Blog
Recent
bg
Security Tips

Understanding Adware and Protecting Your Online Security

LastPassJuly 09, 2024

For better or worse, ads are part of our online lives. Whether we’re scrolling our personal social media or researching a project online at work, ads are everywhere. In some cases, they’re an annoyance that gets in our way of accessing information seamlessly, and in others, they connect us with products and services that make our lives easier. 

Unfortunately, because ads are such a pervasive part of lives, they’re also a tool used by bad actors that can fly under the radar for many users; adware is a form of malicious software that can compromise your online security and privacy. While it may not always be as harmful as other types of malware, it still poses risks by invading your privacy, degrading system performance, and potentially leading to more serious infections. 

Understanding Adware and Protecting Your Online Security

What Is Adware?

Definition and explanation of adware

Adware, short for advertising-supported software, is a type of software designed to display advertisements on your computer, redirect your search requests to advertising websites, and collect marketing-type data about you—such as the types of websites users visit—so that customized advertisements can be delivered to you. While adware itself is not always malicious, it often comes bundled with spyware, which can track activity and collect personal information without consent. 

Different types of adware

Adware can take many forms, ranging from legitimate software bundled with ad-supported features to malicious software that infiltrates your system. Some common types of adware include: 

  1. Browser hijackers: These programs modify your web browser settings to promote certain websites or search engines. 
  2. Pop-up ad generators: These generate excessive pop-up ads, often leading to dubious or harmful websites. 
  3. Toolbar add-ons: These are installed in your browser, displaying ads and tracking your browsing habits.

Examples of common adware programs 

The threats linked to the most notorious and expensive data breaches don’t often have the name well-known adware attached to the headlines, but there are plenty of threatening adware examples: 

Crossrider: Crossrider is an adware framework used by cybercriminals to create malicious browser extensions.

  • Malicious extensions: Installed extensions can hijack browser settings and inject ads into web pages.
  • Data theft: Can collect sensitive information such as login credentials and browsing history.
  • Redirects: Redirects users to phishing or malware-laden websites.

FinSpy (FinFisher): FinSpy is a sophisticated spyware delivered via adware that has been used for surveillance by government agencies. 

  • Surveillance: Can monitor almost all activities on the infected device, including email, messaging apps, and phone calls. 
  • Data exfiltration: Capable of stealing data, including passwords, documents, and emails. 
  • Remote control: Allows attackers to remotely control the infected device. 

Advertising Trojans (e.g., Zlob): Zlob is a family of Trojans that masquerades as a video codec required to play online videos.  

  • Malware download: Downloads additional malware onto the system. 
  • System vulnerabilities: Exploits system vulnerabilities to gain deeper access to the system. 

How Does Adware Work?

Adware distribution methods and infection vectors

Adware is still popular with some attackers, because it can be spread through various methods, including: 

  • Bundling with free software: Adware is often included with free software downloads, where it installs alongside the desired program. 
  • Infected websites: Visiting compromised websites can lead to automatic adware downloads. 
  • Phishing emails: Malicious attachments or links in phishing emails can install adware on your device.

Behavioral patterns and activities of adware

Depending on the malware type and purpose, users will see different behavior, but once installed, adware usually performs several activities: 

  • Displaying ads: Constantly displaying pop-up ads or inserting ads into web pages you visit. 
  • Redirecting traffic: Redirecting your browser to specific advertising sites or changing your homepage. 
  • Tracking behavior: Monitoring your browsing habits and collecting data to tailor advertisements.

Impacts of adware on system performance and privacy

The major threat of adware is how it can significantly impact your system’s performance and privacy. This includes: 

  • System slowdowns: Adware consumes system resources, leading to sluggish performance and reduced user productivity.  
  • Privacy invasion: Adware often tracks your online activities, collecting data that can be used without user consent. 
  • Security risks: Some adware can open backdoors for more malicious software, posing serious security threats.

Signs and Symptoms of Adware Infection  

How will you know if your systems are being impacted by malware? Here are some of the most common tells of adware infection. 

Identifying adware-related pop-up ads and redirects

Frequent and intrusive pop-up ads, as well as unexpected redirects to unfamiliar websites, are common indicators of adware infection. If you notice an increase in advertisements or your browser frequently takes you to unwanted sites, adware might be the culprit. 

Sluggish system performance caused by adware

A sudden slowdown in your computer's performance, such as longer load times for programs and web pages, can be a sign of adware. Since adware runs background processes and consumes resources, it can cause your system to lag and become unresponsive. 

Unwanted changes to web browser settings

If your web browser’s homepage or default search engine changes without your permission, or if you find new toolbars and extensions you didn’t install, adware could be to blame. These unwanted modifications are a hallmark of adware infection. 

Preventing Adware Infections

Best practices for safe browsing and downloading

As with most threats, the best way to defend against adware is to prevent it. Here are some best practices for IT teams to consider: 

  • Consider single sign-on (SSO): Using SSO offers seamless access to the right resources for your team. Users have quick and easy access to approved software, which reduces your corporate risk, as users won’t accidentally download lookalike software.  
  • Consider corporate-wide ad blocker software: Effective ad blockers might be seen as just another business expense (in both time and money), but the data shows that they can have a significant impact on performance and lead to fewer threats found on the network.  
  • Keep teams educated on phishing and other threats: Security is everyone’s responsibility. Make sure that users complete cybersecurity education, particularly around phishing, as 81% of businesses have seen an increase in phishing attacks in the last year, and phishing is still significantly linked to malware and ransomware attacks.  

