Threat Alert: MALVERTISING FOR PUPs

• Malicious web advertising (Malvertising) involves actor-controlled web advertisements that lead victims to phishing and malware distribution websites.
• The technique was popular in the mid-2010s and became much less common when threat actors turned to fake updates and other web-based threats.
• Potentially Unwanted Programs (PUPs) are the latest incarnation of these web-based threats. They often appear or are installed alongside benign applications, but may include adware, spyware, or other downloaders.

How is it used in the wild?

• Attackers send messages containing links or attachments with embedded links leading to sites that offer very low-cost advertising.
• The sites may have little oversight on the advertising they host or may be compromised.
• Sometimes the emails are legitimate, and the sender is not aware links are potentially malicious. Often the emails are threat actor-driven and intended to increase traffic to the suspicious sites.
• The ads on these sites redirect victims to secondary sites where they are enticed to download PUPs.
  

Key Action: Stay Alert!

• Avoid interacting with web advertising.
• Never install software from an unknown source.
• Avoid interacting with links or attachments in unsolicited email.
• Report ANY suspicious emails via Phish Alarm.