Popular browser linked to higher rate of malvertising attacks

Biggest threat to digital advertising campaigns revealed in new global security report

Browser locker is the biggest threat to digital ad campaigns and it's far more common in one popular browser, according to a new report from AdSecure.

The report recommends marketers protect against malvertising attacks by regularly checking digital campaigns while they're live, not just at launch, because attacks can infect the redirection path at any time during an active campaign lifecycle, particularly in affluent regions. 

The report, the first of its kind from the digital security company, analysed malvertising, cybercrime, and digital campaign threats for more than 200,000 ad campaigns across multiple regions, devices and browsers between 1st January to 31st March.

“The biggest threat in Q1 2019 was clearly browser lockers, including push lockers, a new variation on this threat, distributed by bad actors who exploit a flaw in the push notifications opt-in process,” AdSecure product manager, Mat Derval, said.

AdSecure analysed data from a group of 10 tier one countries with security violations and browser locker was detected in eight out of the top 10 countries. It also found Australia came in sixth place behind the US, France, Argentina, Canada, and Belgium in terms of the volume of attacks within this group, which also included scareware, malware, phishing URL, cryptocurrency miner and unwanted program threats.

“Affluent populations are prime targets for cyber criminals. These richer populations are more likely to buy fake security or fake repair software when being redirected to tech support scams as well as being targeted by malware distribution attacks such as the Emotet banking trojan,” Derval said. 

In terms of the top five countries, browser locker was the biggest violation from a volume perspective, with the exception of Canada where it came second to malware attacks. In the USA and Belgium, around a quarter of violations were malware attacks, and scareware was the second most detected violation in France, Argentina and the USA.

AdSecure drilled down into which browsers on desktop and mobile and found Google Chrome, because it has high user numbers, was most often used to target browser locker activity.

“To a cybercriminal it is all about volume and Google Chrome is indisputably the most popular browser. The criminal doesn’t know how long he can get away with the attacks, therefore the life cycle of the attack could be short, so by targeting the world’s biggest browser he can maximise the revenue of the malicious campaign by exposing it to as many end users as possible,” Derval said.

AdSecure also suggests with Chrome being the dominant browser, the likelihood of an attack targeting Chrome users increases dramatically, so marketers should focus monitoring resources on campaigns frequently viewed on Chrome.

Follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, join us on Facebook: https://www.facebook.com/CMOAustralia, or check us out on Google+:google.com/+CmoAu 

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments

Latest Videos

More Videos

Great piece Katja. It will be fascinating to see how the shift in people's perception of value will affect design, products and services ...

Paul Scott

How to design for a speculative future - Customer Design - CMO Australia

Read more

Google collects as much data as it can about you. It would be foolish to believe Google cares about your privacy. I did cut off Google fr...

Phil Davis

ACCC launches fresh legal challenge against Google's consumer data practices for advertising

Read more

“This new logo has been noticed and it replaces a logo no one really knew existed so I’d say it’s abided by the ‘rule’ of brand equity - ...

Lawrence

Brand Australia misses the mark

Read more

IMHO a logo that needs to be explained really doesn't achieve it's purpose.I admit coming to the debate a little late, but has anyone els...

JV_at_lAttitude_in_Cairns

Brand Australia misses the mark

Read more

Hi everyone! Hope you are doing well. I just came across your website and I have to say that your work is really appreciative. Your conte...

Rochie Grey

Will 3D printing be good for retail?

Read more

Blog Posts

How to design for a speculative future

For a while now, I have been following a fabulous design strategy and research colleague, Tatiana Toutikian, a speculative designer. This is someone specialising in calling out near future phenomena, what the various aspects of our future will be, and how the design we create will support it.

Katja Forbes

Managing director of Designit, Australia and New Zealand

The obvious reason Covidsafe failed to get majority takeup

Online identity is a hot topic as more consumers are waking up to how their data is being used. So what does the marketing industry need to do to avoid a complete loss of public trust, in instances such as the COVID-19 tracing app?

Dan Richardson

Head of data, Verizon Media

Brand or product placement?

CMOs are looking to ensure investment decisions in marketing initiatives are good value for money. Yet they are frustrated in understanding the value of product placements within this mix for a very simple reason: Product placements are broadly defined and as a result, mean very different things to different people.

Michael Neale and Dr David Corkindale

University of Adelaide Business School and University of South Australia

Sign in