Choosing reputable software sources and avoiding bundled adware

When downloading software, it’s important that users choose reputable sources and be wary of bundled adware: 

  • Deploy strong admin policies: Consider establishing organization-wide policies that require admin permissions for downloads of any kind.  
  • Use official websites: Make sure that employees have comprehensive security training that educates users to only download software from official vendor sites or trusted platforms like the Apple App Store or Google Play Store. 
  • Opt-out of bundled offers: Communicate to all users that they should opt out of any additional software or toolbars offered when downloading any software programs, updates, or other files.  

Using reliable antivirus and adware removal tools

Security admins should Invest in reliable antivirus and adware removal tools to protect your system. This includes:  

  • Antivirus software: Use reputable antivirus programs that offer real-time protection and regular updates. 
  • Adware removal tools: Employ specialized tools like Malwarebytes to scan for and remove adware.

Dealing with adware infections

If there’s suspicion that adware has been placed on an endpoint or system, it’s important that networking, IT, and security teams follow a predetermined incident plan. Usually, removing adware will have IT teams following these steps: 

  1. Run a full system scan: Use your antivirus software to perform a comprehensive scan of your device. 
  2. Use adware removal tools: Employ specialized adware removal tools like Malwarebytes to detect and eliminate adware. 
  3. Uninstall suspicious programs: Manually check for and uninstall any unfamiliar or suspicious software.

Adware on Mobile Devices

Understanding the risks of mobile adware

Mobile devices are not immune to adware. Mobile adware can display ads, redirect browser traffic, and collect data from devices - personal and professional. It can also lead to reduced battery life and data usage spikes due to constant background activity. That means that even users’ personal devices like phones or tablets that are used to log into your network can be a risk to your organization.  

Tips to secure your mobile devices from adware

Help protect your users’ mobile devices by: 

  • Only installing apps from trusted sources: Consider deploying a corporate app store with pre-approved apps available for download and use; if not, ensure that users use official app stores like Google Play and the Apple App Store. 
  • Checking app permissions: Review the permissions requested by apps and avoid those that demand excessive access. 
  • Considering a password manager: If your teams access accounts for work from their phones - like Outlook, Smartsheets, or other SaaS apps - using a password manager can help prevent unauthorized access to corporate resources if a user’s mobile device is compromised. LastPass ensures that passwords are synced across all devices, so your employees are protected from anywhere.  

Applying adware prevention measures on smartphones and tablets

You can enhance your mobile device security and avoid infected devices causing problems on your network by: 

  • Avoiding public Wi-Fi: Remote and hybrid users might work from everywhere, but employees should use secure, private networks to prevent unauthorized access and organizations should consider virtual private network (VPN) software to protect access to corporate network resources.  
  • Using a password manager: If hackers are using adware to collect sensitive information like passwords, you can protect your passwords - and ultimately the information locked behind all your accounts - safe with an encrypted password manager.  
  • Using MFA: Should an adware infection penetrate an endpoint, employing multi-factor authentication can help prevent access to various parts of your network if that bad actor attempts to move laterally after a breach.  

Protecting Your Online Privacy

Adware’s potential threat to personal data

Whether people are connecting from their desks in the office or at home or from their work computer or their personal cell phone, adware can pose significant threats to your user and organization data. It can track browsing habits, collect sensitive information, and share it with third parties, ultimately compromising user and corporate privacy. In some cases, adware can act similarly to spyware, monitoring activities and accessing personal data without your knowledge. Adware can also steal personal information. By tracking your browsing habits and collecting data, adware can access sensitive information such as login credentials and financial details. 

Implementing strong passwords and two-factor authentication

Preventing and protecting against threats like adware requires a multi-prong approach, but you can strengthen the security of your online accounts by: 

  • Deploying a password manager: There’s no way to know the purpose behind every piece of adware, but most bad actors are looking for a way in to exfiltrate sensitive information, like passwords and other login details. A password manager helps limit unauthorized access to corporate accounts, as well as helps to prevent credential theft.  
  • Enabling two-factor authentication (2FA): Add an extra layer of security to your accounts with 2FA, which requires a second form of verification beyond your password. This can limit unauthorized access to accounts, even passwords have been compromised.  

Using password managers like LastPass to enhance security

Password managers like LastPass can enhance your security by: 

  • Storing passwords securely: Keeping your passwords encrypted means that in the event of a breach, your account logins are much more secure behind an encrypted vault. It also gives IT teams a simpler way to implement widespread password changes if needed. 
  • Generating strong passwords: Automatically create complex passwords for your accounts that are much more resistant to brute force attacks. LastPass enables you to require that all account passwords have a minimum character count, and can generate strong, unique passwords of up to 50 characters.  

Ads have been a part of our digital lives almost as long as the internet has been a business tool, and it’s unlikely that the threat of adware will ever completely disappear. Even if adware only makes up a small number of online threats, businesses can’t afford to ignore them, because ads and internet use are both staples of life for every user at every organization. A password manager provides outsized protection for users and businesses, protecting what matters most in the face of online-based threats. Start your LastPass trial

FAQ

How do I get rid of adware?

You can get rid of malware by taking these three steps:

  • Running a full system scan with your antivirus software to identify active and dormant malware infections
  • Using adware removal tools like Norton360 and Malwarebytes to detect and eliminate adware
  • Manually checking and uninstalling any programs you haven’t authorized

Can adware spy on you?

Yes, adware can spy on you. Although adware is less intrusive than spyware, which can track your keystrokes and nearly every interaction with your computer, adware can still monitor your browsing history to serve up a profusion of unwanted pop-up ads.

Can adware steal personal information?

Yes, adware can steal personal information. It can track your activities at every website you visit. With this information, adware can redirect you to malicious sites, serve up an avalanche of targeted ads, or sell your browsing data to third parties.