In a recent article, we discussed the growing trend of malware-infected advertising found on the Internet. We asked our readers if they had ever experienced malvertising. You answered:
• Yes (25%)
• No (25%)
• Don't Know (48%)
Commentary
Online advertising security has proven to be vulnerable and a target for cybercriminals. Once a user opens an infected ad, the malicious software begins its work and can potentially infect not just the device but also the organization's entire network system.
Avoiding malvertising is all about the browser. Users must keep their browser and any plug-ins that it uses (e.g., Adobe Flash or Java) up to date. Since plug-ins are often used to run the ads on a website, they can be a conduit for malware. It is advisable to disable plug-ins when you are doing a lot of random web surfing, as well as disabling plug-ins that you do not use.
Malvertising can infiltrate even legitimate websites. For this reason, it is important to keep your firewall software updated and running particularly when utilizing public Wi-Fi for your Internet access.
In addition, do not ignore danger alerts you receive from your browser or the notifications to update software. These actions may take a few minutes of your day to address, but can save you from significant security headaches in the future.
Employers can also consider a policy that prohibits personal use of workplace devices. Because much of an employee's random surfing is done for personal reasons, restricting this use will reduce the risk of infection.