Coming off a volatile Q3 that saw several large spikes in malicious landing page attacks, redirects returned in Q4 as the dominant form of attack type. These attacks primarily targeted mobile devices and their native browsers, unlike Q4 2020 where Facebook was most targeted.
Malicious landing pages continued to surge as malvertisers experimented with new varieties of fake news sites, scam investment invitations and fraudulent consumer products.
Client-side and server-side exploits saw continued growth with new threats via user’s browser extensions, and websites compromised by supply chain attacks. This growth furthers the need for security solution that protects the entire page and session, not just ‘wrapping’ ads.
All in all, Q4 displays a multitude of active bad actors responsible for a variety of threat classes, often utilizing different threat vectors to evade detection from traditional anti-malvertising tools and exceed the scope of their protection, further increasing the need for a future-proof, preventative approach to site and platform security.