Advertisements might seem like something that poses no risks to your organization. Most people think of advertisements as annoying but not necessarily dangerous. It is also likely that you are one of many people who have installed an ad blocker on your own machine or personal devices. We'll explain to you how to prevent malvertising.
However, having an ad blocker has more utility in your organization than you might think. Aside from giving your users the luxury of not having to watch ads on YouTube, you're also protecting them, and your organization from Malvertising.
⚡ TL;DR | Go Straight to the uBlock Origin browser extension Audit Report.
What is Malvertising?
The meaning of malvertising is the practice of using advertisements online to steal data or install malware on a machine. As you might expect, enticing advertisements are used to convince people to click on them and then either install something or provide sensitive information. The website the ad is on might even contribute to the problem since most websites don't even control which ads are shown on their site, fooling someone that might think that Spotify's website is safe, but that ad can lead anywhere.
How to prevent malvertising and malware?
While there isn't anything that can guarantee 100% protection, the following should help you prevent it from affecting your organization as much as possible.
- Have an ad blocker
Make sure your whole organization is supplied with a good ad blocker to prevent seeing advertisements in the first place. Below you can read up on how you can ensure you've got an ad blocker on every machine.
- Up-to-date Antivirus
Regardless of which Antivirus you use, it is important to make sure it is always up-to-date, something we do have reports for in our report library, both for workstations and servers.
- Up-to-date Operating System
Malware often relies on system vulnerabilities to abuse. So it is important you have the latest security updates installed, something you can also check with our Patch Tuesday audits.
- User training
As with most potential threats on the web, the best way to protect your organization is to train the employees to recognize potentially dangerous links, ads and more.
Manage Your Browser Extensions
With Lansweeper, you can scan your browser extensions. While it isn't something that is configured by default, with only a few steps you can check if your organization has an ad blocker on all of your machines.
In this example, we will be using uBlock Origin for Chrome and the Chromium-based Edge browser. It is one of the most popular browser extensions with more than 10 million installations in Chrome. Unfortunately, due to the way that Firefox stores browser extensions in the user folder, scanning it across your organization isn't possible.
Want to run this Audit Report?
Start your Free Lansweeper Trial to run the Audit Report.
Finding the extension ID
To scan your Chrome or Edge extension, you first need to know the ID of the extension. The easiest way to find this is to look it up in the URL of the extension's store page.
Look up your Chrome extension here and find your Edge extension here.
Configuring the scanning
Once you're in Lansweeper, you can enter the registry key you need to scan by going to Scanning > File & Registry Scanning.
For Chrome you'll enter:
- Rootkey: HKEY_CURRENT_USER
- Regpath: SOFTWARE\Google\Chrome\PreferenceMACs\Default\extensions.settings
- Regvalue: cjpalhdlnbpafiamejdnhcphjbkeiagm
For Edge you can enter the following:
- Rootkey: HKEY_CURRENT_USER
- Regpath: SOFTWARE\Microsoft\Edge\PreferenceMACs\Default\extensions.settings
- Regvalue: odfafepnkmbhccpbejgmiehpchacaeak
Once you've configured the scanning, you can head over to the special uBlock Origin browser extension report that we've created. This is our way of helping you to prevent malvertising.
In case you're lacking results in the report, be sure to hit the Rescan Assets button on the report's page in Lansweeper to fully rescan your assets.