Story image

Malvertising madness: New report reveals 1978% spike in phishing redirects

01 Feb 17

The web lived through a massive spike in malvertising last year, but the numbers dictate just how far and wide the threats have spread.

A new malvertising analysis report from RiskIQ has shown that there has been a 1978.9% increase in redirections to phishing pages.

The huge increase in that and other types of malware has reached new highs, as attacks are delivered through popular sites such as Google and Facebook. These threats are becoming more pervasive and more difficult to detect and mitigate, RiskIQ says.

Alongside a general 132% increase in total malvertisements, the report found that malvertising has been used to propagate malware, phishing pages, pages hosting exploit kits, ransomware and scams.

The report also uncovered an 845.9% increase in scam detections, 22% increase in antivirus binary injections, a 25.8% increase in malicious distribution systems and a 58.1% increase in scareware and browser lockers.

“Malvertising is so nefarious because it’s a direct attack on the lifeblood of the internet as we know it. Digital media marketing is what funds the ‘free’ websites we all know and enjoy online. The success of the internet and all the people that rely on it is inextricably linked to online advertising success and safety,” says James Pleger, threat researcher from RiskIQ.

He says that publishers, advertising teams and platforms need to be visible, forensically informed and mitigated properly to deal with malicious ads in the wild.

 Worldwide paid media spending is set to hit $674 billion by 2020, according to a report by eMarketer, and Pleger says malvertising will severely threaten this market.

 “For example, users wary of malvertising will block all ads, hampering the success of the digital advertising industry. By the end of 2017, more than 86 million people are expected to use ad blockers,” he says.

RiskIQ mitigates risk by using a curated list of malicious ads, scanned from 2 billion pages and 20 million mobile apps per day.

NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
GCSB's CORTEX project scoops iSANZ Award
“I believe this award is particularly significant as it is acknowledgement from our peers in the information security industry and from across the private sector."
NZ firms lack cybersecurity confidence, HP survey says
Out of 434 of New Zealand’s small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.