. Adblock Feature: Whalebone’s Adblock feature prevents users from seeing malicious ads in the first place. By filtering out potentially dangerous ads, it significantly reduces the risk of malvertising attacks.