What Is Malvertising?

Date First Published: 17th May 2023

Topic: Cybersecurity

Subtopic: Threats To Systems, Data & Information

Article Type: Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 6/10

CONTENTS

How Do Malvertisements Spread Malware?
How To Prevent Malvertising?
Difference Between Malvertising and Adware

Learn more about what malvertising is in this article.

Malvertising is the use of online advertising to spread malware or other unwanted software. Malvertisements infect systems with malware by embedding malicious links into them. Malvertising is becoming a common way to spread malware because attackers can easily use legitimate advertising networks to display these ads on legitimate websites without compromising any websites, putting all users that regularly visit the website at risk of downloading and installing malware.

How Do Malvertisements Spread Malware?

Malvertisements spread malware by redirecting users to websites that distribute malware, Trojan horses, spyware, or ransomware, or by trying to directly download malware onto the user's device. Malvertisements are usually deceptive and mislead users of their true intent.

Some malvertisements can even infect computers just by clicking on them and not manually running any downloaded files. These exploit vulnerabilities in web browsers and operating systems to perform a drive-by-download and are much less common than the first method. Although they are quite rare in modern web browsers and operating systems, it is possible for users to get infected by visiting a webpage that hosts a malicious ad as it may automatically redirect the user without them clicking.

Malvertisements commonly display the following content below, do not actually give you what they claimed, and only download malware. This is why you should never click on ads for offers that look good to be true. Examples of content that is commonly found on malvertisements to encourage people to click include:

Fake warnings that their computer is infected with a virus and they have to download a software program to fix the issue, which is actually a fake antivirus program.
'Get rich quick' schemes and fake surveys.
Fake software or driver updaters.
Fake claims for a free gift card or discount on a product.
Products being advertised at a ridiculously low price. (e.g. an iPad that normally costs £300 being advertised for £100).

Malvertisements often have unrealistic promises, look unprofessional, and contain spelling, grammatical errors, or awkward phrasing. If you see an ad that looks like it has been rushed and has the characteristics above, it is more likely to be a malvertisement and you should avoid clicking on ads like this.

How To Prevent Malvertising?

Below are four steps for preventing malvertising:

Use a popup blocker. This will help prevent your browser from being filled with popups for ads that are designed to download malware onto your computer. That way, your browser will not be filled with popup windows from spammy ads. Most browsers have a built-in popup blocker that is turned on by default.
Use strong antivirus software and keep it up to date. Strong antivirus software will defend and protect your computer against malvertising by blocking malicious websites. It will also detect and remove any malware that you have got installed on your computer that it caught from a malvertisement.
Keep your operating system and web browser updated. Malvertisements sometimes exploit vulnerabilities in web browsers and operating systems to launch a drive-by-download on your computer, which will unknowingly install malware on your computer without your permission. Keeping your operating system and web browser updated will help keep your computer protected against any bugs or security holes that have been discovered by other users.
Never click on any suspicious ads. As stated above, if you spot any ads that make unrealistic promises, sound too good to be true, or look off, then they are more likely to be a malvertisement.

Difference Between Malvertising and Adware

Malvertising and adware are sometimes confused, but they are quite different. Malvertising is simply the use of online advertising to spread malware that harms computers. Malvertising attacks can come from ads on legitimate websites as it is possible for them to come up on legitimate online advertising networks.

Adware is a type of malware that displays unwanted ads on the victim's computer, often in their web browser, to generate revenue for the creator. Adware is always installed on the user's computer and often spreads through bundled downloads without the user realising that they were agreeing to install it. Malvertising does not always have to be installed on the user's computer. However, malware installed on computers can display malvertisements on the user's computer.