Popular browser linked to higher rate of malvertising attacks

Browser locker is the biggest threat to digital ad campaigns and it's far more common in one popular browser, according to a new report from AdSecure.

The report recommends marketers protect against malvertising attacks by regularly checking digital campaigns while they're live, not just at launch, because attacks can infect the redirection path at any time during an active campaign lifecycle, particularly in affluent regions. 

The report, the first of its kind from the digital security company, analysed malvertising, cybercrime, and digital campaign threats for more than 200,000 ad campaigns across multiple regions, devices and browsers between 1st January to 31st March.

“The biggest threat in Q1 2019 was clearly browser lockers, including push lockers, a new variation on this threat, distributed by bad actors who exploit a flaw in the push notifications opt-in process,” AdSecure product manager, Mat Derval, said.

AdSecure analysed data from a group of 10 tier one countries with security violations and browser locker was detected in eight out of the top 10 countries. It also found Australia came in sixth place behind the US, France, Argentina, Canada, and Belgium in terms of the volume of attacks within this group, which also included scareware, malware, phishing URL, cryptocurrency miner and unwanted program threats.

“Affluent populations are prime targets for cyber criminals. These richer populations are more likely to buy fake security or fake repair software when being redirected to tech support scams as well as being targeted by malware distribution attacks such as the Emotet banking trojan,” Derval said. 

In terms of the top five countries, browser locker was the biggest violation from a volume perspective, with the exception of Canada where it came second to malware attacks. In the USA and Belgium, around a quarter of violations were malware attacks, and scareware was the second most detected violation in France, Argentina and the USA.

AdSecure drilled down into which browsers on desktop and mobile and found Google Chrome, because it has high user numbers, was most often used to target browser locker activity.

“To a cybercriminal it is all about volume and Google Chrome is indisputably the most popular browser. The criminal doesn’t know how long he can get away with the attacks, therefore the life cycle of the attack could be short, so by targeting the world’s biggest browser he can maximise the revenue of the malicious campaign by exposing it to as many end users as possible,” Derval said.

AdSecure also suggests with Chrome being the dominant browser, the likelihood of an attack targeting Chrome users increases dramatically, so marketers should focus monitoring resources on campaigns frequently viewed on Chrome.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, join us on Facebook: https://www.facebook.com/CMOAustralia, or check us out on Google+:google.com/+CmoAu