- Not all online ads are bad, but many do have malicious intent.
- One wrong click can jeopardize your privacy and online security.
- It’s important to take action and protect yourself from harmful online ads.
Online ads commonly show up in your search results or pop up when you’re navigating the web. While not all online ads are bad, many are crafted with malicious intent and can jeopardize your online security. This is called malvertising.
Many fraudsters use ads as their method for targeting victims. They purchase advertisements and manipulate users into thinking they’re clicking on something safe, while they’re actually opening up their device to harmful software. Luckily, with the right knowledge around malvertising and understanding some cyber hygiene best practices, you can help protect yourself from malicious ads.
What is malware?
Malware is a type of software created by cybercriminals with malicious intent to steal your information and/or damage your device. Adware is a type of malware used when the attack is done through ill-intended advertisements.
Adware is often generated from software that’s already installed on your device, such as through bad browser extensions. Ads may appear within the search results of your browser or as a pop-up.
Are all online ads bad?
Not all ads are bad. However, users should always be careful when interacting with advertisements during their online journey.
Ads are often identifiable if they are a pop-up or labeled “Ad.” For example, ads usually appear at the top of your search results with “Ad” on the left-hand side.
Sometimes you don’t even need to open an ad for it to cause harm, which is the case with “drive-by downloads.” These infect your computer with spyware/malware just by navigating the website or when the infected page starts to load.
How do malicious ads work?
A large number of ads are submitted every day to advertising networks, including some that are created by fraudsters. Because of how many ads are submitted (often through third-party platforms), it’s difficult to vet them all. This allows bad ads to get through, even on reputable platforms.
In a malicious ad, a small piece of code is hidden, so when users click on it, they risk having malware installed on their devices. Users may also be directed to a malicious website. This usually happens invisibly and instantly in the background.
Malware consequences and concerns
One wrong click can cause an array of unfortunate events. Clicking on a malicious ad could lead to any of the following consequences:
- Grants a hacker complete access to your device and information.
- Allows a hacker to lock down your system and deny you access.
- Reveals your financial data, passwords, activity and other personal information to fraudsters.
- Puts your credit at risk by allowing fraudsters to run up debt in your name.
Note: These are only some of the common risks associated with malvertising. Users could experience other negative effects.
How do you protect against malware?
Ads are everywhere, but there are ways to help protect yourself against them. For example:
- Pay special attention to ads in the search results and avoid visiting suspicious websites.
- Make sure all browsers, operating systems, antivirus and anti-malware solutions are up-to-date.
- Investigate all browser extensions and make sure none of them are unknown or suspicious.
- Close browser windows not in use to limit the number of ads and pop-ups that can appear.
- Consider ad blocking software to help prevent clicking on malicious ads. (Note: The National Security Agency (NSA) has been using ad blockers since 2018, along with other government agencies to help ensure security.)
If you think you’ve already clicked on a malicious ad, there are some other steps you can take like performing an antivirus or anti-malware scan. You can also seek additional help, such as from First Republic Bank.
How can First Republic Bank help you combat malware?
First Republic supports the National Cyber Security Alliance (NCSA) and the Cybersecurity & Infrastructure Security Agency (CISA) in their efforts to encourage users to take an active role in practicing good cyber hygiene.
First Republic Bank has a dedicated Cyber Advisory Services Team within Information Security, offering complimentary cyber services, such as our Internet Security Health Check and Cybersecurity Awareness Sessions. If you think you’re a victim of malvertising, this is one way to take action. For help, users can contact firstname.lastname@example.org.