What is Adware? How It Works and How to Protect Yourself Against AdWare



Learn about Adware, how it works, and how you can protect yourself against it in Data Protection 101, our series on the fundamentals of information security.

What is Adware?

Adware, or advertising-supported software, displays advertisements to a user when they are online in order to generate revenue for their author. It is a source of revenue for free service providers, and is not inherently malicious, though it has often become synonymous with malvertisements. Non-malicious adware collects data with your consent. For example, you may consent to download the free version of an application that serves ads versus the paid ad-free version of the application. Companies that depend on adware to support their products or services include Google, Facebook, Skype, and Spotify.

How Does Adware Work?

When a company chooses to use adware to support its software, the adware is bundled or integrated with the program itself. This allows for advertisements to load automatically. Ad space is bought by other companies who want to market to the users of that program, and the revenue made by selling ad space may be used to cover user and/or development costs. Some companies integrate adware with their program in such a way that the program cannot run unless the ads are being displayed. Any ad blockers must then be disabled in order to use the software. Adware also often collects personal information and tracks users’ browsing habits, which is then sold to third parties.

The Dark Side of Adware

The term adware is commonly used to describe adware programs that exhibit malicious or abnormal behavior. When adware tracks user activity without consent, it is considered to be a form of spyware. Cybercriminals take advantage of vulnerabilities in the ad network’s verification process or vulnerabilities in a user’s browser to display their own malvertisements. Malicious adware can also create pop-ups, pop-unders, and permanent windows that allow for drive-by downloads when a user visits an infected site. In cases where ad blockers have to be disabled, users may be at risk of infection. Some adware programs have also been known to block antiviruses from opening as well. Because some adware programs are legitimate and do not have uninstall procedures, antiviruses may be unable to properly detect which programs are actually malicious.

How Can You Protect Against Adware?

There are a number of different tactics that can be used to address different aspects of malicious adware. These methods offer a stronger defense when used in combination.

  • Use an ad blocker: In many cases, a free service can be used without viewing ads. Ad blockers prevent advertisements from being displayed in a browser, eliminating the chance of clicking on something malicious while preventing drive-by downloads.
  • Pay for premium, ad-free versions of popular services: The easiest way to avoid adware is to pay for the service that you are using. The majority of businesses do not serve ads to premium subscription users which helps ensure that malicious adware will not be able to reach them.
  • Buy devices from trusted companies with reputable, built-in security: There have been numerous incidents where people who purchase low-cost Android devices find that adware is installed in core files. These devices are especially susceptible to infection and purchasing one should be avoided at all costs.
  • Use an antivirus: Some antivirus programs can be used to block malicious adware, but many of them are not able to discern between the legitimate and the malicious as of yet. Antiviruses may also be blocked by some adware, in which case a more aggressive method should be used.
  • Use an adware removal software: When negatively impacted by adware, this type of software will clean up any unwanted programs on the device.

As with most threats, awareness and understanding are the best defense. Organizations must be aware of the benefits and costs of using adware to support a software. Users must be able to decide which programs are important enough to purchase and which they can do without in order to avoid the dangers of adware.

Ellen Zhang

WHITEPAPERS

Stopping Cyber Threats: Your Field Guide to Threat Hunting

Ellen Zhang

Ellen is the web marketing coordinator at Digital Guardian and works with paid search, marketing ops, social media, and webinars.