Avast Researchers Identify a September Spike in Malvertising

Malvertising, a malicious advertising tactic, involves spreading malware through online ads or sometimes via browser push notifications. Cybercriminals craft these seemingly legitimate ads to infect unsuspecting users’ devices when they click on or interact with the compromised advertisements.

These criminals are adept at making their malvertising pop-ups appear authentic. Often, these fraudulent pop-ups mimic the logos of well-known antivirus companies, aiming to convince users they are seeing a legitimate notification. Typically, these alerts warn users of a virus on their computer or claim that their antivirus subscription has expired.

When users click on these deceptive pop-ups, they are often redirected to fake websites. These sites usually resemble simple phishing pages, asking users to provide personal credit card information under the pretense of renewing antivirus services. Scams can take various forms.

We have previously warned about malicious push notifications, and this quarter is no exception. This method remains popular with scammers due to its continued effectiveness, especially on mobile devices.

Current Examples of Malvertising

Malvertising manifests in several ways. Here are the two primary types observed this quarter:

Push Notifications

A prevalent form of malvertising involves pages that fall under the push notification category, often appearing as part of a redirect chain. These pages have multiple variations but share a common goal: to persuade the user to allow push notifications. These notifications are particularly effective on mobile devices, where they can be disguised as system alerts, such as missed calls or new text messages.

Social Media Ads

Push notifications aren’t the only effective tool for scammers. We’ve repeatedly reported that scammers exploit advertising space on popular social networks. This method is particularly dangerous because many users perceive their social platforms as safe and personal spaces. Scammers craft their ads to grab attention, often using catchy text or the faces of famous personalities. As a result, the success rate of these campaigns is quite high.

Another significant advantage for scammers using social media ads is their ability to precisely target and customize content for vulnerable users. As a result, users may gradually see their social media feeds saturated with these ads.

Malvertising often leverages well-known brands, such as Tesla, to create an impression of legitimacy. Part of the scam includes promising unrealistic investment opportunities through an ‘automatic robot’ that claims to invest and earn money autonomously.

These fake sites can take various forms, frequently imitating renowned media outlets like BBC News and others. These ads exploit the targeted advertising capabilities of social platforms, directing users to websites tailored to resemble popular news sites in different countries.

The landing pages in these campaigns often feature a registration form requiring users to enter their contact information. This data is then sent to the scammer, who subsequently contacts the user, typically by phone. The actual scamming effort usually occurs over the phone.

After completing these fraudulent forms, users can expect a phone call from the fraudsters.

How to Protect Yourself from Malvertising

To avoid falling victim to malvertising scams, we strongly recommend the following precautions:

1. Refrain from sharing personal information with individuals you do not know or cannot verify.
2. Never send photocopies of personal documents.
3. Do not provide printed credit card information.
4. Avoid giving out codes that would allow remote access to your computer.
5. If someone is remotely connected to your computer, do not log into your online banking.
6. Do not share or forward SMS bank authorization codes.
7. Never authorize a payment to someone you do not know.
8. Ensure you have an antivirus program installed on your computer.
9. Maintain low limits on your online banking accounts and increase them only when necessary to make a specific payment.

Get free access to our lifetime VIP membership. Join us here.