Page 60 - Cyber Defense eMagazine August 2023
P. 60

Malware-as-a-service  and AI generated text and images are already accessible, meaning even attackers
            with little or no skills can create convincing ads and powerful evasive malware to boot. We’re expecting
            a big uptick in malvertising as a result.



            Best practices for avoiding malvertising

            Awareness of the risks needs to increase so that anyone online applies caution to clicking on adverts on
            any website – no matter how much they trust it.

            Some  people  may  be  shocked  to  learn  that  even  the  most  credible  websites  are  not  immune  to
            malvertising. Indeed, we recently found that the top three brands impersonated by malicious threat actors
            attempting to steal personal  and confidential  data over a 90-day period were Microsoft,  Facebook, and
            Amazon.



            So, how can consumers ensure they don’t become the victim of malvertising?


            First, it’s important to carefully check website URLs before clicking. This can be done by hovering your
            mouse over the advert until the URL appears. Threat actors can often use convincing domain names by
            replacing certain characters to trick the eye, but they won’t be able to use the actual domain of the site
            you think you’re clicking on. Therefore, meticulously checking links for discrepancies  is important.

            Second, web users should check the brand logo to see if it looks genuine. When logos are copied, they
            can  appear  stretched,  squashed,  or  pixilated.  This  could  be  a  sign  that  it’s  not  legitimate  –  large
            companies tend to have strict branding guidelines that malvertising attackers won’t necessarily follow.

            It’s also worth considering what the advert is asking you to do. Legitimate brands often place adverts to
            increase  brand awareness.  Malvertising  campaigns  do not care about these impressions.  They will be
            more direct, asking you to ‘click here’ or ‘buy now’.

            In this sense, it’s important to be cautious  of redirections.  If you do click on an advert and it takes you
            through to the site you expected, be aware that the more ads you click on the higher chance you have of
            encountering malware.

            Our research has found that you’re only 3-7 clicks away from malware online. And the growing prevalence
            of AI generated content online will only fuel highly evasive threats such as malvertising further.

            Ultimately,  the key is taking a cautious approach  to adverts. No website is immune  to malvertising.  By
            staying vigilant and always following best practices, you’re much more likely to stay protected.












            Cyber Defense eMagazine – August 2023 Edition                                                                                                                                                                                                               60
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   55   56   57   58   59   60   61   62   63   64   65