You've been told repeatedly not to click on suspicious links, to prevent your computer from being infected with malware and viruses. But there's a threat you've probably never heard of that can infect your computer—even without a single click. And lawmakers are taking notice.
Experts told CNBC that advertisements on sites can be used by cybercriminals to take over your computer, steal your identity or access your online bank account. Websites are working to stop the problem, but these aggressive ads still slip by with damaging code. This kind of malicious ad—known as malvertisements—contain malware or embedded viruses, which can infect computers without a single click.
"We estimate that last year over 12.4 billion malicious ad impressions were served," said Craig Spiezle, executive director and president of Online Trust Alliance, a nonprofit that educates businesses and consumers on security and privacy issues.
Such ad impressions can compromise your computer if your browser has insecure privacy settings, said Curt Wilson, a senior research analyst at cybersecurity company Arbor Networks.
Spiezle testified at a May 15 Senate hearing on malvertising. He told the Senate subcommittee on investigations that malicious ads increased 225 percent between 2012 and 2013, though some tech companies disputed the increase.
Read MoreMistakes businesses are still making in cyberspace Malvertisements on big sites
During the hearing, lawmakers cited recent examples of malicious ads reaching consumers. Spiezle said many large companies have faced malvertising attacks.
"In February of this year, an engineer at a security firm discovered that advertisements on YouTube served by Google's ad network delivered malware to visitor's computers. … That virus was designed to break into consumers' bank accounts and transfer funds to cybercriminals," said Sen. John McCain, R-Ariz.
YouTube is owned by Google. And in a statement sent by e-mail, a Google spokesman said, "In February, we detected ads on YouTube that violated our advertising policies. We have zero tolerance for these incidents and our teams quickly took the appropriate actions to resolve this issue."
And according to Google's blog, Google removed 350 million bad ads in 2013, including disabling ads from more than 400,000 websites that were hiding malware.
In written testimony, Yahoo said it "has built a highly sophisticated ad quality pipeline to weed out advertising that does not meet our content, privacy or security standards."
Read More
No comments:
Post a Comment