Beware these common ‘malvertising’ attacks

Think about the last online ad you clicked…

Did you just assume it was genuine?

If you said yes, you’re not alone – and this is exactly what scammers are counting on.

“Malvertising”, or malicious advertising, is where scammers use online ads to trick you into downloading malware (malicious software), sharing sensitive information like passwords, or even handing over money.

These attacks are becoming more sophisticated, and they’re a growing threat to businesses of all sizes. Worse yet, you don’t even need to click on these ads to become a victim; just loading the ad in an out of date browser can be enough to compromise your device.

The three most common malvertising techniques are known as scam malvertising, fake installer malvertising, and drive-by download malvertising. Here’s a little more about them:

  • Scam malvertising is where an ad claims that your computer is infected and urges you to call for support. Once you do, the scammers convince you to install software that gives them control over your system. Then they charge you to “fix” the fake issue.
  • Fake installer malvertising often uses ads that lead you to cloned websites of brands you trust. You download software, thinking it’s legit… but, instead, you’re downloading malware onto your device.
  • Drive-by download malvertising is where ads infect your computer without you even clicking on anything. This type of malvertising exploits outdated browsers and installs malicious files or extensions automatically.

Recognising these scams is the first step to keeping your business safe. If you see an ad claiming you’ve been hacked or urgently need to act, stop and think: How would this company even know anything about your computer?

Also, make sure you double-check links before you click. If the link isn’t sending you to a legitimate domain, steer clear. And most importantly, make sure you’re running the latest version of your browser, as updates patch vulnerabilities that malvertising often exploits.

Don’t forget to share this knowledge with your employees, too. They’re your first line of defence – and training them to spot suspicious ads can save your business from serious trouble.

Scammers want you to trust without thinking. But a healthy dose of scepticism can make all the difference. Next time you see an ad that feels wrong, trust your gut… and ask yourself if it’s safe before you click.

Want to train your team to protect your business from malvertising and other online scams? We can help, get in touch.

Past Blogs

Cyber Essentials vs ISO27001

Cyber Essentials vs. ISO 27001: What’s the Difference and Which Is Right for You?

Cybersecurity certifications come in many shapes and sizes, but when it comes to choosing the right framework for your business, the decision often boils down to Cyber...
Overconfident employees: Your hidden cyber security threat?

Overconfident employees: Your hidden cyber security threat?

Your team are smart, right? They’d never fall for a scam email or click a suspicious link. At least, that’s what they think. Here’s why overconfidence could spell...

DMARC & DMARCBIS

What They Are, Why They Matter, and What Business Owners Need to Know If you’re a business owner, chances are you rely on email every day—whether it’s communicating...
Could automation save you from spreadsheet headaches?

Could automation save you from spreadsheet headaches?

Spreadsheets slow us down and are too easy to mess up. So, what if I told you there’s a better way to handle data in your business?

Did you notice Incognito mode’s improved privacy?

Did you notice Incognito mode’s improved privacy?

If your team use Google Chrome’s Incognito mode, you probably assume your browsing is private. But until Microsoft spotted this big flaw, your info could be shared...
Copilot could soon auto-open in Microsoft Edge

Copilot could soon auto-open in Microsoft Edge

Is Edge your business’s browser of choice? Microsoft’s thinking of automatically opening Copilot when you use it. It could boost productivity, but there are privacy...
How concerned should you be about cyber attacks?

How concerned should you be about cyber attacks?

You’ve probably heard a lot of talk about cyber attacks but how worried should you really be? Well, very, because cyber criminals are getting smarter. We have good news...
How to create secure passwords

How to create secure passwords

Weak passwords are one of the biggest security risks to your business. Why? Because cyber criminals are getting smarter than ever before. If they manage to crack just...
Businesses are taking too long to fix vulnerabilities

Businesses are taking too long to fix vulnerabilities

If you knew your systems were at risk of attack, you’d jump in and get things locked down fast – right? Actually… many businesses take too long to fix vulnerabilities....
What Are CyberSecurity Services

What are Cybersecurity Services?

What are CyberSecurity Services ? In our digital world, the question of what cybersecurity services are is more relevant than ever. As businesses across the UK rely...