Malvertising - Malvertising refers to the use of online advertisements to disseminate malware. Recently, major websites Yahoo.com and MSN.com were targeted with advertisements that linked to malware sites. Clicking on these ads would take the user to a webpage that would then attempt to load the malware. Many of these ads are based on the “human interest” model. These ads are designed to engage your natural curiosity and get you to click on them. Examples include titles such as “...this one weird old trick,” “Camera man watches as giant python eats boy,” and “New diet pill takes GNC by storm!”
The best defense of course is to not click on these ads, but an easier solution is to install an ad blocking program. Unfortunately there are many fake ad blockers out there so here are a few trustworthy options:
AdBlockPlus – Doesn’t block all ads, it allows ads from companies that they advertise with.
Malwarebytes Anti-Exploit – Actively blocks attempts by webpages to exploit your computer.
uBlock Origin – More effective and customizable than AdBlock Plus.
Another scam we came across took the form of a webpage claiming “serious security threats might have been detected.” The website was providing this warning to “CenturyLink Customer” and they (the customer) should call an 800 number right away to deal with the threat. This webpage used things like the customer’s IP address and location in an effort to scare them into calling the number. Calling the number on the screen would put you in contact with a representative claiming to be from CenturyLink who then gives you a second number to call for help in removing the threats. If you call that number, a technician from a “remote support company” will then attempt to gain access to your computer via remote login session.
Giving an unknown person access to your computer is NEVER a good idea. In this case, the support call would have cost anywhere from $200-$500 depending on the length of the call! In addition to being scammed out of those funds, providing such a person with your credit card can give them access to your account. While connected to your computer, they will often install back doors for later access, key logging programs to get your passwords, and other malicious software.
What can you do about these kind of scams? As usual, your first line of defense is a solid antivirus product, but no software can replace a cautious user. Be careful about the sites you visit and the links you click on. Always check links by hovering your cursor over them to see where they go. Never open emails from people or companies you don’t know. Never give your credit card information over the phone. Never allow someone who calls you to access your computer.
Consider buying an antivirus program. While we have long been advocates of free antivirus programs (effective ones), paid antivirus programs offer greater levels of protection against more threats than their free counterparts. As the old saying goes, an ounce of prevention is worth a pound of cure. The best paid antivirus program we have used is Emsisoft Anti-malware. Contact us to get set up today!
If you have been the victim of a scam, there are several things you should do. To start with, if you have made a payment, contact your credit card company or bank right away to file a fraud claim. They will rescind the transaction and issue you a new card. Second, you should use another (safe) computer to update all your online account passwords. Third, contact us to remove any malicious software from your computer. Finally, don’t be afraid to call us if you’re unsure if you’ve been scammed or if you run across something suspicious. We’re happy to give input about whether your situation warrants concern or action.