Just a tiny FYI....
Here’s how a basic malvertising attack works:
-
A cybercriminal buys ad space on a website or from an ad network.
-
The cybercriminal supplies an infected ad to be displayed in the space they purchased.
-
The malvertising attack happens when either:
-
You click the ad, or...
-
The website loads the ad and your device is infected automatically. Many infected ads can attack you on their own, without requiring a click.
In reality, it’s often more complex than that. Due to the fragmented nature of online advertising, your browser needs to contact a variety of ad-related servers when it loads a website. One server delivers the online ads, another might play a video ad, and a third server might trigger a pop-up. This happens again when you click an ad as well.
Attackers can intercept these traffic requests from your browser and forcibly inject malicious code or divert your traffic somewhere else. This is how forced redirect ads work. During the online journey from your browser to the advertiser, the attacker intercepts your traffic and infects you with malware or sends you to an unwanted destination.
What’s the difference between malvertising and adware?
Malvertising is often confused with adware because both involve ads. The primary difference between the two comes down to the source of the attack. Adware is a type of malware that sits on your device and causes you to see ads you otherwise wouldn’t encounter. Conversely, malvertising ads are hosted on legitimate websites — there’s no need for the malvertising attacker to pre-infect your device before you’re shown a malicious ad.