• Beware — searching may lead to malicious ads

    Home » Forums » Cyber Security Information and Advisories » Cyber Security for Home Users » Beware — searching may lead to malicious ads

    • This topic has 9 replies, 8 voices, and was last updated 11 months ago.

    Tags:

    Author
    Topic
    Susan Bradley
    Manager
    December 21, 2022 at 10:38 am #2510461
    Options

    https://www.ic3.gov/Media/Y2022/PSA221221

    TIPS TO PROTECT YOURSELF

    The FBI recommends individuals take the following precautions:

    • Before clicking on an advertisement, check the URL to make sure the site is authentic. A malicious domain name may be similar to the intended URL but with typos or a misplaced letter.
    • Rather than search for a business or financial institution, type the business’s URL into an internet browser’s address bar to access the official website directly.
    • Use an ad blocking extension when performing internet searches. Most internet browsers allow a user to add extensions, including extensions that block advertisements. These ad blockers can be turned on and off within a browser to permit advertisements on certain websites while blocking advertisements on others.

    The FBI recommends businesses take the following precautions:

    • Use domain protection services to notify businesses when similar domains are registered to prevent domain spoofing.
    • Educate users about spoofed websites and the importance of confirming destination URLs are correct.
    • Educate users about where to find legitimate downloads for programs provided by the business.

    Susan Bradley Patch Lady/Prudent patcher

    2 users thanked author for this post.
    DrBonzo, ClearThunder
    Reply | Quote
    Viewing 6 reply threads
    Author
    Replies
    • ClearThunder
      AskWoody Lounger
      December 21, 2022 at 11:16 am #2510467
      Options

      I’ve been using AdBlock Plus and AdBlocker Ultimate together, and they’ve done a good job at suppressing unwanted pop-ups, especially YouTube.   The free NoScript add-on for Firefox also does a great job of keeping unwanted scripts from automatically playing videos and general snooping.  Major snoopers like Facebook, Amazon and Twitter, et al, are all permanently blocked on my browser.  I don’t use Google, so they’re blocked too.

      I usually don’t click on ads, but I will hover the mouse over them to display the URL they want to point to.

       

      "War is the remedy our enemies have chosen. And I say let us give them all they want" ----- William T. Sherman

      1 user thanked author for this post.
      Alex5723
      Reply | Quote
      • E Pericoloso Sporgersi
        AskWoody Plus
        December 22, 2022 at 12:39 am #2510604
        Options
        ClearThunder wrote:

        I usually don’t click on ads, but I will hover the mouse over them to display the URL

        If it happens to be an extraordinarily alluring / interesting ad, then

        My VERY FIRST action: save a system image on an external SSD (air-gapped when at rest),
        then hover the mouse over the ad and copy the link,
        paste the link in EditPad,
        cut away any unreadable code.

        Then I wake up my VPN,
        Start TOR,
        visit the remaining URL left over in EditPad.

        Finally see what happens …

        1 Desktop Win 11
        1 Laptop Win 10
        Both tweaked to look, behave and feel like Windows 95
        (except for the marine blue desktop, rgb(0, 3, 98)
        Reply | Quote
    • Alex5723
      AskWoody Plus
      December 21, 2022 at 2:31 pm #2510510
      Options
      ClearThunder wrote:

      I usually don’t click on ads

      I never see ads or pop-ups so there is nothing to click on.

      1 user thanked author for this post.
      NaNoNyMouse
      Reply | Quote
    • NetDef
      AskWoody_MVP
      December 21, 2022 at 7:31 pm #2510565
      Options

      Another mitigation layer to consider:  Use a DNS service that attempts to delist all known malware addresses.

       

      https://blog.cloudflare.com/introducing-1-1-1-1-for-families/

       

      ~ Group "Weekend" ~

      2 users thanked author for this post.
      oldfry, E Pericoloso Sporgersi
      Reply | Quote
      • E Pericoloso Sporgersi
        AskWoody Plus
        December 22, 2022 at 12:03 am #2510600
        Options
        NetDef wrote:

        a DNS service that attempts to delist all known malware addresses

        It seems to me that DNS 1.1.1.2 (and its IPv6 equivalent) and Malwarebytes have the same mission. The only difference being that DNS 1.1.1.2 is remote (nothing to install) and Malwarebytes requires local installation.

        Wouldn’t having both be redundant?

        Would having one of them be sufficient?

        1 Desktop Win 11
        1 Laptop Win 10
        Both tweaked to look, behave and feel like Windows 95
        (except for the marine blue desktop, rgb(0, 3, 98)
        Reply | Quote
    • Michael432
      AskWoody_MVP
      December 23, 2022 at 5:11 pm #2511148
      Options
      1. Don’t take computer advice from the FBI, though in this case they are certainly correct about using an ad blocking service.
      2. As for malicious domain names, the rules and bad guy tricks are explained here
        https://defensivecomputingchecklist.com/DomainNameRules.php
      3. As for clicking on links, be they in an ad or not, I am a big fan of urlscan.io

      Get up to speed on router security at RouterSecurity.org and Defensive Computing at DefensiveComputingChecklist.com

      1 user thanked author for this post.
      Cybertooth
      Reply | Quote
    • Susan Bradley
      Manager
      January 1, 2023 at 10:27 pm #2513814
      Options

      Susan Bradley Patch Lady/Prudent patcher

      Reply | Quote
    • wavy
      AskWoody Plus
      January 2, 2023 at 11:54 am #2513940
      Options
      Susan Bradley wrote:

      Before clicking on an advertisement, check the URL to make sure the site is authentic.

      Good advice but getting harder to do with list-manage.com, doubleclick, sendgrid… being used.

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
      Reply | Quote
    • Vincenzo
      AskWoody Lounger
      January 3, 2023 at 12:07 pm #2514327
      Options
      ClearThunder wrote:

      Major snoopers like Facebook, Amazon and Twitter, et al, are all permanently blocked on my browser.

      How do you do this in Chrome or Edge?

      Thanks

      Reply | Quote
    Viewing 6 reply threads
    Reply To: Beware — searching may lead to malicious ads

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • How to use the Forums
  • All Forums

    • Recent Topics

    December 2023
    S M T W T F S
     12
    3456789
    10111213141516
    17181920212223
    24252627282930
    31  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2023 by AskWoody Tech LLC. All Rights Reserved.