Florida AG, cybersecurity experts warn of malvertising while online searching after 2023 resurgence in attacks

The next time you’re searching for something online, and you see a suggested ad or sponsored link you want to click on, cyber experts are cautioning you to double-check it first as it may be "malvertising."

"Malvertising is when cyber criminals inject malicious code into the digital ads that pop up on websites," said Kate Whitaker, the associate director of outreach of Cyber Florida in Tampa.

If you click on that bad link, it could download malware to your device. Whitaker said the link can also take you to a spoofed website of a real company and get your information that way. 

READ: What's new in iOS 18: AI-generated emojis, smart Siri, and more

"There’s also some cases where the ad just runs on the website that alone can download malware onto your computer without you even interacting with it," said Whitaker.

Malvertising has been around for a while, but on Wednesday, Florida Attorney General Ashley Moody warned Floridians about the cyberattack. A recent report from Malwarebytes Threat Intelligence found more than 800 malvertising attacks in the first six months of 2023, the state attorney general said.

"It’s really common. I think most of us if we were paying attention, you’d probably see it once, twice a week," said Roger Grimes, a data-driven defense evangelist with KnowBe4, a cybersecurity firm based in Clearwater.

Grimes said artificial intelligence is helping to get it right and bring the real links to the top of a search. To avoid trouble, experts recommend remembering to read the URL.

MORE: Cottage cheese baking hack blows up on TikTok: 'Best idea I've ever seen'

"One thing you can do is just hover your cursor over the ad and the URL should pop. So, if you’re looking at an ad for say Target, and it says www.target.com, then it’s probably legitimate. If it says www1.target.com, it’s probably spam or malvertising trying to get you. So, that’s just one way you could do it," said Whitaker.

The malware attacks are hard to get rid of, and Grimes said the cyberattackers make money off the fake ads and links. 

"If people aren’t trained to look out for these things, our research has shown somewhere around a third of people can be induced into clicking or going to these lookalike websites without realizing it," said Grimes.

Making sure your software is up-to-date can help protect you the next time you search.

Cybersecurity experts said legitimate search websites can also be compromised with malicious ads and the companies may not even know it. Experts said that as society gets better at using technology, the cyberattackers adapt too. 


SIGN UP: Click here to sign up for the FOX 13 daily newsletter