What is Adware?
Adware is any software that displays online advertisements to users, with the developers of the software collecting revenue from those ads. Ads can be in the form of pop-ups, messages, new browser windows, new browser tabs, or additions and alterations to non-malicious websites.
Any free, ad-supported software or service can be labeled as adware. However, adware is generally associated with software that generates ads the user did not specifically authorize, especially too many ads that overload a system and that affect or disrupt a user's normal online experience.
Because of the potentially negative effects of ads, adware has come to be associated with malware, software used to gain access to a system to steal data and damage it in some way. Some adware may at first seem like an annoying but unavoidable consequence of downloading free software. However, the adware, besides serving ads, may also function as spyware, secretly collecting information about the user and reporting such data back to a cyber criminal.
Examples of Adware
Adware can be injected into a system in multiple ways, creating different types of results for the cyberattacker.
In an extreme example of adware, called a browser hijacker, the adware application installs itself into the device's browser and carries out several malicious acts. For one, it changes the homepage to something else. It can also remove legitimate advertising from regular websites and replace it with its own ads, which redirect to malicious websites controlled by the attacker. The adware may even prevent users from changing the browser settings.
In other scenarios, users download mobile apps that are free and ad-supported. Expecting only a handful of ads, which is usually the case with free digital services, the user may notice an unusually large number of ads, even outside of using the application. When too many ads are served, adware is most likely present.
How Do I Get Adware?
There are many ways that users can infect their devices with adware. Here are a few examples:
Visiting a Bad Website
One way that users inadvertently download adware is by visiting malicious websites. This could be by clicking a link, icon, image, or banner ad on a seemingly harmless website, expecting it to lead to a website or page with the type of content they are looking for. Instead, the click leads to a website with more confusing links and banners, which by clicking, begins an adware download into the user's device.
All of the clicks in this sequence were likely orchestrated by the company or entity aiming to infect the target's device with adware.
Downloading Bad Software
This requires more active engagement than simply clicking random, interesting links. Users will be searching for particular software or an application for a much-needed task, such as converting PNG files to JPGs or to update Adobe Acrobat Reader.
Once they find software that looks suitable for their needs, they click on a button or link to start a download. But when they launch the application, users notice that it is filled with pop-ups and banners advertising products or services that bear no connection to the software they downloaded. The software may actually work, but the number of ads makes the application confusing or even unusable. This is an example of adware.
Users sometimes willingly download apps knowing that those apps are advertising-supported. This is especially true for mobile games, as users are usually accustomed to seeing plenty of ads in games they play for free. However, if the ads crowd out the gaming experience and if users begin to see intrusive, annoying ads in other mobile applications, then that game is likely part of an adware scheme.
For years, Mac users generally felt safe from adware and malware. This is because of native anti-malware software like Gatekeeper, a technology that ensures only trusted software can be downloaded and run on the macOS. If the operating system (OS) detects a potentially malicious app, it will notify the user and encourage them to delete it.
Another reason Mac devices were malware-free is that for years, cyber criminals targeted Windows users. The majority of personal computers run on Windows OS, which means more computers to infect at scale. This has changed in recent years, as more and more Mac computers crept into offices, classrooms, and homes as a preferred device.
Downloading free mobile applications, especially games, is one of the easiest ways that adware can infect a mobile device. If users start to notice ads outside of the application—such as on the home screen, in other applications, or just random pop-ups—then a recently downloaded application likely contained adware.
Android adware is particularly prevalent, as the Android OS is more vulnerable than iOS.
How to Detect the Need for an Adware Blocker
There are many ways to detect whether you have adware on your device. Many of these are general symptoms of malware or a cyberattack underway. However, if a recent download, website visit, or click brings about one or more of the experiences below, steps need to be taken to remove adware from the device and install an adware blocker.
A slow computer might be a sign of adware. Adware, especially since it leverages images and videos, can take up a lot of a system's resources, including memory and processing speed. If it takes the system a long time to boot up or there are lags when multiple programs are open at once, adware might be on the system.
Too Many Ads
This one might be the most obvious red flag that adware has infected a system. While most internet users are used to banner ads, random pop-ups that did not appear previously or new browser tabs promoting unfamiliar products or services are signs of an adware infection.
Like a slow computer, constant crashing is another sign of an overloaded system. The extra images, videos, and content from adware can cause a system to freeze or crash, requiring constant rebooting.
Browser Homepage Changes
This is an obvious sign of adware. A user's homepage might be the familiar Google Search engine, but after the installation of adware, that homepage may now be a lookalike that does not say "Google." While some users might not care or even notice, this is adware because the search results will likely include sponsored results for which the adware collects revenue once users click on them.
Slow Internet Connection
A slow internet connection is also a sign of adware or malware. The reason for this is because the adware system downloads a large number of images and videos from the internet in the background, without the user's knowledge, slowing down the user's overall internet and browsing speed.
Is Adware Dangerous? What to Do Once Infected
If you suspect that your system has been infected with adware, immediately install an adware cleaner, which blocks and cleans adware from your device. Moving forward, you also want to be more cautious with the websites you visit, ads you click, and applications you download. If something looks suspicious, avoid clicking.
How Does Adware Blocking Work?
Once adware blocking software is installed, it detects any potential adware and alerts the user if suspected adware has been downloaded or is about to be downloaded. The blocker will then prompt the user to decide what to do, including removing the suspicious application.
"Adware blockers," "adware cleaners," or "adware removers" are the category names of this type of software whose intention is to remove malware. They are not to be confused with AdwCleaner, a product by Malwarebytes. Once launched, an adware remover tool scans for and removes unwanted programs. During the scan, the user can decide to keep or remove programs.
How Fortinet Can Help
The FortiGuard Antivirus solution can help safeguard an organization against adware and malware attacks. Fortinet uses advanced detection engines to stop threats from entering a network and gaining a foothold. While some adware may not collect sensitive corporate data, they can still hinder employees' ability to focus. As such, organizations need a tool like the FortiGuard Antivirus to maintain productivity.
For added protection, organizations can take advantage of the Fortinet Secure Web Gateway (SWG) for advanced content filtering and preventing certain websites from being accessed, as per enterprise internet access policies. This is especially helpful when users initiate access to the internet from home.