Presentation is loading. Please wait.

Presentation is loading. Please wait.

Group Session: Malvertising: How To Detect and Deal With Malicious Ads Mike Nolet admonsters Ad Ops 360 July 17 th 2008.

Published byLamont Truby Modified over 9 years ago

Similar presentations

Presentation on theme: "Group Session: Malvertising: How To Detect and Deal With Malicious Ads Mike Nolet admonsters Ad Ops 360 July 17 th 2008."— Presentation transcript:

1 Group Session: Malvertising: How To Detect and Deal With Malicious Ads Mike Nolet admonsters Ad Ops 360 July 17 th 2008

2 What are “Malvertisements”?  Malware Ads, or “Malvertisements”, when displayed attempt to install spyware or adware or otherwise hijack a user’s browsing session  Often ads are built upon legitimate ads from legitimate vendors  In other cases, entirely fake marketing campaigns, complete with functional sites, are setup as fronts for buying ad-inventory  Affecting publishers from the long tail to the top – Yahoo, MSN, AOL have all been caught showing malware ads

3 Why you should care  Do you want your users to see this when they come to one of your properties?  Not to mention that recently passed legislation could potentially hold publishers liable for malware ads shown on their sites

4 Examples  Some examples of legitimate advertisements that were modified to install malware:

5 Examples  An example fake website setup as a front for an online marketing campaign that served entirely for malware:

6 Examples  Tags with fake serving domain to appear like an agency adserving system:

7 How to Prevent Malware Ads  Use Common Sense On Direct Buyers  Who is the buyer? Does he have a known reputation?  Could this buyer realistically have a relationship with this advertiser?  Is the offer just too good to be true? Pre-pays, high CPMs, International focus  Check Malware sites – (msmvps.com/blogs/spywaresucks & mikeonads.com)  When Dealing with Ad-Network  Don’t work with a network whose reputation you don’t know  Don’t place tags that contain too many redirects  Make sure your ad-networks are educated and aware of the various scams that have come up

8 How to Find Malware Ads  What do you do if you receive a user complaint?  Ask for as much technical information as the user can give: screenshots, source URLs, page source  Find out the browser, timezone, country and IP address of the user  Do not push them away and assume that it is the user’s fault – angry users result in bad publicity and complaints with federal agencies, law enforcement and online advocacy groups  Try to emulate that user on your own property  Use public proxy servers to emulate foreign IP addresses  Install a tool such as Firefox’s “Tamper Data” to sniff URLs and look for suspicious behavior.

9 Useful Links  My Blog: http://www.mikeonads.com/http://www.mikeonads.com/  Spyware Sucks Blog: http://msmvps.com/blogs/spywaresucks/ http://msmvps.com/blogs/spywaresucks/  Tamper Data FireFox Plugin: https://addons.mozilla.org/en-US/firefox/addon/966 https://addons.mozilla.org/en-US/firefox/addon/966  Fiddler Debugging Tool: http://www.fiddlertool.com/http://www.fiddlertool.com/

Download ppt "Group Session: Malvertising: How To Detect and Deal With Malicious Ads Mike Nolet admonsters Ad Ops 360 July 17 th 2008."

Similar presentations

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.

Internet Safety Topic 2 Malware This presentation by Tim Fraser Malware is short for malicious software VirusesViruses SpywareSpyware AdwareAdware other.
What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via email, text message, online chat, blogs or various other.

What is Spam  Any unwanted messages that are sent to many users at once.  Spam can be sent via , text message, online chat, blogs or various other.
Understanding and Detecting Malicious Web Advertising

Understanding and Detecting Malicious Web Advertising
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
Chapter 7: The Web and E-mail1 The Web and E-mail Chapter 7.

Chapter 7: The Web and 1 The Web and Chapter 7.
Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.

Content  Overview of Computer Networks (Wireless and Wired)  IP Address, MAC Address and Workgroups  LAN Setup and Creating Workgroup  Concept on.
The process of increasing the amount of visitors to a website by ranking high in the search results of a search engine.

The process of increasing the amount of visitors to a website by ranking high in the search results of a search engine.
Project Summary Everybody’s Google is a web browser extension which mines personalized Google search results and redistributes them to extension users.

Project Summary Everybody’s Google is a web browser extension which mines personalized Google search results and redistributes them to extension users.
Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.

Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.
1 ETT 429 Spring 2007 Microsoft Publisher II. 2 World Wide Web Terminology Internet Web pages Browsers Search Engines.

1 ETT 429 Spring 2007 Microsoft Publisher II. 2 World Wide Web Terminology Internet Web pages Browsers Search Engines.
Phishing – Read Behind The Lines Veljko Pejović

Phishing – Read Behind The Lines Veljko Pejović
How to Protect Your PC Grayware Adware, Malware, Spyware.

How to Protect Your PC Grayware Adware, Malware, Spyware.
 Meaning of spyware Spyware is a program that can be installed on computers, and which collects small pieces of information about users without their.

 Meaning of spyware Spyware is a program that can be installed on computers, and which collects small pieces of information about users without their.
Teach a man (person) to Phish Recognizing email scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.

Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Promoting Your Website. Introduction “If you build it, they will come”

Promoting Your Website. Introduction “If you build it, they will come”
Todd Friesen April, 2007 SEO Workshop Web 2.0 Expo San Francisco.

Todd Friesen April, 2007 SEO Workshop Web 2.0 Expo San Francisco.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
Mobile App Monetization: Understanding the Advertising Ecosystem Vaibhav Rastogi.

Mobile App Monetization: Understanding the Advertising Ecosystem Vaibhav Rastogi.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.

Similar presentations

Ads by Google