Google, Twitter, Facebook Join Forces to Fight Malware
Top tech firms Facebook, Twitter, Google, AOL and digital marketing bureau, the IAB, have all banded together to form the Ads Integrity Alliance in order to fight cybercrime and malware, as well as ads that lead to counterfeit goods.
The announcement was made late last week by StopBadware, who were founded in 2006 in order to share real-time information about internet threats, such as malicious websites and phishing attacks.
The goal of the new association is to support this initiative by “identifying and removing bad ads from all corners of the web”. According to Google, the search company disabled more than 130m and 800,000 advertisers who violated both Google and their partner’s policies last year alone.
However, this has not proved to be fully effective as many of the scammers just go on to advertise elsewhere. It’s because of this, alongside the inability of law enforcement officials to act effectively alone, that the tech industry coalition has been formed. The new alliance will share info on “bad actors” and pass information to the relevant authorities on pertinent trends on malware and suchlike.
Whilst this may help Facebook and other social media channels fight the cause on ads within their own networks, it will do little to stop the continuously increasing amount of spam and scams that appear through people’s newsfeeds. This ever-growing problem is something that can only really be addressed through educating users on the issues, although Facebook has installed link scanners in an attempt to address the problem. However, as the infographic below shows, this isn’t working effectively enough.
Returning to ‘malvertising’, as it’s dubbed in the industry, these kinds of ads don’t just appear on search engines like Google, but are often placed on trusted websites such as The New York Times, (as reported by Trend Micro) which took the company over a day to actually notice.
According to ScanSafe and Cisco’s Mary Landesman, many popular websites have been inadvertently serving malicious ads to their visitors a lot in recent years. These include companies such as The London Stock Exchange, Hoovers.com, TheOnion.com, SpeedTest.net as well as plenty of other well-known names.
These ads are delivered in a variety of ways using various high-profile advertising channels and can include Flash or images which contain hidden code, leading to an infected PC for the end-user or redirection to a malicious website, which either delivers malware or engages the user in some form of scam.
Another example of malvertising was spotted last year by Patrik Runald at Websense in which Spotify was displaying a malicious ad to its users. “If you had Spotify open but running in the background, listening to your favo[u]rite tunes, you could still get infected,” he said at the time.
Malware, phishing, spam, scams – all of these things are designed to help the rest of us part with our hard-earned cash and propagate across the web on a constant basis. For many years security experts have warned that security vendors, researchers and authorities are losing the growing battle to fight cybercrime; let’s hope the new alliance will help to combat the issue, eventually.
However, bear in mind that the UK authorities have so little clue as to how to go about really fighting cybercrooks that it was reported yesterday that they spend £640 on combatting online criminal activity. Whilst this may sound reasonably impressive, the majority of this is spent on anti-virus products and surveillance, with only £10m being used to actually catch crooks that operate online.
Infographic courtesy of Marketing Pilgrim.