Threat Report Finds Malvertising Accelerating Due To Weak Ad Market

Advertising has long been a vector for nefarious actors ranging from organized crime to a variety of other bad actors, but the proliferation of digital media and especially the programmatic advertising marketplace has given rise to increasing opportunities for purveyors of "malvertising" -- digital ads served to unsuspecting users that spread malware, compromise computer systems and harm consumers, publishers and platforms.

And while the magnitude has been difficult to benchmark, much less track, weakening advertising marketplace conditions are projected to accelerate the proliferation of malvertising, according to the first of what is planned to be an ongoing series of "threat assessment" reports published for the ad industry by the Trustworthy Accountability Group (TAG).

"Internet users remain largely unaware of the threat of malicious and low-quality advertisements on popular and trusted websites, social media platforms, and within search engine results because traditional cybersecurity training programs focus almost exclusively on the dangers of social engineering attacks via email and text messages - a gap that cybercriminals are increasingly using to their advantage," reads the first report in the series, "Exploiting Social Engineering Tactics On The Rise In Malvertising," which was published in July, but is being released broadly today by TAG.



The reports, which are generated by TAG's Malvertising Threat Exchange -- a group of both supply- and demand-side platform cybersecurity and threat assessment experts who come across new and evolving forms and purveyors of malvertising -- which meets monthly.

TAG plans to publish and distribute the reports quarterly, at least to start.

The first report reads more like a primer of the rapidly evolving malvertising marketplace, including a succinct glossary explaining the main methods used to propagate it.

In addition to malvertising, it defines related nefarious practices, including:

  • Social engineering: the use of psychological manipulation to deceive a victim into revealing personal identifiable information (PII) or allowing access to a computer system.
  • Phishing: a form of social engineering in which cybercriminals attempt to steal sensitive information or gain access to computer systems using fraudulent emails or other communication platforms by disguising as legitimate and trusted sources.
  • Multichannel phishing: the expansion of phishing to reach several channels of communication beyond email, SMS, and phone.
  • Search engine optimization (SEO) poisoning: a technique used by cybercriminals to boost the overall ranking of their malicious website to appear higher on search result pages, leading unsuspecting users to click on the site and potentially download malware or other malicious content.

While the report does not explicitly benchmark the magnitude or growth rate of malvertising, TAG Vice President of Threat Intelligence Mike Lyden told MediaPost that reputable cybersecurity industry experts estimate that overall phishing is expanding at rate of "35% to 50%" annually, and that malvertising likely is growing at an even faster rate, because the digital advertising ecosystem is so easily exploitable.

The new TAG report suggests 2023 will likely be on the high end of that growth spectrum due to the slowdown in the overall advertising marketplace, which creates more abundant supply opportunities for bad actors.

"Market conditions increase opportunities for bad ads," the report warns, adding: "The ad tech industry is seeing a slowing growth rate in global ad spending due to economic uncertainties, which may give cybercriminals more opportunities to enter the ad ecosystem and take advantage of the current market conditions."

Next story loading loading..