Stop Malware from Ads

What You Click is Not What You See – Securing Your Business – Part 2

We all love the WYSIWYG (what you see is what you get) aspects of some parts of the internet and apps. But, what about when you don’t get what you expect?  What about when what you click on is the old Trojan Horse?

Last month we talked about phishing and how it can affect your business.  Today we are going to talk about another devious method of infecting your computer, one that might even turn your computing device into a bot (and not the cool type like R2D2). And that negatively affects your business.

Quite a few years ago now, when someone “hacked your pc” it usually meant the computer ran like crud, if at all, as the intention was to screw with you.  But, current malware designers are smarter. They hide in plain sight.  The truth is, that nowadays, most people have malware and do not even know it.  Even anti virus software is estimated to miss up to 70% of malware infections.

Scammers Love to Advertise

According to reputable sources, between one third and one half of all malware is now delivered through online advertisements.

What!!!!

The worst part is, they aren’t always at the place where the ad goes, they are just as likely to be embedded in the ad.

You see, some wise hacker found out how to embed malicious code into some images, which, fortunately, has been mostly dealt with.  But, too often ads are accompanied by scripts.  And those scripts can have a lot of things in them, some good and some bad.  And because many advertising networks let companies use scripts to either serve or accompany the advertisement, it opens up the door for the script writer to do some of the bad things.

If you look at online advertising companies, they will tell you they do not allow these things.  But, their systems are mostly automated, with minimal human intervention.  Heck, the hacker might even run some clean ads first, and then sneak in some dodgy ones once the company trusts them.  This has gone beyond simple ads, as even some more reputable websites have tried it in recent months, as well as app developers.

So What Do They Do?

There are still some older style malware that take your contact list, put on a keylogger to grab passwords, and many of the other things that hackers have always done.

But, the biggest aim in 2018 is to turn your computer into a bot, or a zombie.  A zombie is a bot that is asleep most of the time, and only turns on when needed.  It makes this type of bot harder to find.

The biggest thing for bots to do lately is to mine bitcoins and other cryptocurrencies.  They use your computer, and thousands of others to make a giant bitcoin farm.  And your computer (or phone) constantly works for them, wasting power on your end, and making the malware maker money.  Unfortunately, even some businesses you would consider reputable have joined the game.  Fortunately, most of them were outed earlier this year and have ceased the practice. (We have decided not to grow the angry mob here, as the companies have been confirmed to have fixed the issue)

If they are not mining bitcoin, they are usually waiting for instructions on what to do.  When you hear about websites being taken down by attacks like DOS or DDOS (distributed denial of service), these are usually done with bots.  Your computer sits silently until the time comes.  And when it gets its instructions, it and thousands of others get to work, attacking the target.

And when they are done, they go back into hiding.

These are just a couple of examples of what these types of attacks do.

What do These Ads Look Like?

The bad ads are mainly images, though it can be text ads in some cases.  Many stick out, and should be avoided.  So let’s take a look at some of the categories of ads we probably don’t want to get anywhere near.

  • Any adult advertisement
  • Any ad that sells anti virus
  • Any ad that tells you your computer is infected (sometimes they do a good job of making these look like they came from your computer)
  • Any ad that tells you they can extend the battery life of your laptop, phone
  • Any ad that says you have won something
  • Any other ad that you find it hard to take at face value

If you really want one of the things in these ads, go find them directly.  An even better idea is to keep them from your computer all together.

How Do I Keep Them Away?

As more and more ads invade the internet, ad blockers for your web browser have become more and more popular.  They make the web a nicer place to look at and keep a lot of potentially malicious code at bay.

This has become a controversy recently, with some sites blocking access to people with ad blockers.  It usually does not last long, as the site’s traffic takes a nose dive, then the value of the ads for those who do see them lessens.  But, the nice thing with the ad blockers, is if you have a site you like and trust, you can click a button and allow that site to show you ads.

A couple of ways people keep ads off their computers:

  • NoScript – Very effective, this blocks all scripts from sites, and will break a lot of sites.  Do not use this unless you really know what you are doing.
  • Ad Block Plus – The most popular ad blocker, it blocks most ads.  It does allow some ads from trusted sources, which you can turn off if you like.
  • Ublock Origin – Goes a little further than Ad Block Plus, and blocks a lot of additional known tracking cookies and scripts.

I gave you websites for these, but you would actually download them from the extensions area inside of your browser.  The add-ons above are only some options, you have other things like Ghostery and the EFF Privacy Badger that also help in this regard.

Stay Safe Out There

Today we took another small look at securing your notary business.  Again, it is nothing too hard, just using some common sense with what you click.

View every ad with a bit of skepticism.  Don’t let an ad scare you into a rash decision.  Don’t go near ads that sell skeevy stuff.  And if you want to go a step further, use browser tools to help you protect your privacy and security while online.

Because if you are going to mine bitcoin, better to do it for yourself than for somebody else.

Don’t Miss the Rest of the Series:

  • Phishing – Securing Your Business Part 1

Sunshine Signing

Get Any Document Notarized Right Now! Let’s Start!

Go with the Industry Leaders for over 15 years. Mobile, Online, Remote, Sunshine Gets the Job Done Right…

Get in a Word

Thank You for Commenting