The FBI has told the American public to download an ad blocker in order to protect from online security threats, as cyber criminals use adverts to push ransomware and steal details.
The messaging is likely to upset many website owners, who rely on revenue from adverts to stay operational. However, there are ways to use an ad blocker and still support your favorite sites.
An ad blocker will provide protection against fraudulent advert, but won’t protect against more common phishing and ransomware scams, so we’d also suggest using password managers and antivirus software.
Cyber Criminals Using Adverts to Catch Out Users
In a statement from the FBI this week, the agency suggested that internet users download an ad blocker, as cyber criminals adopt more and more sophisticated ways to dupe victims into downloading harmful software or handing over their details.
According to the FBI, cyber criminals are purchasing adverts that appear in internet search results, usually masquerading as a legitimate business or service. As these adverts appear at the top of a search page, there is a high chance of an unwitting victim clicking on them, after which they will be redirected to a website which appears to be the real deal, but is instead a fraudulent facsimile of the authentic website. Here, the user will be prompted to download harmful software, or enter personal and financial information.
The FBI mentions that some of these adverts focus on financial services, especially cryptocurrency exchange sites, where users are prompted to log in to their account, unaware that the site isn’t the real deal. Doing so effectively hands over the keys to the user’s crypto account to a scammer.
How to Avoid a Fraudulent Advert
In its alert, the FBI gives some tips on how to spot and avoid these fraudulent adverts, including:
- Checking the URL before clicking on an advert. Hovering your mouse cursor over the link will reveal the actual URL – be vigilant for misspelt addresses, or odd looking suffixes.
- Instead of using a search engine, such as Google, to look for companies, enter the address into the browser address bar directly instead. Good advice from the FBI, but this one does depend on the user knowing the URL in the first place, and also not making a typo.
- Use an ad blocker. As the name suggests, these will block all adverts from appearing, meaning not only will you not be caught out by scam ads, but you also won’t see real ones.
Using an ad blocker may protect users from fraudulent adverts, but could also seriously diminish the online experience. Many websites rely on adverts to keep the lights on, and as such some will refuse to even let you visit the page if you have an ad blocker turned on. If you are using an ad blocker, be sure to add your favorite sites to the apps whitelist, which means that adverts on that site will be displayed, but you won’t be subjected to them elsewhere.
Staying Safe Online
The scams that the FBI has detailed in its latest alert are nothing new, but the delivery method of fake adverts is one that is increasing in popularity. Microsoft warned last month of cyber criminals using Google adverts to distribute ransomware, emulating official companies such as Adobe, Team Viewer and Zoom.
To help stay safe online, using and ad blocker as the FBI recommends is a good first step to protect yourself against these fraudulent adverts.
To go further, we’d also recommend using a password manager to ensure the creation of strong, secure passwords and avoid poor practice (such as writing your password down manually to remember it).
Antivirus software is also a strong tool in the defence against online threats. This software will warn when links look suspicious, as well as flag dubious files before downloading.
