Why Do I Keep Seeing The Same Ads On Multiple Websites?

This is the result of an online advertising approach known as site retargeting which tracks your online behavior to offer you targeted advertising. At first glance, this may seem like it is posing a security threat, but there are assurances that tracking is done anonymously.

Site retargeting is based on a pretty simple concept. Whenever you visit a website that may want to show you an advertisement, it puts a digital tag called a cookie on your browser. Then, when you visit another site with an area to display paid advertising, the information on that particular and other tags is used to choose an advertisement you would likely be amenable to click or watch. The hope is that, while you may have missed an opportunity to purchase an item once, you may be more inclined to complete a purchase at a later date.

If you don’t appreciate being such a target for advertisers, there are ways to block and delete cookies and to stop ads from reappearing. To delete existing cookies on your browser, choose the option to delete cookies under the settings. Also, if you see an icon that says AdChoices next to recurring advertisement, you can click that icon to stop the reappearance of that particular ad. Most browsers also have a Do Not Track option in their settings, which prevents your browser from being tagged in the first place, but that also means you can’t save passwords or use other tools that are also dependent on cookies. You could also surf the web in private browsing mode (accessible through your browser’s settings) or use an ad-blocking service like Ghostery or AdBlock Plus.

Internet Security: Beware Of “Malvertising”

Michael Menor is Vice President of Support Services for Tech Experts.

As if Internet use wasn’t already troubled with cyber perils, users now have to add “malvertising” to the list of things from which they need to protect themselves.

“Malvertising,” like the name suggests, means “ads that contain malware.” Some mal-ads aren’t dangerous unless you click on them – but others can do “drive-by downloads,” sneaking their malware onto your computer simply because you’re viewing the page on which the ad appears.

While most malvertising is on websites, it can also show up on other ad-displaying apps, such as Facebook, Skype, some email programs, and many games.

The reason that malvertising is more of a problem than other malware approaches is that it can be spread through online advertising delivery networks like Google DoubleClick to legitimate sites that users routinely visit, like the New York Times, Huffington Post, and Yahoo, as well as routinely-used mobile apps that show ads. Malware-bearing ads can be “injected” either by hacking ads at the provider end or by buying and providing mal-ads. In most cases, there’s no way for a user to tell just by looking that an ad has been compromised.

The Potential Damage
The dangers of advertising-delivered malware are the same as those from malware you get any other way. Malware can steal account usernames and passwords, bank and credit card information, and other sensitive data.

It can encrypt your data and “hold it for ransom.” It can, in turn, infect other computers on your network and turn your computer into a “zombie,” spewing out spam and malware to the Internet.

July_2015_MalvertisingLike other viruses and malware, malvertisements take advantage of security vulnerabilities on users’ computers and mobile devices. These may be anywhere from the operating system, to web browsers and other applications, to add-ons and extensions like Java, JavaScript, and Flash.

How do you know if your computer has been infected by malware? One sign is that your web browser shows unexpected pop-ups or seems to be running slower. But many malware infections remain “stealthy,” possibly even eluding anti-malware scans.

Legitimate ad creators and ad delivery networks are working on ways to detect and prevent malware from getting into the digital ads they serve. Otherwise, people have even more reason to not look at ads or block ads entirely.

But, assuming it can be done, this won’t happen for a year or more. The burden is on companies and individuals to do their best to protect their networks, computers, and devices.

What Can Companies and Users Do?
Although malvertising is a relatively new vector, the best security practices still apply; if you’re already doing things right, keep doing them. But what does “doing things right” look like?

  1. Avoid clicking on those ads, even accidentally.
  2. Maintain strong network security measures. Next generation firewalls at the gateway can often detect malware payloads delivered by ads, block the ads entirely, and/or detect communication from already-infected devices.
  3. Regularly backup systems and critical files so you can quickly restore to a pre-infected state if your systems and data are compromised.
  4. Deploy endpoint security software on every device so that it’s protected on and off the network.
  5. Ensure that all operating systems and client software (especially web browsers) are fully patched and up to date.
  6. If you suspect a computer has been infected, stop using it for sensitive activities until it’s been “disinfected.” Again, many security appliances can help you identify and quarantine infected devices.

It’s unfortunate that even more of everyday Internet use is potentially unsafe, but the steps to fend off malvertising are essentially security precautions that companies and individuals should already be following.