As part of Solutions Review’s Premium Content Series—a collection of contributed columns written by industry experts in maturing software categories—Grace Lau, the Director of Growth Content at Dialpad, shares some insights on identifying and preventing adware from affecting your company’s security.
At first glance, adware might appear to be the less-threatening younger sibling of ransomware and spyware. However, its increased prevalence over the last decade—coupled with a burgeoning remote working culture—means it poses a significant threat to private and professional cybersecurity.
This nefarious method of hacking that targets private user data and re-works devices into hackers’ advertising platforms may not lead to the same level of reputational damage or data loss as more well-known threats. Still, it’s quickly become a leading plight on devices we’ve come to rely on every day.
So what is the state of play regarding adware, and how can you keep your devices secure and adware-free?
What is Adware?
Adware, also known as advertising-supported software, is often malicious software used to display online adverts. Adware automatically displays irritating and intrusive ads such as pop-ups while users are on their devices, often imitating legitimate companies or promoting scams. Adware can infect desktop and mobile devices and has developed from nuisance to genuine threat. From Google themselves reporting that their 2015 survey found over five million infected users to Kaspersky’s assertion in 2021 that adware accounted for 48% of all malware, the threat it poses has been well documented.
How does adware infiltrate a device?
Adware developers rely on lax attitudes to cybersecurity to access victims’ devices. Businesses, in particular, can easily be tricked by the promise of discounts, accessibility, and free trials for legitimate products, as they look to match pace with competitors and lower overall costs. Whether they’re looking to reduce their VoIP phone cost or experimenting with an open-source management system, workforces with less stringent cybersecurity measures are at risk of accidental infection.
Adware typically infects a device in one of three main ways:
- Infection via download: Unfortunately, the presence of adware on your device could well be a problem of your own making. Adware developers go to great lengths to convince you to download their software, such as imitating a popular app or piece of everyday software. In some cases, they may also partner with a legitimate company or app, piggybacking on your download.
- Infection via exploit: A less-common but equally serious means of downloading adware. Adware infects the device when a user visits a compromised, less-secure website. Code on the site exploits gaps in your browser’s security to download the adware without your permission.
- Peer-to-peer sharing: Whether it’s receiving a file from a friend, ticking the wrong permission box, or developers using it to fund open-source programs, peer-to-peer sharing continues to be a common way adware supports itself on devices.
What is the purpose of adware?
Once the adware has made its home within a device, it sits in the background, waiting for the user to unknowingly click on one of the (often genuine-looking) display ads. An adware developer’s primary source of income is generated by you installing, clicking on, and viewing third-party ads.
Like legitimate web advertising, the adware can also track your search and browsing history to display more relevant ads, giving what a user sees as a greater sense of legitimacy. This might be in-app purchases for the product you’re using or a discount on an everyday service from a leading brand.
Adware might be used solely for promotion or as a means of collecting customer data. These are all increasingly essential metrics, and companies are experimenting with new ways to harvest them in the wake of Google’s decision to transition away from the use of third-party cookies.
Is all adware malicious?
Advertising is a part of the modern online experience. That is unlikely to change any time soon. Many wildly popular apps and online services feature significant advertising support, which is questionable. A legitimate app or product supported by advertising will always be transparent because they serve the user with ads, including display ads while in use. An ad-free version of the software may also be available for a fee, as is the model for many mobile games and market-leading apps. While these apps are rarely described as “adware,” there are many similarities between how they and the malware we’re discussing today access your device.
Malicious adware hides its true motive and purpose, offering your private information and device’s functionality as collateral for its advertising. From not-quite-illegal but annoying potentially unwanted programs, also known as PUP, to outright illicit software infiltrating your device, adware can cause significant harm if not quickly dealt with.
The line between harmless and harmful adware is thin, as legitimate adware can be a good way for developers to offset the cost of software development essentials such as rigorous automation testing. When users download the product, it may be used to collect marketing information or test systems, which can be used to offer better performance and personalized ads.
How to Protect Yourself and Your Business from Adware
It’s the ease with which adware can infiltrate devices that frightens both experts and users. With automation at the heart of our online experience, malware exposure levels are high. This is not to say you should lose faith in all advertising of legitimate products, but browsing and using apps safely in 2021 involves knowing how hackers exploit this trust to serve their interests.
In particular, businesses that have forgone traditional office structures but have failed to make up for it with further cybersecurity training run the risk of uninformed staff members quickly spreading adware and viruses throughout a company network.
In terms of solutions, implementing the following into your habits or professional cybersecurity guide is critical:
- Secure all of your devices, including mobile ones
- Only use legitimate, industry-approved antivirus and anti-malware tools
- Be selective about where you download files from
- Pick your adblocker wisely
- Download from reliable sources
- Read all apps’ full terms and conditions before downloading
How to remove adware from your device
Should you find yourself faced with an adware infection, here are a couple of quick fixes you can implement to get your PC or mobile device back to normal:
- Update your operating system: Developers are well aware of the growing adware problem and regularly include ways to eliminate threats in their routine updates.
- Clear your history and cache: Information stored on your browser may be the source of your adware issue.
- Delete unwanted browser extensions: Spotted a suspicious extension on your browser? It may be the source of adware.
- And in the future: Back up your devices! It’s always worth keeping a second copy of all your most valuable data.
Evading adware isn’t just about keeping your online experience irritation-free. It’s an essential step in improving your business’s cybersecurity and protecting your digital valuables.
- A Cybersecurity Guide to Identifying And Preventing Adware - February 10, 2022