Adware has a conflicted history. A general description of the term is software that automatically generates and displays advertisements. These delivered advertisements then create revenue to cover expenses for the developer. Using ads to generate income for free software or applications is a very successful business model for many companies. The distinction between this legitimate purpose and malware, however, hinges on informing users about the advertisements and getting consent for the installation. Consent is where things get a little sketchy, and the reason adware is still considered a potentially unwanted program (PUP).

Bundling adware with other software or applications is a frequently used approach. Information may be included during the installation, informing users of its presence technically, but it’s often hidden in lengthy user agreements or default settings that are easy to miss. Adware also has a reputation for being annoying. Advertisements can pop up whenever you use a web browser and sometimes they’re challenging to close. Adware can slow down a web browser, web applications, or an entire computer system. It can overwrite default settings or cause redirects to other pages; ultimately making changes that completely alter the user experience.

Adware is typically a problem left to the end user. However, it becomes a problem for website owners through code injection. With code injection, adware can be placed on a website without the owner’s permission, causing display and functionality issues. Depending on the adware variety, it also becomes possible for the website to spread malicious code to other site visitors, like giving someone else the flu.

Hackers have increasingly targeted the business sector in the last several years. This increased focus is believed to be caused by the sheer number of hackers online. Only the best hackers, with the most lucrative targets, get to make money. Malwarebytes reported that the detection of adware increased by 29% on business scans last year. While adware isn’t the most malicious option for hackers to use, it’s frequent pairing with other kinds of harmful software requires businesses to be more vigilant than ever about security.

So what can you do to protect your website from adware?

1. Regularly back up the files and database for your website. Create a predictable schedule that meets the needs of the website. Consider recreating a week’s worth of lost data. Is that doable? Maybe you could only afford to lose data from a single business day. Also, make sure backups run correctly and on schedule. Incomplete or glitchy backup files won’t help you.

2. Use anti-virus software to scan your files and system regularly. Use anti-virus scans on your mail server too!

3. Keep your operating system and software current by applying security patches and software updates. Don’t forget to update website and theme customizations as well such as plugins, add-ons, or extensions. Use recent software versions and apply new updates as soon as you can. Keeping your software updated protects your website and server from being exploited by known vulnerabilities.

4. Create strong passwords and use a different password for each account! Strong passwords tend to be longer (16 characters or more), with a mixture of upper and lowercase letters, numbers, and special characters. Using a full sentence as a password is a great way to create a strong password that’s easy for you to remember. Consider using a password manager. If you’re like most people, you have way too many passwords to keep straight. Hackers go for the simple passwords first, make it challenging for them to hack your account!

The online environment is always changing, but it’s likely that you’ve heard these security tips many times before. Like washing your hands to prevent catching the flu, these are time-tested ways to reduce your risk online and improve your recovery time if your website or server is compromised. Use these tools to give your business the best possible odds.

What anti-virus or scanning tool are you using right now? What do you think of it? Let us know in comments!

References:

Adware. Retrieved May 20, 2019 from https://www.malwarebytes.com/adware/

Adware. Retrieved May 20, 2019 from https://en.wikipedia.org/wiki/Adware

Code injection. Retrieved May 20, 2019 from https://en.wikipedia.org/wiki/Code_injection

2019 State of Malware. Retrieved from https://resources.malwarebytes.com/files/2019/01/Malwarebytes-Labs-2019-State-of-Malware-Report-2.pdf

What To Do If Your Website Is Flagged For Malware By Google. (2018, July 16). Retrieved from https://blog.threatpress.com/website-flagged-malware-google/

Password Best Practices. (2018, September 30) Retrieved from https://security.ucsb.edu/news/password-best-practices