This Week in Breach: Malvertising Campaigns

March 4th, 2019 by admin

Programming Code on Laptop Computer Screen

Over Presidents' Day weekend, a new malvertising campaign targeting US users’ personal and financial information. Researchers from Confiant observed over 800 million malicious ad impressions as a part of the massive malvertising campaign executed by the group "eGobbler".

So, what is a Malvertising Campaign?

  • Once the victims click on the malicious ads, they were redirected to a wide variety of phishing sites.
  • Phishing sites trick victims into entering personal as well as financial information such as names, addresses, contact information, payment card details etc.
  • The collected information can then be used by cybercriminals to perform various malicious operations, to conduct spear phishing email campaign, or to sell the stolen credentials in the dark web to other crooks.

Risk to Small Business: 2.111 = Severe: A malvertising campaign by the eGobbler group targeting U.S. users was launched over Presidents Day weekend, February 16-18, garnering some 800 million impressions. Those who clicked on the ads were redirected to a wide range of phishing sites that attempted to trick consumers to enter personal details, including financial information.

Individual Risk: 2.571 = Moderate: Cybercriminals can use the information collected to conduct spear phishing email campaigns or they can sell the stolen credentials on the Dark Web to other criminals.

Customers Impacted: Unknown
How it Could Affect Your Business: Malvertising campaigns can expose sensitive customer and employee data, or cause mistrust in websites hosting the infected ads leading to brand erosion and customer churn.

Contrast to the Rescue: Find out why businesses rely on Contrast to provide actionable stolen credential data and make informed decisions - just give us a call.  

Posted in: News, This Week in Breach