Beware these common ‘malvertising’ attacks • Blisstech Solutions

Think about the last online ad you clicked…

Did you just assume it was genuine?

If you said yes, you’re not alone – and this is exactly what scammers count on.

Malvertising”, or malicious advertising, is where scammers use online ads to trick you into downloading malware (malicious software), sharing sensitive information like passwords, or even handing over money.

These attacks are becoming more sophisticated and a growing threat to businesses of all sizes. Worse yet, you don’t need to click on these ads to become a victim; loading the ad in an out-of-date browser can be enough to compromise your device.

The three most common malvertising techniques are scam, fake installer, and drive-by download. Here’s a little more about them:

  • Scam malvertising is where an ad claims that your computer is infected and urges you to call for support. Once you do, the scammers convince you to install software that gives them control over your system. Then they charge you to “fix” the fake issue.
  • Fake installer malware often uses ads that lead you to cloned websites of trusted brands. You download software, thinking it’s legit… but you’re downloading malware onto your device instead.
  • Drive-by download malvertising is where ads infect your computer without you even clicking on anything. This malvertising exploits outdated browsers and automatically installs malicious files or extensions.

Recognising these scams is the first step to keeping your business safe. If you see an ad claiming you’ve been hacked or urgently need to act, stop and think: How would this company even know anything about your computer?

Also, make sure you double-check links before you click. If the link isn’t sending you to a legitimate domain, steer clear. And most importantly, make sure you’re running the latest version of your browser, as updates fix vulnerabilities that malvertising often exploits.

Don’t forget to share this knowledge with your employees, too. They’re your first line of defence – and training them to spot suspicious ads can save your business from serious trouble.

Scammers want you to trust without thinking. But a healthy dose of scepticism can make all the difference. Next time you see an ad that feels wrong, trust your gut… and ask yourself if it’s safe before you click.

Want to train your team to protect your business from malvertising and other online scams? We can help. Get in touch.

More Content

How to create secure passwords

How to create secure passwords

Weak passwords are one of the biggest security risks to your business.
Why?
Because cyber criminals are getting smarter than ever before. If they manage to crack just one password, they could gain access to your sensitive business data, financial information, or even gain control of your entire system.
Cyber criminals use automated tools to guess passwords, allowing them to try out millions of combinations in seconds. So, if you’re using something like “Password123” or “CompanyName2025”, you’re practically handing them the keys to your business.
A compromised password can lead to big issues, such as:
• Data breaches
• Financial losses
• Identity theft
• Reputation damage
But how do you create strong passwords without driving yourself (and your team) mad?
Think of your password like a secret recipe, where only you should know the ingredients. It should:
• Be at least 14 characters long (the longer, the better)
• Include a mix of uppercase and lowercase letters
• Contain a few numbers and symbols (like @, $, %, or &)
• Not contain any common words or easily guessable information (like birthdays, names, or the word “password”)
Instead of using a single word, you could try a passphrase – a short, random sentence that only you would understand. For example, instead of “Sailing2025”, try something like “Coffee&CloudsAreGreat9!”. This is much harder to crack, yet still easy to remember.
You should also steer clear of these common mistakes:
• Using personal info (your name, birthday, business name, etc.)
• Reusing the same passwords across multiple accounts
• Using simple sequences (“123456” or “abcdef”)
• Storing passwords in an easily accessible place (like a sticky note on your desk)
If remembering unique passwords for every account sounds impossible, there is another option: Password managers. These generate strong passwords, store them securely and autofill them for you.
With a password manager, you only need to remember one strong master password for the manager app itself. The rest are encrypted and stored safely, reducing the risk of data breaches.
Even the strongest password isn’t foolproof, which is why multi-factor authentication (MFA) is also important. MFA requires a second form of verification, like a one-time code sent to your phone or generated from an authentication app.
If you have employees accessing your business systems, it’s a good idea to have a password policy in place to explain your rules and why they’re important. This should include:
• Unique passwords for each system and account
• Regular security training on password best practices
• Business-wide use of MFA for critical systems
• Scanning for compromised passwords regularly
By making password security a priority, you can reduce the chances of a cyber attack creating a nightmare for your business.
And if you need help making your business more secure, get in touch.

The final curtain call for Windows 10: What you need to know

Microsoft has announced there will be no new feature updates for Windows 10 so maybe it’s time to upgrade to Windows 11. Our latest video will help you make up your mind.

Are your people Christmas shopping from work?

Almost half of people with social media accounts admit to falling for shopping scams. If your team are shopping at work, is your business protected?

Windows 11 uptake is at an all-time high – what are you waiting for?

Windows 11 uptake is at an all-time high – what are you waiting for?

If you’re still attached to Windows 10, now’s the right time to upgrade. Here’s why…

Copilot could soon auto-open in Microsoft Edge

Copilot could soon auto-open in Microsoft Edge

Is Edge your business’s browser of choice? Microsoft’s thinking of automatically opening Copilot when you use it. It could boost productivity, but there are privacy concerns to be aware of…

Why now is a great time to start your own business

"I can accept failure, but I can't accept not trying." - Michael Jordan We are living in unprecedented times.  People are being prevented from leaving their homes and the average worker has been sent to work from home, put on reduced hours, or worse.  It is...

Charging in public places? Watch out for “juice jacking”

Airports, hotels, cafés, even shopping centres, offer public charging points where you can boost your phone or laptop battery on the go. They’ve been in the news after the FBI recently tweeted advice to stop using them. Crooks have figured out how to hijack USB ports to install malware and monitoring software onto devices as they charge. The security risk …
Read More

Microsoft Remove Delay Windows 10 Updates in version 2004

We recently wrote an article on how to delay Windows 10 updates so that you can wait until issues are resolved before you install new updates.  However, in the Windows 10 2004 update, Microsoft has removed the ability to delay Feature Updates for up to 365 days in the...

Tech Tip: How to Provide Remote Support for FREE with Quick Assist

This Two Minute Tech Tip shows you how to view or control someone else's screen for FREE. As an IT managed service provider we have lots of tools we have to pay for to help us support our clients. However, if you've ever been in a situation where you are trying to...
Are your employees reporting security issues fast enough… or even at all?

Are your employees reporting security issues fast enough… or even at all?

The faster your employees report a potential cyber security issue, the less damage is done to your business. But how can you encourage quick reporting? Here we share some solid ideas.

Share This
Contact
Love Lane
Cleobury Mortimer
Shropshire DY14 8PE

01299 382 321
[email protected]
Copyright © 2024 Blisstech Solution Ltd
Registered No: 08125391 VAT No : 307 5490 05