Adware intro

Here’s how it happens. You go online with your nice, well-behaved browser, only to see it fly into a virtual tantrum, as an onslaught of advertisements either pops up, slides in from the side, or otherwise inserts itself to interrupt and even redirect your intended activity. And no matter how much you click to close those windows, they keep buzzing you like flies at a picnic.

That bothersome phenomenon results from adware, short for advertising supported software. And just as your picnic food attracts the pests that come after it, money—or the revenue generated by unbidden ads—is what draws adware to your PC or mobile device. Below, we offer a short primer on adware, what it is, how you get it, what it tries to do to you, how to deal with it, and what to do in the future to avoid this irritant.

adware

Adware definition

Malware, or “malicious software,” is an umbrella term that describes any malicious program or code that is harmful to systems. Hostile, intrusive, and intentionally nasty, malware seeks to invade, damage, or disable computers, computer systems, networks, tablets, and mobile devices, often by taking partial control over a device’s operations. Like the human flu, it interferes with normal functioning.

The motives behind malware vary. Malware can be about making money off you, sabotaging your ability to get work done, making a political statement, or just bragging rights. Although malware cannot damage the physical hardware of systems or network equipment (with one known exception—see the Google Android section below), it can steal, encrypt, or delete your data, alter or hijack core computer functions, and spy on your computer activity without your knowledge or permission.

The way of spreading of adware

There are two main ways by which adware sneaks onto your system. In the first one, you download a program—usually freeware or shareware—and it quietly installs adware without your knowledge, or permission. That’s because the program’s author signed up with the adware vendor. Why? Because the revenue generated by the advertisements enables the program to be offered gratis (although even paid software from an untrustworthy source can deliver an adware payload). Then the adware launches its mischief, and the user learns there’s a price to pay for “free.”

The two most common ways that malware accesses your system are the Internet and email. So basically, anytime you’re connected online, you’re vulnerable.

Malware can penetrate your computer when (deep breath now) you surf through hacked websites, view a legitimate site serving malicious ads, download infected files, install programs or apps from unfamiliar provide, open a malicious email attachment (malspam), or pretty much everything else you download from the web on to a device that lacks a quality anti-malware security application. Malicious apps can hide in seemingly legitimate applications, especially when they are downloaded from websites or direct links (in an email, text, or chat message) instead of an official app store. Here it’s important to look at the warning messages when installing applications, especially if they seek permission to access your email or other personal information.

Bottom line, it’s best to stick to trusted sources for mobile apps, only installing reputable third-party apps, and always downloading those apps directly from the vendor—and never from any other site. All in all, there is a world of bad actors out there, throwing tainted bait at you with an offer for an Internet accelerator, new download manager, hard disk drive cleaner, or an alternative web search service. Malware attacks would not work without the most important ingredient: you. That is, a gullible version of you, willing to open up an email attachment you don’t recognize, or to click and install something from an untrustworthy source. And don’t take this as “click-shaming,” because even very experienced people have been tricked into installing malware.

Even if you install something from a credible source, if you don’t pay attention to the permission request to install other bundled software at the same time, you could be installing software you don’t want. This extra software, also known as a potentially unwanted program (PUP), is often presented as a necessary component, but it often isn’t. Another wrinkle is a bit of social engineering that a Malwarebytes expert observed in the UK. The scam hit mobile users by taking advantage of a common mobile direct-to-bill payment option. Users visited mobile sites, unwittingly tripping invisible buttons that charge them via their mobile numbers, directly billing the victims’ networks, which pass the cost onto their bill.

Adware

Chengjiang He

 next article