Malvertising: An attack that could be easily avoided

As if online advertisements were not enough of a nuisance, a sinister variant is gaining traction.

Fraudulent and malicious advertising – known as malvertising – is among the sneakier threats discussed in the latest set of guidelines released Tuesday by the Online Trust Alliance (OTA), a nonprofit community formed to promote safe internet practices.

Malvertising is a lesser known attack method that is quickly gaining momentum, and it is exactly what it sounds like: online advertising used to spread malware. Ne’er-do-wells are able to distribute the compromised ads to genuine websites by using fraud identities, web hosting accounts and email addresses to trick companies.

What happens next is pretty standard: An unsuspecting user clicks on the advertisement, unknowingly downloads a piece of malware, and consequently begins experiencing any number of problems that might be spurred by the malicious attachment.

SOURCE: scmagazine.com

Information Security Buzz