Instead, cybercriminals just need to fool someone into clicking on a search result that looks remarkably legitimate.<\/p>\n
This is the work of \u201cmalicious advertising,\u201d or \u201cmalvertising,\u201d for short. Malvertising is not malware itself. Instead, it\u2019s a sneaky process of placing malware, viruses, or other cyber infections on a person\u2019s computer, tablet, or smart phone. The malware that eventually slips onto a person\u2019s device comes in many varieties, but cybercriminals tend to favor malware that can steal a person\u2019s login credentials and information. With this newly stolen information, cybercriminals can then pry into sensitive online accounts that belong to the victim.<\/p>\n
But before any of that digital theft can occur, cybercriminals must first ensnare a victim, and they do this by abusing the digital ad infrastructure underpinning Google search results.<\/p>\n
Think about searching on Google for \u201crunning shoes\u201d\u2014you\u2019ll likely see ads for Nike and Adidas. A Google search for \u201cbest carry-on luggage\u201d will invariably produce ads for the consumer brands Monos and Away. And a Google search for a brand like Amazon will show, as expected, ads for Amazon.<\/p>\n
But cybercriminals know this, and in response, they\u2019ve created ads that look<\/em> legitimate, but instead direct victims to malicious websites that carry malware. The websites themselves, too, bear a striking resemblance to whatever product or brand they\u2019re imitating, so as to maintain a charade of legitimacy. From these websites, users download what they think is a valid piece of software, instead downloading malware that leaves them open to further attacks.<\/p>\n It\u2019s true that malvertising is often understood as a risk to businesses, but the copycat websites that are created by cybercriminals can and often do impersonate popular brands for everyday users, too<\/a>.<\/p>\n As revealed in our 2024 ThreatDown State of Malware report, the five most impersonated brands for malvertising last year included:<\/p>\n These five brands may not all carry the same familiarity, but their products and services capture a broad swath of user interest, from Weebly\u2019s website creation products, to TradingView\u2019s investment trading platform, to Rufus\u2019s niche-but-useful portable OS booting tool.<\/p>\n If Google ads have been around for more than a decade, why are they only being abused by cybercriminals now? The truth is, malvertising has been around for years, but a particular resurgence was recorded more recently.<\/p>\n In 2022, cybercriminals lost access to one of their favorite methods of delivering malware.<\/p>\n That summer, Microsoft announced that it would finally block \u201cmacros\u201d that were embedded into files that were downloaded from the internet. Macros are essentially instructions that users can program so that multiple tasks can be bundled together. The danger, though, is that cybercriminals would pre-program macros within certain files for Microsoft Word, Excel, or PowerPoint, and then send those files as malicious email attachments. Once those attachments were downloaded and opened by users, the embedded macros would trigger a set of instructions directing a person\u2019s computer to install malware from a dangerous website online.<\/p>\n Macros were a scourge for cybersecurity for years, as they were effective and easy to deliver.<\/p>\n But when Microsoft restricted macro capabilities in 2022, cybercriminals needed to find another malware delivery channel. They focused on malvertising.<\/p>\n Today\u2019s malvertising is increasingly sophisticated, as cybercriminals can create and purchase online ads that target specific types of users based on location and demographics. Concerningly, modern malvertising can even avoid basic fraud detection as cybercriminals can create websites that determine whether a user is a real person or simply a bot that is trawling the web to find and flag malicious activity.<\/p>\n The threat of malvertising is multi-layered: There are the fraudulent ads that cybercriminals place on Google search results, the malicious websites that imitate legitimate brands and companies to convince users to download malware, and the malware infection itself.<\/p>\n As such, any successful defense strategy must be multi-layered.<\/p>\n For safe browsing, people can rely on Malwarebytes Browser Guard<\/a>, a browser extension that blocks third-party tracking and flags malicious websites known to be in the control of cybercriminals. As we wrote before:<\/p>\n \u201cMalwarebytes Browser Guard provides additional protection to standard ad-blocking features by covering a larger area of the attack chain all the way to domains controlled by attackers. Thanks to its built-in heuristic engine it can also proactively block never-before-seen malicious websites.\u201d<\/p>\n<\/blockquote>\n The problem with malvertising, though, is that new malicious websites are created every single day. Cybersecurity defenders, then, are often caught in a game of catch-up.<\/p>\n Here, users can find safety from Malwarebytes Premium<\/a>, which provides real-time protection to detect and stop any cyberthreats that get installed onto a device, even if those threats are masquerading as legitimate apps or software.<\/p>\n We don\u2019t just report on threats\u2014we remove them<\/strong><\/p>\n Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today<\/a>.<\/p>\n![\"\"](\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2024\/02\/KeyPass-Malvertising-2.png?w=1024\")
![\"\"](\"https:\/\/www.malwarebytes.com\/wp-content\/uploads\/sites\/2\/2024\/02\/KeyPass-Malvertising-1.png?w=1024\")
\n
Why the increase in malvertising last year?<\/strong><\/h2>\n
How to protect against malvertising<\/strong><\/h2>\n
\n
\n