Tech News World – Trawling porn sites used to be the best way to pick up an electronically transmitted disease on your smartphone. That’s not the case anymore. Every one in five times a mobile user is redirected to a malware site on the Internet, it’s done through a malicious ad, according to a report released last week by Blue Coat. That’s three times what it was two years ago.
One reason malicious ads have been able to outperform porn sites is they can garner more traffic than the smut peddlers. “We’re seeing a shift in mobile user behavior,” said Sasi Murthy, vice president of product marketing security at Blue Coat.
“We’re seeing an increase in recreational usage for mobile users around shopping and entertainment,” she told TechNewsWorld. “When we contrast that with the desktop world, recreational usage for mobile users is double.”
“Our friends in the cybercrime world are going to be focused on the same kinds of behaviors we are — but for different purposes — and set their strategies based on those behaviors,” she continued. “So it makes perfect sense from a cybercrime strategy to start to use a vector like malvertising.”
Increasingly, mobile users are being subjected to more ads — even more so than PC users — as sites everywhere continue to refine their mobile advertisement strategies, the report notes. “This is a particularly worrying trend as it coincides with a significant increase in malvertising.”
While mobile users are not yet subject to the same drive-by downloads that PC users face, the report acknowledges, mobile ads increasingly are being used as part of many social engineering attacks.
Making matters worse, the increased frequency of mobile ads conditions users to see them as normal, which makes users more vulnerable to the attacks that are launched through ads, it points out.
“Malvertising is a very effective way to infect unsuspecting users with malware, because it can exploit browser vulnerabilities both known and unknown,” Dana Tamir, director of enterprise security at Trusteer, told TechNewsWorld.
One way to foil malvertisers is with an ad blocker, although they have been known to prevent some Web pages from executing properly.