AdSecure is exhibiting at DMEXCO, Europe’s leading digital tech event, with our partner, white-label ad serving technology solution, EXADS.
Continue readingBoost your ad quality with the AdSecure API Callback feature
AdSecure's powerful API Callback feature enables users to boost ad quality by promptly detecting and halting violations on the spot.
Continue readingMalvertising Trends in April to June 2023 and Cybercriminal Activity: AdSecure Violation Report
On this edition of AdSecure Violations Report we have a look at Malvertising Trends and Cybercriminal Activity in Q2 2023.
Continue readingLatest Ransomware attacks in ad tech: How to stop Ransomware attacks with AdSecure
Learn what is Ransomware, find our about the latest Ransomware attacks in ad tech, and how to stop Ransomware attacks with AdSecure!
Continue readingWhy is online brand safety important for online advertising?
Learn why is brand safety important and top tips for publishers to protect their brand safety at all times!
Continue readingWhat are Auto Downloads? How they can damage your online reputation with Android users
What are auto downloads? Auto downloads and malicious APK files pose significant threats to our digital security.
Continue readingMalvertising scams: Malware, Browser Locker and Scareware
Ad networks and publishers serving these Malvertising scams via malicious ads to end users, will suffer damage to their online brand.
Continue readingAd Security Alert! AdSecure's Violations Report 2022
AdSecure Violations Report analyzes over 296 million scans globally on 2022 to provide insights into cybercriminal malvertising behavior!
Continue readingMeet with AdSecure at TES Affiliate Conferences
Meet with Customer Success Manager Guandi Bai and Business Development Manager Jordan Franken at TES Affiliate Conferences.
Continue readingWhat is Malvertising? And how to stop it
Malvertising is distributed throughout the digital advertising ecosystem, here we explain what is Malvertising? And how to stop it.
Continue readingTech Support Scams increase as global prices soar
With the rise of global prices AdSecure is detecting more and more tech support scams as Malvertisers ramp up their activities.
Continue readingThreat Intelligence: AdSecure’s URL security checker
The AdSecure Threat Intelligence service acts as the first line of defense against cybersecurity risks in Ad campaigns.
Continue readingHow does the EU compare to the US for ad security in 2022?
Discover what cyber criminals did in the EU and the US during Q1 & Q2 2022, and get useful insights into ad security to protect the end user.
Continue readingDetection of Malicious Ad Campaings: AdSecure releases Q1 & Q2 Violations Report 2022
For AdSecure's Violations Report, we analyzed over 100 million ad campaigns looking for insights into cyber criminal behavior in Q1 & Q2.
Continue readingURL Phishing attack: Google WebRisk user security threat
A phishing attack is a user security violation detected by AdSecure which targets a user to trick them into revealing personal information.
Continue readingCryptojacking and How to Protect End Users
Cryptojacking is a User Security violation detected by Adsecure that Malvertisers use to take over an end user’s device to secretly mine cryptocurrencies through their browser.
Continue readingAd Security Violations in India 2021
As a prelude to our forthcoming Violations Report, we looked at ad security violations in India 2021. India has become one of the most popular targeted Geolocations for Malvertisers to target.
Continue readingAd Security Predictions 2022
Here are our ad security predictions for 2022 where we look at 4 big events from 2021, which will provide further opportunities for cyber criminals using the online advertising ecosystem to reach unsuspecting internet users with new, inventive ways of exploitation.
Continue readingMalvertisers are boosting their Malware and Phishing scams
In Q4 of this year cybercriminals were making the news headlines. Angling Direct's domain, website and social media accounts were compromised by hackers, redirecting users to an adult website; Electronics retailer MediaMarkt got hit by ransomware that demanded $240 million dollars after stopping its online shopping service in Belgium and the Netherlands. In Q3 AdSecure also saw some big spikes in user security violations as bad actors launched their Summer attacks. Malware detections increased by 1285.19% with the majority concentrated in July and August. Phishing detections also increased by 413.97%. Adware, Browser Locker and Scareware also increased 15.74%, 8.65% and 4.82% respectively, and now, in Q4 detections for these user security violations are still high. To demonstrate some tactics used by Cybercriminals, here are two examples of Malware and Phishing campaigns, both recently detected and stopped by AdSecure:
#1 Malware attack in Turkey
Cybercriminals used Discord's Content Delivery Network to host malicious payloads. Discord is a popular VoIP, instant messaging and digital distribution platform used by approximately 140 million people.
