Pop-up ads and malicious banners are two more types of Malvertising attacks that cyber-criminals are using to spread viruses and malware. 

Pop-up ads

Pop-up ads or pop-ups, in their legitimate form, are often used for online advertising. Generally, JavaScript is used to open a new web browser window, which is then used to display the advertisement.

Many websites use pop-ups to display information without disrupting the page currently open. For example, if you were completing a form on a web page and needed assistance, a pop-up would provide extra information without causing any previously entered information to be lost. Some web-based installers, such as the one used by McAfee, use a pop-up when installing software.

Certain types of downloaded content, such as images, free music, etc; can cause pop-ups, and therefore should not be trusted. Clicking (even accidentally) on one pop-up may lead to other pop-up ads opening. Pornographic sites, in particular, can fill your screen with pop-ups (called a “pornado” or “porn-storm”, as coined by John C. Dvorak).

Pop-under ads

Pop-under ads are similar to pop-up ads, but the ad window appears hidden behind the active window rather than as an overlay. As pop-up ads became widespread and took up whole computer screens, many users became savvy and immediately closed the pop-up ads without looking at them. Pop-under ads do not immediately interrupt a user’s ability to view website content. They usually remain unnoticed until the active browser window is closed or minimized, meaning that the user’s attention is free for the advertisement. 

Fake cancel buttons

Users of websites and web applications continuously experience unwanted pop up ads. Generally, users respond by dismissing the pop-up using the “OK” or “Cancel” feature of the pop-up window.  Hackers depend on this typical response, and create on-screen buttons or controls that look similar to an “OK” or “Cancel” option, however, when these “simulated buttons” are clicked, unexpected or unauthorized actions take place (such as opening a new pop-up, or downloading a malicious file onto the user’s system).

Users may believe that they are simply acknowledging an error report from the computer’s operating system, or dismissing a seemingly innocent advertisement pop-up, however, clicking on a fake button, may result in the “supplier” claiming that the user “consented” to the download, even though the user was, in fact, unaware of having started an unwanted or malicious software download.

Because the technologies for web development and design allow an author to draw any kind of “simulated” cancel option imaginable, some users refuse to click on or interact with any item inside a pop-up window whatsoever.

Malicious banners

Snazzy banner ads on websites can seem annoying, with all their bells and whistles asking you to “click here!”, but most of us tolerate the ads because we know it helps to keep web content free of charge. However, hackers are using banner ads as a vehicle for targeting your computer and your sensitive information.

A popular scam directs you to an infected site where a pop-up window appears saying that an antivirus scan has found viruses on your computer. You are instructed to “click here” to remove the virus. However, it doesn’t clean your computer- it loads malware instead.

This type of malvertising is very difficult to detect. It’s not the website that gets hacked, or even the advertising platform that gets hacked; the advertising platform is simply being used to spread viruses.

Stay tuned for some tips on how you can protect yourself from malvertising attacks.