As a significant source of threat and monetary income, shady ad practices offer cybercriminals various ways to lure technologically challenged mobile users. The attack vector is seeing a potential role in technical support scams using browser locking web pages, and for the propagation of fleeceware apps apart from being used as a channel to distribute malware.
A recent report revealed that classified ads scammers have earned more than $6.5 million in 2020, from buyers in a widespread operation dubbed Classiscam. The ongoing campaign which began way back in 2019 initially only targeted buyers on Russian online marketplaces and classified ads portals. However, the scheme soon gained popularity among 40 or more cybercriminal gangs who expanded the operation to more than a dozen countries and on many foreign marketplaces and courier services. Some of the brands that fell prey to this scheme are- Leboncoin, Allegro, OLX, FAN Courier, Sbazar, DHL, among others.
For years Google has struggled to stop malicious applications from delivering adware and other malware on Google Play. With renewed zeal, a fresh attempt was made to fight the spread of these apps and consequently, 164 apps were removed by the tech giant from its marketplace because they were delivering disruptive ads considered malicious.
Collectively these 164 apps were called CopyCatz and they spewed annoying ads while attempting to mimic the functions of other popular apps.
With a variety of malicious tactics, appearing in multiple forms, malicious ads are an industry-wide challenge with the potential to harm users, advertisers, and publishers. With insights shared by representatives from Google, it seems that they will continue to invest in new technologies to detect and prevent emerging threats that can generate invalid traffic, including disruptive ads, and to find more ways to adapt and evolve our platform and ecosystem policies to ensure that users and advertisers are protected from bad behavior.
To read more, please check eScan Blog