Users can organize Discord servers into topic-based channels in which they can share text or voice files. They can attach any type of file within the text-based channels, including images, document files, and executables. These files are stored on Discord's Content Delivery Network (CDN) servers.
However, many files sent across the Discord platform are malicious, pointing to a significant amount of abuse of its self-hosted CDN by bad actors who create channels with the sole purpose of delivering these malicious files.
Malvertisers use infected campaigns to target online gamers, luring them into downloading fake versions of popular online games that actually contain malware. The image below is the landing page of one of these malware campaigns detected by AdSecure on 3 November 2021. As you can see the text is in English, only the month November (Karim) is in Turkish. Additionally note that egyptian gamers is spelt incorrectly.
This campaign triggered an apk file that downloaded automatically to the user's desktop or mobile device. When we checked the auto-downloaded file we discovered that the file was detected as Trojan/Malware by 15 security vendors.
The files are often renamed as Gaming software or Google PlayStore games to trick end users, and the file stored on Discord's CDN used the link in the following format: https://cdn.discordapp[.]com/attachments/{ChannelID}/{AttachmentID}/{filename}
How did AdSecure detect the malware?
AdSecure’s Ad Discovery tool works by first detecting and then analysing all ads it encounters on web or mobile site pages, engaging with the ads as a user would, performing analysis both on the main site page, and by clicking on each ad — be it a banner, native, popup, popunder, etc — to detect any malicious activity a user might encounter in the redirection paths of this campaign and on any landing page the end users could be sent to. Once the violation was detected, AdSecure notified the client in real-time so the client's compliance teams could identify the campaign and ban the fraudulent advertiser from their ad network to prevent the bad actor from infecting more end users.
#2 Phishing scams using fake Lucky Draws
Phishing is often considered as the easiest way for financial gain for Cybercriminals. One method is through fake Lucky Draws from well known social media platforms. To show an example, AdSecure detected the following scam on an entertainment website in the United Arab Emirates in September. The ad showed up as a popunder.
The scammers used the Whatsapp logo and fake likes and comments on this landing page to fool end users into believing the lucky draw was legitimate. However, once the user spun the wheel to win a prize, they were asked to give away their personal information and credit card details to receive a prize. The victims only realized that they had been scammed after being informed by their banks about unauthorised transactions. The scammers also changed the URL 2 days later, to promote an adult dating offer. The landing page showed pornographic images which is illegal in United Arab Emirates.
How did AdSecure detect the phishing scam?
The client used AdSecure's API integration giving them a full malvertising and ad quality control system including the detection of adult content. Once the violation was detected, AdSecure's API integration allowed the client to reject, suspend or further monitor the ads, redirection paths and landing pages in real-time, giving the client full control over their ad supply chain. The ability to be able to use AdSecure’s Ad Classification tool enabled the client to detect that the malicious URL was displaying adult content, so it could be quickly removed from their ad supply chain, without which, it could have caused the website severe legal problems in their country as well as potentially for end users that viewed the pornographic landing page.
Conclusion
Cybercriminals use more sophisticated methods to lure unsuspecting end users into parting with personal and financial information via malware and phishing and other user security violations. With the ever increasing time that internet users spend online on a range of different devices, it is more important than ever to defend and protect end users against malvertisers. Publishers and ad networks have a duty to serve clean advertising and keep their end users safe. That is why it is essential that publishers and ad networks have a 360 degree ad security and ad quality solution like AdSecure as their first line of defense against cybercriminals.
Client Case Study: Complete elimination of Malware attacks
How AdSecure eliminated Malware attacks and ensured a 95% decrease in Browser Locker and forced redirect attacks for client Traffic Factory.
Continue reading