Imagine if when you went Googling for something, you had a page like this served up:
Rather than a bunch of (hopefully) useful links to webpages about the Nexus 6 Android smartphone, you are served up with a page swathed in banner ads, affiliate links and deals getting in the way of the content you really want to see.
The graphical ads on that page should instantly stand out as unusual for Google, but take a closer look at those text links too.
The fact is that all of these links and banner ads are helping to make money for whoever has tricked you into installing a program on your computer.
Here’s another example.
If you visit the New York Times website, it should look something like this:
It definitely shouldn’t look like it’s trying to scare you into believing that you have a virus or security problem on your computer, and arguing that you should ring a phone number for “technical support” immediately:
Possible Privacy Breach and Computer Error Detected Due to Suspicious Activity Found On Your Computer.
Contact A Certified Live Technician Now:
XXXXXXXXXXXXX (Toll free)
Once again, ads are to blame:
What’s happening here is that your computer’s regular browsing is being interfered with by a third-party process – often installed via a browser extension or plugin.
You might think it’s a legitimate ad being served up by the website you are visiting, but that’s simple not true.
But the truth is that you have made a Faustian contract with a program that is going to inject and embed adverts willy-nilly as you browse across the net, in the hope that you will help them earn some cash.
A new study, conducted by Google and researchers at University of California Berkeley, has tried to get a handle on just how prevalent these irritating and (sometimes) downright malicious ad injections are.
The researchers examined more than 100 million pageviews of Google sites across Chrome, Firefox, and Internet Explorer on different operating systems.
What they discovered was alarming:
- Ad injectors are not just a Windows problem. They are available on Mac as well as Windows, and affect all the major web browsers.
- A staggering 5% of people who visit Google sites have “at least one ad injector installed. Within that group, half have at least two injectors installed and nearly one-third have at least four installed.” That says to me that some folks are really prone to falling for these kind of things.
- Google’s study reveals that 34% of the Chrome extensions injecting adverts are classified as “outright malware”. There is no greyness here…
In addition, the researchers claim that they found 192 deceptive Chrome extensions that have affected 14 million users. Those rogue extensions have now been disabled, and Google says it is doing more to catch similar extensions in the future.
But maybe you need to play your part too, being more careful about what you install and how well you maintain the security of your computer.
You can read more about the ad injection problem by checking out Google’s blog post. The full report is due to come out in May.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.