Block Ads For Your Own Safety, Says The Man
from the finally,-some-public-service-from-public-servants dept
Careful, kids. The FBI is recommending something useful. The same entity that thinks encryption is the enemy has delivered a message suggesting it may still care about the safety and security of internet users… at least those it doesn’t consider to be persons of interest. Here’s Daniel Sims of Techspot with more details.
The FBI issued a public notice this week advising consumers to watch out for scammers impersonating advertisements. The Bureau’s solutions included using an ad blocker so the fraudulent ads (along with real ones) don’t appear.
Users who search for companies on Google these days usually see the word “ad” next to the first couple of search results from companies that buy ads on the service. The FBI warns that some malicious actors are buying ads while impersonating real companies in elaborate schemes to scam customers and deliver malware.
The surprise announcement that ad blocking may be good for your computer health comes as part of the FBI’s ongoing efforts against cyberfraudsters and malicious actors, some of which work for foreign governments. Impersonating ads is easy. Duping unsuspecting internet users is even easier. When the faux thing is indistinguishable from the real thing, the best prophylactic for safe surfing is an ad blocker, which will block all (or most) things ad purchasers (and malicious entities) wish people would click on.
In particular, the government highlights sites of dubious nature that provide big shiny “DOWNLOAD” buttons that do nothing but download malware, spyware, and bloatware onto users’ devices.
In instances where a user is searching for a program to download, the fraudulent webpage has a link to download software that is actually malware. The download page looks legitimate and the download itself is named after the program the user intended to download.
Put the ad block condom on your download wang, says The (federal) Man, taking a break from its usual hassling.
The FBI isn’t wrong. Ad blocking just makes sense. In addition to decreasing general annoyance, blockers prevent malicious entities from enticing users into risky clicks or from delivering their malware payloads in the background while users wait for pages to load.
And it’s not just shady download sites operating out of countries like Tuvalu or the Philippines to avoid US DMCA requirements. It’s well-established, possibly respected websites like Forbes and Yahoo. The federal government has long recognized the threat malicious ads pose to users, which is why the CIA, NSA, and other intelligence agencies have long required the use of ad blockers by employees.
The smart thing has always been to ad block. If you want to support websites you enjoy, there are other ways to do so without being subjected to, at best, terrible ad inventories and autoplay garbage that have the power to fire up your processor fan even though you’re doing nothing more strenuous than accessing websites.
Ads are not inherently evil. But they’ve never, ever been an unequivocal good. And when they’re easily impersonated, the best response is throw the barely tolerable baby out with malicious bathwater. Unfortunately, the FBI’s advice is only as good as the browsers supporting it. With some browsers looking to deprecate ad blocker support (stares pointedly at Chrome), the best practices recommended here may soon be an option some users simply won’t have. Until that day, though, get your ad block on. The Man himself recommends it.
Filed Under: ad blocking, fbi, scams
Comments on “Block Ads For Your Own Safety, Says The Man”
Ad-Guard. Available as an extension for nearly every browser, and most flavors of cell phone OS’s. In fact, Brave and one or two others are now incorporating the Ad-Guard engine directly into their browser(s). Pretty spiffy, if you ask me. 😉
Yeah… they FBI said something sane…
But this has been the case for the last… 6 years? More? A little late to the party, but I guess that’s better than never.
I started using an ad blocker long before malicious ads (at least that I noticed) became prevalent. However I’m pretty sure malicious ads have been a well known issue for many years.
I’m using ublock Origin for a while and used other extensions before it. The moment Google pulls the plug on adblocking support I’m erasing it from my browsing routine keeping it only for compatibility issues (eg: can’t use the stock management interface from my employer with anything other than Chrome).
The ad industry brought it upon themselves.
Also, even a broken clock is right twice a day. This is one of those times for the FBI.
I still remember the bad old days of adware silently installing itself into your computer and legitimately causing your computer to slow down.
Those were not good days.
Adblockers, spyware removal software, and updating Windows Defender on every new build are now standard practices when I have a new computer.
Re:
Thoughts on Bitdefender and Malwarebytes?
Re: Re:
I’m not the AC you were replying to but, while those are good (and I still use Malwarebytes for one-off scanning when necessary) Windows Defender is fine and comes with every Windows system so it no longer makes sense to install third-party antivirus software for real-time scanning.
hed
Just gotta say, I unreservedly love this headline.
Remember what the FBI says:
-Drink your Ovaltine.
-Don’t do drugs.
-Don’t watch porn.
-Don’t forget to give up your phone’s data so we could just look.
-Also don’t do crimes, because we’ll know. 🙃
Gotta love modern web site design
I use Firefox with NoScript as my primary browser, with a backup of Chrome (with no add-ons).
I have found at least one site where attempting to load a page – even with NoScript set to let everything through – resulted in a permissions error, where Chrome let it through fine.
It could be “the Firefox”. It could be side effects of NoScript.
But as this was a major ISP website, my money is on “can’t be arsed to do it right.”
Re:
NoScript is too damn complicated, and breaks sites even when it’s nominally disabled. The “clear click” thing seems particularly bad, even if I “disable” it. Go to about:config, set javascript.enabled to false, and uninstall the extension. Maybe use another browser profile (possibly with URL whitelist) for things that need javascript, and that you can’t do without. Definitely use a separate profile for high-risk activities like banking.
When the FBI takes years to tell users to do basic opsec it’s hard not to become at least slightly suspicious. It’s suggestive that they’ve taken advantage of unprotected users for years, but the problem has now become so ubiquitous and troubling that they’ve decided that the benefits of an open exploit isn’t worth the drawbacks inflicted on the general public. Either that, or the scourge has become so widespread that even the FBI can’t keep quiet anymore. Neither is a good look.
Sites that require disabling ad blockers
Whata everyone’s opinion on sites like Comic Book Alliance that show a pop up asking users to disable their ad blocker? (Though you can dismiss the pop up and read the site.) Or what about the Forbes website which doesn’t let you read anything without disabling your ad blocker?
Would the site be liable for any malware served through their site, even if cane from Google or DoubleClick?
Re:
Find am alternative, or, if no alternative, use a virtual machine after taking a snap-shot, and restoring the snapshot after the visit. Also, make them the only site visited via that VM.
Ad Blockers
uBlock Origin… with almost everything blocked.
Ya have to, lotsa ‘sites pull ads from 3rd parties.
How ya gonna guarantee it’s legit if ya pull from here and send to there with no stops in between?
(drive-by ad infecting)
Bonus feature: browsing speeds up without yer computer sounding like a 747 take-off.
I’ve love to find a way to block the in-video ads on YouTube. It used to be that all ads were skippable after five seconds, which was still annoying, but at least you could skip them. Now, more and more, I’m seeing unskippable ads, which I guess is an admission from YouTube, that people hate ads.
Back when YouTube used Flash, I never used to get any ads. I’ve always used the MVP Hosts files, which blocks most ad servers, and that seemed to stop all the video ads. As soon as they switched to HTML5, I started seeing ads again.
The weird thing is that if I download the videos using YouTube-DL, it has no problem downloading just the video. So why can’t someone put that same tech into browsers?
Re:
View YouTube in a browser, and use ublock origin, works for me.