US is Ground Zero for Deceptive Ad Attacks

US is Ground Zero for Deceptive Ad Attacks

The United States is the No. 1 global victim of deceptive advertising-based cyber-attacks, new research has revealed.

A report from the Cheetah Mobile Security Research Lab shows that deceptive ads made up to 21% of the global alliance traffic in April of 2016, with Vietnam and Brazil following the US as top victims.

Deceptive ads appear while users are browsing certain websites. They typically work by showing a user fake alerts, notifications or warnings to trick or mislead the user into downloading unnecessary or harmful apps. A pop-up or message may display something like, “Your Android device has been infected,” or, “please upgrade your phone to the latest version.”

As such, once consumers catch on, the ads can cause irreparable damage to companies/brands, sometimes costing them up to millions of dollars to restore their reputation.

“Companies can waste millions of dollars and damage their reputations by being victims of deceptive advertising,” Cheetah Mobile said in the report. “Even Facebook recently pulled a big ad-tech project because of the increasing amount of bots and bad-quality ads.”

Cheetah found that 45% of deceptive advertising comes in the form of a fake virus-infected alert; 40% from a fake system upgrade alert; and 15% from fake critical vulnerabilities. The top apps associated with deceptive advertising: 360 Security, UC Browser and SuperB Cleaner.

Among these three categories, fake alerts for virus infections are the most common, occurring almost half the number of times. Only a few deceptive ads display fake critical vulnerabilities.

When it comes to app categories, tools and utilities—like security and power-saving apps—are the main victims, because most deceptive ads falsely warn users about a malware/virus infection or a dying mobile battery.

Based on analysis, Cheetah Mobile Security Research Lab found that porn websites are the main source of deceptive advertising. However, deceptive ads can also be found on game portals, file hosting services, and news websites. Some of these sources, like PornHub and XVideos, have no control of their ad content. So, when a user clicks on an ad, he or she isn’t directed to Google Play. Instead, the user receives an alert about a malware or virus infection and is directed to download the unnecessary app.

A main challenge in all of this is the fact that the content of deceptive advertising is not fixed. Instead, it varies, according to factors like region, time zone and language. Cheetah Mobile field tests show that conventional methods often fail to detect deceptive ads.

“Even the advertising alliance are victims of deceptive advertising, but they are ultimately responsible for and have an obligation to check the content of the ads on their sites,” the report noted. “Since deceptive ads mutate very frequently, almost in real time, it’s very difficult to promise the content of the ads without dedicated real-time detection.”

Photo © Lightspring

Source: Information Security Magazine