Are You Aware of Malvertising?

Report suspicious emails in your LSE inbox as an attachment to phishing@lse.ac.uk

17 February 2023

ransomware-ge58d563c3_1920Most of us are aware of how malware can spread to personal devices through mechanisms such as phishing emails (if not, you can refresh your knowledge by checking other articles in our cyber security blog!).   

However, malvertising (malicious advertising, a name following malicious software’s designation as ‘malware’) is a lesser known but growing online threat. This is when online adverts are embedded with malicious code in order to spread malware which can compromise device security and steal personal information.

When an advert loads or a user clicks on an online advert, it can automatically execute the malicious code and infect devices. These adverts are often made to look like popular companies or reputable websites to trick users into clicking and can even be spread through legitimate and high profile websites, due to the way that advertising space is sold online. 

To protect yourself from malvertising, make sure you follow all our general cyber security recommendations. Here are some relevant tips: 

  • Keep your device’s operating system and antivirus software up to date. This will help protect you from the latest threats. 

  • Be cautious when clicking on adverts. Only trust those that you are certain are legitimate (or, better, use an ad-blocker where allowed/avoid clicking on adverts entirely). If you see a product that interests you, you can search for their website directly rather than through clicking on the online advert. 

  • Use trusted websites. As noted above, malvertising can be an issue even with high profile websites, but it’s less likely. You can manage the risk to some degree by ensuring that the websites you visit are legitimate. 

By being cautious and following these tips, you can reduce the risk of falling victim to malvertising.