In the sport of angling, you’d think lures play a very significant part, and rightly so – after all, they entice and snag the fish. They come in a whole lot of shapes, sizes, and colors, each crafted to mimic the look and behavior of a sea creature in water, each intended to interest and influence the fish, and fool it into accepting the bait.
Adware in the digital world is like the lure in the tackle box of the angler. Its purpose is to stimulate the interest of the user, to create a need, and conviction to buy a product.
What it is
Adware is the latest phase in the evolution of advertising. In the beginning, until the digital age dawned, print, radio, and television advertisements ruled. However, the digital realm opened the doors for a new kind of advertising that offered all the benefits of the ‘conventional’ advertisement. Termed adware because of its software features, it went one step further by incorporating the feature of instant realization of the buyer’s intent. CSO Online (1) calls it ‘software designed to support the advertising campaign of an organization,’ responsible for generating revenue via its online user interface.
It is a definition that works well in the context of genuine advertising, with the advertiser trying to influence the buyer with the merits of the product or services. The truth however, is that online has also provided a playing field for the illegitimate advertiser, who uses adware to resort to malfeasance via malicious links.
In such instances, adware is defined as ‘malware’ (2) – that displays unsolicited advertisements on a user’s computer, often without their knowledge, and almost always wreaking damage by compromising user data, security, and privacy. Organizations refer to this malware as Potentially Unwanted Programs (PUP) or Potentially Unwanted Applications (PUA).
Monetizing adware
In its essential form, adware and online advertising is legal. Concern arises however when adware is used illegally to dupe unwitting users, foist undesirable produce, install system-damaging malware, and exfiltrate sensitive user data. Creators of malicious adware often operate differently, by charging their nefarious-minded clients for the manner in which users interact with the adware. Some of the more common monetization methods deployed by creators are:
- Pay-per-click (PPC) — where the creator is paid for every click by the user
- Pay-per-view (PPV) — where the user goes on to spend time perusing the ad, after the initial click
- Pay-per-install (PPI) — where the user goes on to download the software or the software is automatically installed on the device
Sophisticated adware can go further, reading into users’ searches and browsing history, and providing the creator the additional possibility of selling private information to third parties for a price.
Signs of adware infection
Experts say it is relatively easy for a user to identify the presence of adware. Typically, when adware is present on a computer or mobile device, users experience one or many of the following:
- An unannounced change in the browser used or the presence of new add-ons or browser extensions
- A surge in pop-up advertisements in online and offline modes
- An agonizing slowing down/sluggishness of the system performance, including
- Repeated and unexplained system crashes
- Incorrect display of web pages
- Rogue results or unsolicited redirects to new sites
- Appearance of new toolbars
- Rapid draining of the device battery
- Higher data usage, resulting in higher data bills
How it occurs
Though many believe that adware gains access to the system due to a conscious act of the user, that is not always the case. Adware is installed on a system in a variety of ways. It often comes bundled together with other software that users download via the internet. But that is not the only source of picking up adware. Links to malicious websites and fraudulent email attachments also result in adware being installed on a system. Freeware and shareware are common sources of adware, often installing the adware without the user’s knowledge. Though both of these are not illegal in essence, the presence of malware in them makes them illegal.
Adware is also installed via botnets, torrents, file-sharing websites, and deceptive messages that appear to come from genuine sites but are the result of malware seeking access to the system.
The dangers
Adware can be terribly annoying with endless pop-ups that adversely affect users’ browsing experiences. But the greater danger of adware lies in the damage it does to the computer system. Easy to identify, it takes considerable effort to locate, and then completely remove. Some of the inherent dangers of adware are:
- Pernicious slowing down of the computer performance, irrespective of the system configuration
- Draining and excessive consumption of system resources, bandwidth, and battery
- Compromise of user privacy and collection of personal data due to tracking of online activities
- Creation of an environment that facilitates entry points for other malware, viruses, spyware, and ransomware
- Unsolicited redirects to malicious and undesirable websites
Prevention and removal
There are many experts who firmly endorse user vigilance, cyber hygiene, and employee training as the first and best defense against adware. While there is some value in this, the insidious nature of adware and the surreptitious manner in which it gains access to the computer system makes it foolhardy to rely exclusively on this method of prevention. Below is a list of some measures that could be considered to deal with the threat of adware.
- Adopting an online organizational work framework/policy that steers clear of any illegal activity
- Implementing stringent organizational policies that proscribe the downloading of software and accessing of insecure and suspicious sites, torrents, file-sharing sites, etc without administrator approval
- Adopting best practices for cyber hygiene including password management, cautious online behavior, reading the fine print in the Terms and Conditions, periodic cache and cookie clearing, and using the incognito mode to prevent cookie accumulation
- Monitoring financial statements regularly to identify possible adware-inflicted subscriptions and charges
- Upfront analysis of reviews of approved software, browser extensions, and add-ons
- Investing in employee awareness, vigilance, training, and reporting
- Installation of a trusted firewall
- Installation of industry-standard anti-malware/anti-virus and anti-adware/ad-blocker software
- Conducting regular SOC-led system analysis for PUA/PUP
- Regular application of system patches and updates
Concluding words
In a world where digital ads are having a successful run, it is unlikely that adware is likely to either reduce or tone down in intensity. Advertising tenets like ‘less is more’ and watchwords like overkill and ad fatigue hardly seem to matter anymore online. Despite the clear understanding that offline advertising is better for brand building and trust, a 2022 study showed that 61% of organizations preferred online advertising over offline advertising. Adware is everywhere. 90% of internet users have reported seeing a Google ad in the course of their online activity.
As the use of adware – good and bad – increases, users seem to be left with the option of living with it, or proactively moving to stop its relentless march by blocking it. One thing is sure, however. Advertisers will stop at nothing, and adware will only get more influential.
As Calls to Action get more persuasive, online users would do well to adopt the 10-second rule or recall the ‘look before you leap’ phrase, when they encounter adware. Or they may revisit those colorful lures in their favorite sports gear stores, because the catch (pun intended), as any angling expert will tell you, is that the fanciful colors on lures are there to influence the angler into buying the tackle. As for the fish, the exotic colors hardly ever seem to matter – basic greens, blues, and dark shades on lures seem to work best with them!
References:
- What is adware? How it works and how to protect against it | CSO Online
- What is Adware? | Detection and Prevention Tips (sentinelone.com)
Additional reading: