RiskIQ Digital Threat Detection Data Indicates A Sharp Increase in Malvertising Trend
RiskIQ, the leader in digital threat management, today released its annual malvertising reportwhich indicates a sharp spike in malvertising in 2016, a digital threat that has become increasingly challenging for organizations to detect and mitigate. Delivered through ad networks such as Google and Facebook, threat actors use malvertising to propagate malware, ransomware, and scams (disingenuous advertising), as well as redirect victims to phishing pages and pages hosting exploit kits.
“Malvertising is so nefarious because it’s a direct attack on the lifeblood of the internet as we know it. Digital media marketing is what funds the ‘free’ websites we all know and enjoy online. The success of the internet and all the people that rely on it is inextricably linked to online advertising success and safety,” said James Pleger, threat researcher at RiskIQ. “Publishers, ad platforms, and ad operations teams need active visibility, forensic information, and mitigation capability to enable them to effectively detect and respond to malicious ads in the wild.”
Key findings in the report include analysis data on the following malvertising characteristics:
- % Increase in total malvertisements
- % Increase in redirections to phishing pages
- % Increase in scam detections
- % Increase in antivirus binary injections
- % Increase in malicious distribution systems
- % Increase in scareware and browser lockers
According to a report compiled by eMarketer, the worldwide paid media market, which accelerates every year, recently hit more than half a trillion dollars, and worldwide paid media spending is expected to reach $674 billion by 2020.
“Malvertising threatens this online marketing growth,” James said. “For example, users wary of malvertising will block all ads, hampering the success of the digital advertising industry. By the end of 2017, more than 86 million people are expected to use ad blockers*.”
RiskIQ mitigates the risk for digital advertisers and publishers through the company’s curated blacklist of malicious ads, intelligently scanned from over 2 billion pages and nearly 20 million mobile apps per day. This proprietary blacklist lets ad ops, brand managers, and security staff vet new demand sources and prevent malware within their ad infrastructure. The company’s advanced crawling infrastructure, which allows it to capture the entire ad, ad redirect chain, and creative sources, indicates which part of the ad-serving process was compromised and helps it identify the entity responsible.
Download the report for the full analysis, including the percent increase of each type of malvertising. For more information, please visit https://www.riskiq.com/blog/labs/malvertising-on-the-rise-again/ to learn more about how RiskIQ is working with brand, security, and AdTech professionals to mitigate digital threats and improve business.
* eMarketer, “US Ad Blocking to Jump by Double Digits This Year”
RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 80 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social, and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk, and take action to protect business, brand, and customers. Based in San Francisco, the company is backed by Summit Partners, Battery Ventures, Georgian Partners, and MassMutual Ventures.