26 September 2023

Ad nauseam: How mysterious pop-up ads bypass ad blockers

Start the conversation

Jack Morse says some abnormal pop-up ads promising a prize in exchange for your personal information or a few clicks are bypassing normal ad blockers.


By Jack Morse*

Pop-up ads have long been the scourge of the internet.

But the rise of ad blockers, plus anti-pop-up moves by Google and Firefox had given us hope that those days would soon be behind us.

So why are even the most tech-savvy among us starting to see ads appear congratulating us for being “selected as a winner” of a $1,000 Amazon gift card?

The pop-ups in question appear on both smartphone and desktops, promising a prize in exchange for your personal information or a few clicks.

They are undeniably annoying, and quite clearly a scam.

Neither Android nor iPhone users are safe, and some frustrated web denizens are at their wits’ end.

What’s happening?

The reason some of these pop-up ads may be getting around your ad blockers: they aren’t normal ads.

Cybersecurity firm Symantec has identified one specific strain of malware hiding in apps, Android.Fakeyouwon, that its researchers say is fuelling these types of scams on Android devices.

Infected applications “hide themselves as legitimate apps in domains such as settings apps [Panel Settings], or apps that play music for free,” the researchers wrote.

“Apps will also ask for the minimum amount of permissions, so as not to concern more discerning users on installation.”

What’s more, it’s likely not just malware in malicious apps ruining your day.

Something called forced redirects could also be at play.

“A forced redirect is when a person is surfing the web on a computer or mobile device and through no action of their own gets redirected to a different website,” according to the anti-malware company Confiant.

“Usually the website they are redirected to is a vehicle for some form of affiliate fraud or malware.”

Ed Ho, Twitter’s General Manager of the Consumer Product and Engineering Group, tweeted a series of questions about this very practice.

“What is interesting to me: 1) What ad network is this running through, and why don’t they know?” Ho told us.

“2) Why is it that Safari on iOS appears to be vulnerable to this attack? 3) What is the actual vulnerability?”

Confiant identified one such network of so-called malvertising in January this year, and found that it involved the creation of “28 fake ad agencies to distribute malvertising campaigns.”

In short, this is a sophisticated fraud network that is mucking up your browsing.

There’s hope

Thankfully, all is not lost.

Google planned to release a version of Chrome that stops forced redirects in January, but according to USA Today as of February that feature had been pushed to a mid-April release.

Still, that means it is very much on the company’s radar, and a Firefox browser extension currently does this very thing.

Once blocking forced redirects becomes the norm across browsers, both mobile and desktop, these “Congratulations” ads should decline.

However, some of the responsibility falls on you, too.

After all, a browser update isn’t necessarily going to prevent malware-riddled apps from screwing with your browsing.

You can, and should, periodically go through your phone and delete old, little-used, or just plain sketchy-looking apps.

As you do, take comfort in the fact that you very well could be making your browsing experience better — one deletion at a time.

* Jack Morse is Tech Correspondent at Mashable in San Francisco. He tweets at @jmorse_.

This article first appeared at mashable.com.

Start the conversation

Be among the first to get all the Public Sector and Defence news and views that matter.

Subscribe now and receive the latest news, delivered free to your inbox.

By submitting your email address you are agreeing to Region Group's terms and conditions and privacy policy.