Because the bad guys are always trying to find new ways to compromise devices, we are always trying to look over the hill to see what's coming.....
Last week one of these new methods actually hit by infecting a user's workstation (multiple times), so I wanted to advise you about it and include a little additional education about this issue. The new method involves ads and it even has its own term ("Malvertising").
How Malvertising works:
These ads are the ones you see on websites (which is bad enough) and Google Ads (which is worse) -and they either have imbedded malware or connect you to sites that load the malware.
In this particular case it was a Google AD that was returned when the user searched for "YouTube" - a very common search, and something that could hit any of us.
Google is aware of the problem as stated in this article http://www.androidpolice.com/2017/01/25/google-disable-900000-ads-2016-spreading-malware-thats-just-tip-bad-ad-iceberg/. We have a number of things in play for our clients to reduce/ eliminate your risk, but the challenge is these ads are often only used for minutes/ hours so it's a cat and mouse game to get them addressed.
So what to do to reduce/ eliminate your risk:
- Tell users to avoid website ads and Google ads (with the green "Ad" logo).
- Use Chrome as your default browser. Chrome is the most secure, fast, reliable browser out there and Google takes that very seriously - so they pounce on fixing issues as quickly as possible.
- Use an Ad Blocker (please see my previous post about this).
- Limit users to browsing strictly for business purposes...they can do personal browsing at home.
- Confirm you have all your Microsoft updates installed.
- This is the big one: Have users raise their hands quickly when they see something "bad".
If your IT Firm has not addressed this issue with you and does not have the proper things in place for your company to avoid these issues as much as possible, than you need to address this issue with your IT firm or find a new IT Firm.