Navigating the Digital Landscape: The Rise of Malvertising and How to Stay Safe

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Neko Papez of Menlo Security guides us through the digital landscape and how to stay safe against malvertising.

Your responsibility is the security of your enterprise and ensuring that even the most widely used enterprise application, the browser, is secured. You know, better than anyone, that your users are still consumers when they are at work. Maybe your organization has shut down access to social media sites like Instagram or Facebook, or prevents shopping from Amazon, but users still interact with websites daily that either sell them products or serve them ads. Even granting access to legitimate news outlets that many users need to do their jobs means that they are targeted and retargeted by digital advertisements daily.

Those ads, and how they are served, are designed by digital marketers who have greatly leveraged the advantages of modern technologies. Today’s marketers know exactly who to target, how to reach them, and what content to serve to move a prospect from an interested party to a paying customer. With artificial intelligence (AI) access and adoption growing at breakneck speeds, digital marketers have what might be the most powerful tool in their toolbox to help them do their jobs effectively.

Thanks to AI, customer segmentation, personalized campaigns, and timed messages have become easier than ever. With tools like ChatGPT, as well as AI-based graphic design tools like Alibaba Luban, marketers can quickly produce highly effective advertisements that welcome potential buyers. Consider this statistic from Alibaba: Luban can create 8,000 banner ads every second.

But as with every technological advancement, there’s a dark side. In the world of digital advertising, that dark side is malvertising. It’s estimated that nearly one in every 100 online advertisements is currently malicious, which means that for your users, who still access advertisements at work, malvertising is now your concern, too.

The Rise of Malvertising and How to Stay Safe

Malvertising: A Highly Evasive Threat

You might be familiar with highly evasive threats such as HTML smuggling or MFA bypass attacks. We call them highly evasive because they use sophisticated techniques such as dynamic behavior, fileless attacks, and delayed execution to evade traditional security measures. They are designed to fly under the radar and bypass commonly deployed security found in your enterprise security stack.

Malvertising fits nicely into this category of highly evasive threats. These sophisticated attacks can be especially hard to detect by anyone – brands, advertising publishers, or internet users. And, because it’s a novel tactic, not many people know about it, so spotting it becomes even harder.

Malicious actors begin by infiltrating a third-party server to embed malware within digital advertisements, such as videos, banners, or even brand logos. Unsuspecting users who click on these tainted ads or images may either be redirected to a fraudulent site or immediately have malware installed on their devices. Once malware breaches a system, it grants bad actors vast capabilities to delete, modify, or encrypt data. These bad actors can even redirect internet traffic from legitimate websites or develop backdoor access routes to a network system.

Detecting an infected logo or suspicious URL is challenging, but not impossible. We’ll get into what your users can do to help prevent malvertising from entering your network in a bit, but there are also browser security solutions that use AI-based computer vision algorithms to analyze data in tandem – things like URL characteristics or a logo located where it should not be – resulting in identification of infected brand logos and questionable URLs.

AI-Driven Digital Advertising: Your Users Aren’t Prepared

According to Statista, and published by HubSpot, AI usage in marketing activities was estimated to grow from $15.8 billion in 2017 to $107.5 billion by 2028, with more than 80 percent of professional marketers integrating some kind of AI technology into their current marketing activities.

Further, according to a recent survey by CensusWide for Menlo Security, 54 percent of U.S. consumers believe that at least half of all advertisements on websites or social media are AI-generated. As noted above, from a marketer’s perspective, AI-driven campaigns can be highly efficient and yield impressive results. But these advances also offer unique avenues for malicious actors to exploit.

Interestingly, there’s an alarming disparity between users’ knowledge of AI usage in marketing programs and their understanding of the threat it poses. For instance, three-quarters of respondents understand that they can be infected by a link in a phishing email, yet 63 percent do not yet know they can be similarly impacted by clicking on a brand logo, despite an increase in impersonated brands such as Google or Microsoft. This becomes a major concern for enterprises as 81 percent of respondents noted they click on internet advertisements “to some extent”, while a shocking one-quarter do so “very often” or “always.”

Countering Malvertising

No website, advertisement, or brand logo is foolproof against malvertising. Even the most credible brands and websites we’ve all come to familiarize ourselves with are not immune to malvertising. And, as shown previously, internet users are not aware of the threat it poses. As digital landscapes evolve, users need to stay vigilant. Here are five guidelines to reduce the risk of malvertising:

1. Examine URLs Thoroughly: Hover over an ad to reveal the destination URL. Ensure that it hasn’t been tampered with by looking for commonly misspelled words and making sure that the URL matches the image being provided.
2. Inspect Logos for Authenticity: Watch for any irregularities in a brand’s logo, like image distortion or odd coloring, which could hint at a counterfeit ad. Also, make sure the logo isn’t an outdated version like that which was used by the Witchetty espionage group in the Microsoft example above.
3. Evaluate Advertisements’ Intent: Malicious actors often use direct calls to action, like “buy now” or “act now before it’s too late.” Approach such ads with skepticism. You can always find the same “great deal” by going to the website directly rather than clicking on an ad.
4. Adopt a Cautious Approach on All Sites: Even trustworthy websites can inadvertently host malicious ads. Always practice caution, regardless of the site’s reputation.
5. Limit Redirections: The more ads you interact with, the higher your risk. Each subsequent site you’re directed to might have laxer security so avoid using redirects where possible.

Remember, your users are just a handful of clicks away from exposing your corporate network to malware online; our own research has shown users are only three to seven clicks away from malware at any given time. As malvertising threats continue to evolve, it’s imperative that your users are educated and remain vigilant while practicing safe browsing habits. Teach your users to follow the guidelines for countering malvertising and reach out to your security partners to ID if they have visibility tools that can spot malicious logos, URLs, and ads on your behalf.