Increasingly, people are finding search engines kinda suck now. This has been attributed, in part, to its sometimes inaccurate AI overlay and a glut of ads.
But here’s another fun thing for us to worry about: “malvertising,” or malicious advertising, which increased 42% month-over-month last fall, per CNBC.
Malvertising is when hackers use ads for phishing or to install malware; they look like any other, appearing when you search for something or read an article online, and often mimic familiar brands, like Amazon.
Jérôme Segura, senior director of research at Malwarebytes, told CNBC they not only target consumers, but corporate employees: In one incident, Lowe’s employees were tricked into clicking on a misspelled link to a phishing page.
Malvertising is not the same as adware, which is software that displays unwanted ads — including annoying pop-ups — on your device.
People trust and use search engines a lot, so it’s a great place for bad actors to mine for victims.
Plus, per Malwarebytes, hackers lost a preferred method when Microsoft began blocking embedded Office macros, which hackers could pre-program with malware that users would unknowingly download when downloading files.
That’s actually pretty tricky because, as aforementioned, there are just so many ads and they’re constantly changing across websites.
Security experts suggest maintaining updated software and browsers, and using antivirus software and ad blockers.
But one obvious way to protect yourself is to just not click on sponsored ads, which, let’s face it, are often pretty useless in search queries anyhow. If a company piques your interest, just look up their actual website.
If you do click, ensure the URL is where you meant to go, and not a misspelled fake.