Let it Snow, Let it Snow, Let it Snow
As I write this there is 4 inches of snow on the ground, traffic in and around town is minimal, school has been cancelled. Normal people are staying off the roads, opting to stay home and watch Netflix, surf the web, curl up with a good book, go outside and build a snowman. Today is a day I wish I was normal! But…. I’m at work, writing a newsletter.
Throughout the month(s), I gather articles of interest I can regurgitate into English and share in this newsletter. Today I’m reviewing an older article I saved concerning malicious advertising, or malvertising. The original article was written last June and can be found here: http://tinyurl.com/hesaglp. It originally appeared on Malwarebytes blog spot. If you’ve been following us, you will know that Comp-U-Talk is an avid fan of Malwarebytes. Malwarebytes offers a superb free utility for malware removal. I wish I could say I make money selling Malwarebytes, but I don’t. This recommendation is just that: A recommend, no commissions earned. You can trust this post.
Today I would like to share some scary numbers and some tips so you don’t accidently get swooped up in the numbers - which is a very real possibility if you are sitting at home, staying warm and surfing the net. So here goes:
1.3 Billion: Monthly traffic on MSN.COM which was hit by a malvertising campaign in early 2016.
70%: Estimated number of malvertising campaigns that deliver ransomware as a payload.
How: Advertisers bid to have their ads appear on popular web sites. Newcomers are offered special rates to gain their business. Not all agencies verify the legitimacy of every ad. Some sneak in by running legit ads in the beginning and then switch out the clean ads with malicious ads once the scrutiny period is over.
The technique: Drive-by Download. Web page design typically involves creating a series of frames. Standard frames would include a frame for the website banner, a frame for the menu system, a frame for the footer, a frame for the actual page content a frame for a picture. Frames can be visible or invisible, and that’s the problem. Drive-by Downloads are hidden in invisible frames - you won’t need to click on anything, you will automatically be redirected to an exploit landing page where your “ransomeware fun” will begin.
How to protect yourself:
1. Keep your system patched. This includes more than Windows updates, this includes updates to utility software like Java and Flash as well.
3. Enable click-to-play plugins on your web browser. Doing so will require you to click on a place holders to see the ad rather than allowing ads to automatically play. Directions for doing this for every browser, complete with pretty pictures, is available here: http://tinyurl.com/kwsmdhu
That’s it for this month. If you are worried about power outages during this inclement weather stop by and pick up a new battery backup. Bring your old/dead battery backup in and we will recycle it for free.
Stay warm and safe,
Because it made me laugh and I'm daydreaming of better weather!