Published on Computing & Communications Services (https://www.uoguelph.ca/ccs)

Home > InfoSec Blog - Protect Yourself from Malvertising

InfoSec Blog - Protect Yourself from Malvertising

January 4, 2016

One of the goals of the InfoSec team is to raise awareness on campus of new and emerging threats online. In this blog post we look at Malvertising – what it is and how you can protect yourself and your data.

What is Malvertising?

Malvertising is short for ‘malware in advertising’ and is a platform for spreading malware online using embedded ads in legitimate online advertising networks and websites. Malvertising typically infects a computer in one of two ways. The first is by tricking the user into clicking a malicious ad on a website or pop-up message. The second way, which is being seen more and more, does not require the user to click on anything, but instead the system becomes infected simply by loading the web page. This is called a ‘drive-by download’ and because this happens in the background, typically the user won’t even realize it is happening.

That may sound scary, but there are some simple and effective ways that you can defend against malvertising.

Tips to Protect Yourself and Your Data

  1. Disable or uninstall browser plug-ins that you don’t use, including Adobe Flash and Java.
  2. Adobe Flash and Java are the most commonly exploited browser plugins, so always keep them updated to the latest version. Better yet, configure them auto-update.
  3. Keep your web browser and all browser plugins updated. Again, use auto-update if it is available.
  4. Ensure your anti-virus software is updated and has the latest definitions.
  5. Consider using ad-blocker software or plugin with your browser. For example, NoScript for Firefox lets you choose which Web domains run scripts and applets in your browser. Google Chrome has an advanced setting which helps detect and protect against phishing and malware.
  6. While legitimate websites have been used for malvertising, it is still advisable to limit browsing to the well-known and reputable sites. Avoid high-risk sites, such as online gaming/gambling, pornography, and peer-to-peer/BitTorrent sites

 

Written by: Stephen Willem (Manager, CCS Information Security)

Image Source: Freepik [1]

Keywords: 
security attacks [2]
scam [3]
online security [4]

Our Vision

To be technology and knowledge solution leaders, partnering with University communities, enabling excellence in teaching, learning and research.

Our Purpose

Changing lives, improving life by enabling our community.

Our Core Values

Service Culture, Integrity, Individual Leadership, Teamwork, Agility, Communication

Find us on Social Media

  • RSS - RSS

  • YouTube - CCS – University of Guelph

  • Twitter - U of G CCS IT Service Desk

About CCS

Computing & Communications Services (CCS) is U of G’s central IT department, providing core IT services to the greater campus community.

Click4Assistance UK Live Chat Software

Source URL:https://www.uoguelph.ca/ccs/infosec/malvertising

Links
[1] http://www.freepik.com/free-vector/super-discount-online_797162.htm [2] https://www.uoguelph.ca/ccs/tags/security-attacks [3] https://www.uoguelph.ca/ccs/tags/scam [4] https://www.uoguelph.ca/ccs/tags/online-security