Protecting Users and Ads from Malware
October 16th, 2009 | Published in Google Online Security
As part of Cyber Security Awareness Month, we're highlighting cyber security tips and features to help ensure you're taking the necessary steps to protect your computer, website, and personal information. For general cyber security tips, check out our online security educational series or visit http://www.staysafeonline.org/.
At Google, we always aim to provide users with useful, relevant information. Readers of this blog know that we also work hard to detect malicious content on the web and protect users from harm. But did you know that we strive for the same level of relevance, and work equally as hard to protect users, in our online advertising business?
The mainstream media has recently picked up on the topic of malvertising (malware-infected advertising). Google's Anti-Malvertising Team works hard in this area and would like to take this time to share some important safety tips. We work closely with the Anti-Malware Team to identify trends and improve automated detection systems. We also educate users, develop policies and act as a liaison between the online security and online advertising communities.
Whether you're a web publisher who accepts ads on your website, or a home user who enjoys browsing the wide variety of advertising-supported content available on the web, we expect the resources below will help protect you from malvertising.
What is "Malvertising?"
"Malvertising" = malware + advertising. Haven't heard of it? The terminology may be new, but we can all understand the concept. Although malware distributors have attempted to spread malware through online ads for years, ever-improving prevention and detection methods have made it unlikely for most Internet users to have encountered a "bad ad" firsthand. However, it's important to make sure that you (and your computer) are properly prepared in case you encounter any source of malware on the web — whether it is an infected ad, a hacked site, a dangerous link, or someone who is pretending to be someone they're not.
Anti-Malvertising.com
We created Anti-Malvertising.com earlier this year as a resource for all members of the online ecosystem. Anti-Malvertising.com contains tips designed for publishers, ad operations teams, and Internet users to help protect their websites, networks, and computers.
Tips for Web Publishers: Know Who You're Working With, Perform Comprehensive QA, & Have a Plan in Place
Anti-Malvertising.com includes a custom search engine to help individual ad networks, publishers, and ad operations teams conduct quick background checks on prospective advertisers. It indexes a variety of independent, third party sites that track possible attempts to distribute malware through advertising. It is intended to be used as one of the steps in a publisher's background check process.
In some recent cases, infected ads that had already been caught and publicized by security researchers have remained active within some advertising systems. Anti-Malvertising.com's malvertising research engine makes it easier for the online advertising and security communities to share information and collaborate to help protect users from emerging threats.
For more detailed guidance on the following tips, visit http://www.anti-malvertising.com/tips-for-publishers
- Pay close attention to all agencies and advertisers with whom you work.
- Perform due diligence by thoroughly checking prospective partners' references and credentials.
- Perform comprehensive QA on all ad creatives.
- Protect your own computer and website from infection.
- Be aware that various ad networks and exchanges may have significantly different standards for the prevention and detection of malware. No automatic detection system, however robust, can substitute for your own vigilance. However, we strongly advise against exposing your site to harm by using networks or exchanges without strong anti-malware security measures in place.
- Ensure your Ad Operations team has an incident response plan in place (for guidance, visit http://www.anti-malvertising.com/tips-for-ad-operations).
- Make sure your browser, operating system, software and plugins are all updated regularly (enable auto-updates when possible).
- Be aware that malware can be disguised as antivirus/antispyware software in order to trick people into buying or downloading it. Fake (and harmful) software of this kind is known in the web security community as "rogue security software." How to avoid getting tricked? Always research a company's reputation before downloading its software or visiting its website, and be wary of unexpected warnings from products you haven't installed yourself. You can view a list of some legitimate free security scans at http://www.staysafeonline.org/content/free-security-check-ups.
- Exercise caution whenever you're prompted to download an email attachment, follow an instant message link, install a plug-in, or download an unfamiliar piece of software.
In addition to providing visibility to advertisers, revenue to publishers, and information to users, the online advertising business model also enables anyone with an Internet connection to access an entire world of content for free. By increasing our vigilance as a community, we can help to keep online ads safe and preserve the wide access to information that advertising enables.