The Dark Side of Adware: Measures Against Malicious Advertising Software. Cyber criminals can exploit weaknesses in the verification process of the advertising network or weaknesses in a user's browser to deliver dangerous links or malware. Especially SMEs should be more careful.
Adware or ad-supported software is not inherently malicious as a source of income for free service providers, although it has often become synonymous with malvertisement. Non-malicious adware collects data with the consent of the user. For example, users can consent to downloading the free version of an application that displays ads instead of the paid, advertising-free version. Companies that rely on adware to support their products or services include Google, Facebook, Skype, and Spotify.
How adware works
When a company chooses to use adware to support its software, the adware is bundled or integrated with the program itself. This enables the automatic loading of advertisements. Other companies buy advertising space that they want to market to the users of this program. The income generated from the sale of advertising space can be used to cover user and / or development costs. Some companies incorporate adware into their programs in such a way that the program cannot run until the ads are displayed. All ad blockers must therefore be deactivated in order to use the software. Adware often also collects personal information, tracks users' browsing habits, and sells that information to third parties.
The dark side of adware
The term adware is used broadly to describe adware programs that display malicious or abnormal behavior. When advertising software tracks user activity without consent, it is considered a form of spyware. Cyber criminals exploit vulnerabilities in the ad network verification process or vulnerabilities in a user's browser to display their own malicious advertising messages. Malicious advertising software can also create pop-ups, pop-unders, and persistent windows that enable drive-by downloads when a user visits an infected website. In cases where it is necessary to disable ad blockers, users are at risk of infection. It is known that some advertising software programs also block anti-virus programs from opening. Because some advertising software programs are legitimate and have no uninstallation procedures, antivirus programs may not be able to properly identify which programs are actually malicious.
Measures to protect against malicious advertising software
There are a number of measures that can be taken to address various aspects of malicious advertising software. These methods provide a stronger defense when used in combination.
• Use of an ad blocker: In many cases, a free ad blocker can be used to prevent ads from appearing in a browser. This eliminates the possibility of clicking on something malicious and prevents drive-by downloads.
• Use of ad-free premium versions of popular services: The easiest way to avoid adware is to pay for the service used. The majority of companies do not advertise premium subscription users, which helps prevent malicious advertising software from reaching users in the first place.
• Buying devices from trusted companies with reputable, built-in security: There have been numerous incidents where users who purchased inexpensive Android devices discovered that adware was installed in core files. These devices are particularly susceptible to infection and purchasing such devices should be avoided at all costs.
• Antivirus: Some antivirus can be used to block malicious adware, but many of them are not yet able to differentiate between legitimate and malicious adware. Antivirus programs can also be blocked by some advertising software.
• Adware removal software: These solutions allow you to clean up any unwanted programs on the device.
As with most threats, being aware of the risks involved is the best defense. Organizations need to understand the pros and cons of using adware to support software. As a result, users should be able to decide which programs are important enough to buy and which ones they can possibly do without to avoid the dangers of adware.
More at DigitalGuardian.com
Via Digital Guardian Digital Guardian offers uncompromising data security. The data protection platform provided from the cloud was specially developed to prevent data loss from insider threats and external attackers on the Windows, Mac and Linux operating systems. The Digital Guardian Data Protection Platform can be used for the entire corporate network, traditional endpoints and cloud applications. For more than 15 years, Digital Guardian has made it possible for companies with high data volumes to protect their most valuable resources using SaaS or a fully managed service. With Digital Guardian's unique policy-less data transparency and flexible controls, organizations can protect their data without slowing down their business.
Matching articles on the topic