What’s that one thing that bugs you is online? Trust. Just how freely you browse sites like Amazon, Flipkart and others in the row is all about trust. We netizens, in silos, function along the rule of the thumb avoiding websites that appear to be dodgy or examine URLs and discard email from sources we don’t believe to be genuine. In spite of all this, we are still being subjected to threats which is definitely a hit for our web guiding principles. This is where you need to know about “Malvertising”? Yeah, it’s a portmanteau, but there’s a lot more to it.
The practice of injecting malware right into a genuine ad network on the web, targeting a wide range of users. The interesting angle is the very form of attack that its capable of throwing across a high proliferation of ad regulated networks, which further infiltrates the safety zone of otherwise trusted websites. As a user, you are being presented with little ads that appear right across websites and apps which otherwise seems to be perfectly reasonable. The trick is to pass through the initial screening and then go on to replace genuine with the harmful. The real intention here is to get the potential victims to click right on the ad redirecting them to a server that is infected. This is as easy you get to infect a device with malware. Thanks to Google, which alone offers for billions of ads regularly, which makes malvertising a dangerous threat.
Malvertising, adware and cellphones
Malvertising is the delivery module for malware, whereas adware is just another type of malware that merely functions to load ads on your screen. The question here is who clicks on such ads. People don’t click on such ads willfully. Then how does malware gets loaded on to your cellphones. Well, malvertising doesn’t really differentiate between willful and unwilful clicks. So, wherever an ad gets clicked without any safeguard, malware gets loaded.
Mobile games for instance. It’s pretty standard to be lost in an exciting game as you tap away on your screen and then accidentally end up clicking on an ad that is actually placed strategically as you are moving within the game menu. The very manner in which mobile devices are being put to use makes them a significant form factor to inject maladvertising all the way. Blame your fingers. They are readily adapted to scrolling, but when it comes to precision clicking, they fail miserably. The fact that its terribly easy to click on a wrong place in mobile is what mal-advertisers bank on. Think about it.
Just how many times you have been lured to click an add and presented with a multiple-choice quiz or a pop-up puzzle which will only allow you to move forward if you complete it. Any aggressive maladvertising campaign takes this to a whole new level altogether by resorting to ads that take up full screen, covering the back button on your touchscreen to trap victims invariably. Malvertising campaigns like KS Clean works with a silent downloading principle and the user is presented with just an OK button and no option to cancel or exit. Click on “Ok,” and unknowingly all administrative privilege has been allotted to the malware. Another such threat is RoughTed, that skillfully tricks antiviruses by generating a string of URLs, practically making it untraceable.
So, what’s web doing to shelter against Mal-advertising
More than eighty percent of Google’s revenue comes from advertising, and around ninety percent of malvertising on Facebook challenges the business model of ad network owners. On the other end, you have publishers who are also keen to block mal-advertising for good, as they earn a significant amount from their advertising schedules. This all goes back right to the first line of this write-up, where we mulled over Trust. The trust that people have in specific sites is likely to dwindle if they detect anything that is unsafe. As such, publishers and ad networks shall have to come together to stop mal-advertising for good. Google has already released a number of updates for Chrome to potentially block mal-ads which includes things like misleading user interfaces, iframe redirection, and under tab behavior.
However, at the very onset of 2018 Doubleclick network that happens to be the marketing platform of Google was charged with mal-advertising of cryptocurrency. That shows how the most advanced player in the digital space has its fair share of shortcomings. As such, addressing any such threats is a difficult ballgame for modern-day marketers, leave along digital marketers. Plugging the security loopholes is perhaps the only plausible argument as mal-advertising continues to devastate digital industry amounting to a loss of $1.1 billion each year (IAB Study).