There are many types of malware, and one increasingly common form is “malvertising.” This type of malicious advertising shows up everywhere—from social media to popular websites and even in Google search ads.
Two trends are making malvertising more dangerous: hackers now use AI to make these ads more convincing, and it’s on the rise. Malwarebytes reports that malvertising jumped 42% month-over-month in late 2023.
Knowing how to recognize and avoid malvertising is key to protecting yourself online. Below, we’ll explain what malvertising is and share tips on staying safe.
What is Malvertising?
Malvertising is when cybercriminals use online ads to carry out malicious activities. A prime example occurred during the PlayStation 5 launch when it was in high demand. Hackers placed fake ads in Google search results that looked like official PS5 retailers. But clicking on these ads led to lookalike sites designed to steal login credentials and payment information.
Although Google works to catch and remove malicious ads, hackers can often keep these ads active for hours or even days before they’re detected. And malvertising doesn’t just appear on Google; it can also show up on hacked websites and social media platforms.
Tips for Avoiding Malvertising
- Check URLs Closely
Malvertising often relies on lookalike websites, just like phishing scams. Carefully check URLs in ads for minor misspellings or other irregularities. Small differences can reveal a scam.
- Go Directly to the Website
For a foolproof way to avoid malvertising, don’t click on ads. Instead, go directly to the brand’s website. If there’s a legitimate sale or offer, you’ll find it there. This strategy works well for all types of phishing—skip the link and go straight to the source.
- Use a DNS Filter
A DNS filter provides extra protection by blocking dangerous sites. If you accidentally click a malicious link, the filter will redirect you to a warning page, keeping you safe.
- Avoid Logging In After Clicking an Ad
If you click an ad, avoid logging in on the site it takes you to. Malvertising often leads to fake sites with login pages designed to steal your credentials. Instead, open a new browser tab and navigate to the official site.
- Don’t Call Numbers in Ads
Some malvertising ads display fake customer service numbers, which scammers use to trick people into giving away personal information over the phone. This method often targets seniors. If you see a number in an online ad, don’t call it. And if you do find yourself on a suspicious call, avoid sharing personal details and hang up.
- Don’t Download from Ads
“Get a Free PC Cleaner!” or “Download MS Word for Free!”—these are common malvertising hooks that trick users into downloading malware. Avoid clicking download links in ads. If it’s a legitimate offer, you’ll find it directly on the official website.
- Spread the Word About Suspicious Ads
If you spot a suspicious ad, warn others. Alerting colleagues, friends, or family can help keep them safe. A quick online search often confirms if an ad is part of a known scam. By fostering a cyber-aware community, you can help everyone stay safer online.
Enhance Your Online Security
Are your devices up to date with security patches? Do you have reliable anti-malware software? Is DNS filtering in place to block malicious websites?
If you’re unsure, contact us. Our cybersecurity team can help you find affordable, effective solutions to secure your online world.
Call or email us today to schedule a conversation about protecting your online security.