End-of-year reports found an emphasis on phishing awareness, which, while good due to its prominent usage, also has its cons. This emphasis means that other tactics hackers utilize aren’t getting as much security training. “Although 40% of employees believe that they understand and could explain phishing threats to others “very well,” understanding of various other social engineering threats drops off substantially from there.” If this is true of just social engineering attacks, we can’t help but wonder about other hacker tactics. To help heighten awareness, let’s freshen up on malvertising.
Malvertising is an ad on a website or Google Ad (with the green ‘Ad’ logo) that has malware or carries you over to a site with malware. They can target a broad audience, ie anyone that Googles YouTube, or more specific. For example, a malvertisement couldn’t be targeted at individuals looking for specific software, with a malicious ad for the software that has a fake download.
Possible outcomes of malvertising are password stealing, keystroke recording, capturing screenshots or gaining remote access to a machine. The challenge with catching the hackers running these ads is that they’re often only us for minutes or hours. Before someone can take the ad down, the hacker may have already gotten their victim(s) and taken it down themselves.
What’s worse, is that you don’t even always have to click on the aid to infect your device. ‘Drive-by-downloads‘ occur when infected files are installed while the user is passively viewing the ad.
To reduce/eliminate your risk, do the following:
- Avoid website ads and Google ads (with the green “Ad” logo).
- Use an ad blocker (Here are our recommendations). Ensure it’s kept up-to-date.
- Limit browsing strictly to business purposes.
- Ensure all your Microsoft updates are installed.
- Update your internet-connected devices regularly.
- Install antivirus software.
- Avoid using Flash or Java, and if possible, disable them when surfing the web.
- Close browser tabs/windows when not in use to avoid ads being run in the background.
Thankfully, we can help with ad blockers, browser restrictions, all updates, and antivirus. Contact us today if you’re interested!
About Partners Plus
Managed IT Services That Do the Work for You
Partners Plus began in 1991 as an outsourced IT department after working as the Director of Programming and a Consultant for six years. For 30+ years now, we have been 100% committed to ensuring small- and medium-sized business owners have the most reliable and professional virtual CIO in the Delaware Valley. Our dedicated team of professionals will solve your IT nightmares quickly and without confusion on your part.
Our customer-specific memberships deliver your needs without overstepping your budget boundaries. From cloud services and data backups to ransomware prevention and Dark Web monitoring, Partners Plus is here to work with you and your expert company, dependable outsourced IT support and security.
Partners Plus has locations and services the following areas:
Managed IT Services in Philadelphia – Managed IT Services in Delaware – Managed IT Services in Malvern