According to multiple user reports, Windows 10 users in Germany are currently experiencing malvertising campaigns when using their default browsers.
The malicious ads are being displayed on the Microsoft Advertising network in ad-supported applications.
What Is Microsoft Advertising?
As explained by Microsoft, through this platform the company is using your browsing, search, and other online activity data associated with your Microsoft account to show you ads that are more tailored to your interests. The setting can be turned off but ads will not be as relevant.
In other words, the platform gives Microsoft a way to offer app developers monetization opportunities by using Microsoft Advertising SDK to display ads in their apps.
There are a number of recent reports of Windows 10 users, specifically in Germany, who share having their default browser open abruptly leading them to sites that host tech support scams and suspicious surveys. The ads would show up every time apps such as Microsoft News and Microsoft Jigsaw. Both applications are supported by Microsoft Advertising.
Why are Win10 users seeing these intrusive ads?
The explanation is quite simple. Scammers have been buying ad campaigns via Microsoft Advertising platform. The ad campaigns utilize JavaScript to automatically load suspicious, scamming websites in a new browser window. Because the ads are displayed in ad-supported apps, Windows 10 will launch a new page in the user’s default browser.
It is important to note that this is not the first such campaign. Earlier this year, French users were targeting in a similar malvertising campaign. Both campaigns appear to be targeting users according to their residential IP addresses. This means that users using VPN services to have access to German IP addresses will not be displayed these ads.
The worst part is that ad blockers are helpless in such cases because the ads are displayed due to ad-supported apps. Why is that? The scripts that ad blockers are designed to stop are executed in the app itself. So what can users do to prevent this from happening? Using security applications is one option, as well as relying on built-in browser filters.
Another example of a malvertising campaign that successfully defeated ad blockers is the so-called RoughTed operation. The campaign was detected in 2017. RoughTed was a large-scale malvertising campaign which saw a peak in March 2017 but has been active for at least over a year. Both Windows and Mac operating systems were targeted, as well as iOS and Android. The operation was quite rare in its comprehensiveness, having used a variety of malicious approaches from exploit kits to online scams such as fake tech support scams, fake updates, rogue browser extensions, and so on.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: