Protecting Your Computer From Malware - JC Consultant Group

Is “Malvertising” Getting the Best Of You? (Part 1)

Information Tunnel

The Information Superhighway

The Internet is an all-encompassing place. You can find information about nearly every topic you could ever imagine online. And while the Internet is chock full of info and entertainment, dangers often lurk in the shadows. Or in the case of “drive-by-malware” or “malvertising” – danger lurks in the ads online.

“Malvertising” refers to the increasingly common practice of hijacking ad networks and injecting malicious ads into their feed. These malicious ads then infect any and every website that has embedded their feed.

You don’t have to do anything, but visit a site that has been compromised and you can be sure your computer will be affected too. Due to the nature of “malvertising” and how common on-page advertising has become, the threat posed to your PC from these ads is significant.

Making matters worse, “malvertising” isn’t simply found on shady and seedy corners of the Internet. Mainstream websites have begun to get infected, including sites you wouldn’t expect to be a target such as:

  • MSN.com
  • NYTimes.com
  • BBC.com
  • AOL.com
  • My.Xfinity.com
  • NFL.com
  • Realtor.com
  • TheWeatherNetwork.com

…And that’s just the short list!

No matter how high a profile a website has, they are at risk if they run advertisements from an ad network. High-level ad networks like Google, AOL and Rubicon have all been compromised recently.

As a daily course of business, JC Consultant Group is online working on behalf of our clients, so we are extremely sensitive to security protocols. Whether you run a business or are using a computer for personal reasons, PC safety should be a priority. But where to start? What can you do to protect your computer outside of hiring an outside internet protection firm? Don’t worry, there’s hope for the DIY individual. In this article you’ll find part one of our two-part series on keeping your PC as protected as possible.

Internet Security - JC Consultant Group

Internet Security

How to Protect Your PC

While limiting your Internet consumption probably isn’t an option, you can still protect your computer with a few quick steps. First and foremost, get your virus protection up-to-date. Only a fool surfs the web without virus protection in 2016.

Once your virus protection game is on point, you’ll need to take a few more steps to ensure enhanced security. Your PC is most vulnerable in two vectors: Java (not to be confused with JavaScript) and Flash.

If you don’t need Java or Flash, it’s highly recommended to remove them from your computer entirely. If that’s not an option for you, then the next best thing is to limit their access to your web browsers.

Disabling Java

Java is easy to handle. To disable Java, just go into your Window’s Control Panel or Mac System Settings. You find Java listed. Click on Java here and then go to the security tab. Un-check the option to enable Java content in your browsers. Once you do this, restart any running browsers to ensure the change takes effect.

Disabling Flash

Java was a straightforward and quick fix. Flash is definitely a bit trickier, but I have faith you can figure it out. To disable Flash, you’ll have to go browser by browser. Here’s how:

  • Internet Explorer

Click on the gear icon and choose Manage Add-ons. Under the Add-on Types column, select Toolbars and Extensions, and make sure that the dropdown under “Show” is set to all add-ons. Find Shockwave Flash Object listed there under Adobe Systems Incorporated, then right-click it and choose More Information.

On the next window that opens, click the Remove All Sites button. What this is doing is globally disabling, by default, all websites from being able to run Flash content, which is increasingly more popular for advertisements.

The next time you visit a website that uses Flash, you will be given the choice to enable it for that site, or continue disabling it. This is all or nothing, however. Once you enable Flash for a website, it is always enabled for that website, and if that website becomes victim of a malicious advertisement, you are once again at risk.

Malware Detected

Malware Detected

  • Google Chrome

Chrome has a built-in click-to-play feature that works for all plug-ins, including Flash. To enable it, click Chrome’s menu button (looks like three lines stacked on top of each other) and select Settings. Once on the Settings page, click Show Advanced Settings, then click Content Settings under the Privacy heading.

On the screen that pops up, scroll down to Plug-ins, and select Click to play, or if you are using a newer version of Google Chrome, the setting will actually be called “Let me choose when to run plugin content” instead. Now when you visit a website with Flash content (or any other plugin) you will see a gray box with a puzzle piece within it. If you know you want to watch the content from that plugin, move your mouse over the box and right-click then choose “Run this plugin.”

The great thing about this is you’re only enabling the plugin for this one session, so if you come back to the website later, Flash will continue to be blocked, and if it ever gets hit with malicious advertisements, your risk will be greatly lessened. You can also “whitelist” the whole website, similar to how it works for Internet Explorer. Look at the address bar, and next to the bookmark star there will be a puzzle piece with an X on it, and clicking on that will give you the option to “Always allow”, “Continue Blocking” and “Run all just this once.”

Finally, Chrome has its own built-in Flash plugin and does not rely on your computer having Flash otherwise installed. If you don’t need Flash for anything else on your computer, you can just use Chrome’s built-in Flash for any web content you come across that needs it while keeping it off of your computer as a whole. This will significantly reduce the Flash footprint, but will not completely eliminate your ability to watch cat videos on websites that still haven’t updated to an HTML5 video format.

  • Mozilla Firefox

Firefox also has a built-in click-to-play similar to Google Chrome. You can enable this by clicking on Tools, then Add-ons, and choose Plugins. On this page change the drop-down for Flash to Ask to Activate. This should generally work, but there’s a chance a Firefox update can flip the setting back. It’s a good idea to double-check this setting whenever the browser is updated, though it should not change back.

Unfortunately, later versions of Firefox have changed this behavior, and now Flash is allowed to bypass this click-to-play setting. You can fix this by digging a bit deeper into Firefox’s settings. In the address bar type in “about:config” without the quotes.

There will be a prompt to confirm that you’re ok going in here and won’t blame Firefox if you mess something up. Just click “I’ll be careful” and it will take you to a list of tons of hidden settings. In the search bar at the top of that, type in “plugins.click_to_play” – without the quotes and it will get you right to the setting. It’s a simple toggle and by default it is set to “false”, simply double-click it, and it should switch to “true”. If it does not, you can right-click on it and choose “Toggle”.

There is one more method that is much easier. However, it is only limited to Flash content. Simply install the Flashblock extension from here:

https://addons.mozilla.org/en-US/firefox/addon/flashblock/

It will take care of everything else.

  • Safari

Safari on Mac OS X also has a way to enable click-to-play for plugins. You can set this individually for each plug-in you have installed. To change the setting, open Safari, then click the Safari menu, and select Preferences. Choose the security icon and click Manage Website Settings to the right of Internet plug-ins. Select a plug-in, and check the “When visiting other websites” section, and choose Ask.

Ad Block - JC Consultant Group

Stop Ads in Their Tracks

Time to Block All Ads

With Java and Flash handled, it’s time to focus our attention on blocking any and every ad your computer faces. To do so, you’ll want to install an ad-blocking browser extension.

Each browser will offer different options, and the availability and scope of each extension can vary wildly. While Java and Flash are always the biggest culprits in a computer becoming susceptible to “malvertising” – it never hurts to use as much protection as possible.

Using the information below, you’ll have the ability to block ads all around the world. No matter your location. Plus, you’ll be given the option to enable ads on a per-website basis.

For our purposes, there are two main ad-blocking extensions. The best ones we’ve found are AdBlock Plus and uBlock Origin.

Below you’ll find a detailed ad-blocking breakdown by browser:

  • Internet Explorer

Install the AdBlock Plus extension from here: https://adblockplus.org/

  • Google Chrome

Install the uBlock Origin extension from here: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en

There is also an AdBlock Plus extension for Chrome and Firefox, but uBlock Origin is generally considered the better option.

  • Mozilla Firefox

Install the uBlock Origin extension from here: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

  • Apple Safari

Install the AdBlock Plus extension from here: https://adblockplus.org/safari

Ads pay bills for websites and creating content isn’t free. So you may choose to allow ads on certain websites. If you want to allow ads on a certain site, then you can “whitelist” the site with both of our preferred ad-blocking extensions.

Just be aware – even the most trusted of websites can be vulnerable to malicious advertising if they serve you ads.

To “whitelist” a website with uBlock Origin, you simply click on the red shield icon on your browser’s extension bar (you can also hover your mouse over them to see what they are) and then click the big blue “On” symbol (circle with a line through it). Doing so will completely turn off uBlock Origin for that website.

With AdBlock Plus, “whitelisting” is not quite as straightforward, but it’s not hard. When you click the red stop sign icon, find the line that says, “Don’t run on pages on this domain” or “Don’t run on this page” if you only want to enable ads for that one particular page.

Protecting Your PC

Protecting Your PC

Reducing Your Risk

By applying these simple tips, you have taken the first positive steps toward protecting your computer. Malvertising won’t stand much of chance against the combination of ad-blocking extensions, no Java, and no Flash. Technology can be pretty daunting just learning how to use it, but we hope you will stay tuned for part two in our series next month – where we detail reducing the risk you run online even further!