Story image

Malvertising madness: New report reveals 1978% spike in phishing redirects

01 Feb 2017

The web lived through a massive spike in malvertising last year, but the numbers dictate just how far and wide the threats have spread.

A new malvertising analysis report from RiskIQ has shown that there has been a 1978.9% increase in redirections to phishing pages.

The huge increase in that and other types of malware has reached new highs, as attacks are delivered through popular sites such as Google and Facebook. These threats are becoming more pervasive and more difficult to detect and mitigate, RiskIQ says.

Alongside a general 132% increase in total malvertisements, the report found that malvertising has been used to propagate malware, phishing pages, pages hosting exploit kits, ransomware and scams.

The report also uncovered an 845.9% increase in scam detections, 22% increase in antivirus binary injections, a 25.8% increase in malicious distribution systems and a 58.1% increase in scareware and browser lockers.

“Malvertising is so nefarious because it’s a direct attack on the lifeblood of the internet as we know it. Digital media marketing is what funds the ‘free’ websites we all know and enjoy online. The success of the internet and all the people that rely on it is inextricably linked to online advertising success and safety,” says James Pleger, threat researcher from RiskIQ.

He says that publishers, advertising teams and platforms need to be visible, forensically informed and mitigated properly to deal with malicious ads in the wild.

 Worldwide paid media spending is set to hit $674 billion by 2020, according to a report by eMarketer, and Pleger says malvertising will severely threaten this market.

 “For example, users wary of malvertising will block all ads, hampering the success of the digital advertising industry. By the end of 2017, more than 86 million people are expected to use ad blockers,” he says.

RiskIQ mitigates risk by using a curated list of malicious ads, scanned from 2 billion pages and 20 million mobile apps per day.

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.