Digital Threats Defined

Consumers Are Under Attack - So Is Your Business

What You’re Up Against in Battling Bad Actors

Cybercrime has never been more rampant. Too many of us have had family members or friends fall victim to phishing scams or device infections viruses—or maybe you yourself have been burned by online malevolence. Threat actors are using audience profiling techniques including geolocation to prey on senior citizens, minors, and other vulnerable members of society.

As a populace, we feel the effects of cyber attacks when ransomware hits infrastructure like energy and healthcare companies. And rogue states are increasingly using malware and malvertising on everyday citizens as the shadowy world of cyberwarfare evolves.

Dangerous For More Than Just Consumers

Digital crime is a plague not only affecting consumers, but also every legit business with an online presence. Cybersecurity Ventures estimates that cybercrime cost the world $7.5 billion in 2024, a figure that will increase by 15% to $10.5 billion in 2025.

Threat actors are leveraging the websites and apps of major media publishers, retailers, e-commerce operations, and even household brands to distribute their attacks to the masses. They exploit the back-end of the Internet by hiding their malignant payloads in cloud storage, hijacking ad code and creatives from everyday advertisers, and compromising domains used for analytics, ad campaign measurement, purchases, and more. All of these treacherous activities cost companies serious revenue, are poison for bottom lines — and often draw unwanted attention from regulators.

You don’t just have to protect consumers from digital attacks—you have to protect your business.

Know Your Enemy & Their Tactics

REQUEST A DEMO NOW

Understand Threat Behavior
And How Malware Impacts Consumers

What is Malware?

  • Malware—a portmanteau of "malicious" and "software"—is the collective name for malicious software intentionally designed to damage or gain unauthorized access to a computer, server, mobile device, or network.
  • Generally delivered via a link or file within an ad, email, or app. Malicious code can trick users into clicking on a link or opening a file to execute the malware, but sometimes no user action is required at all (e.g., a drive-by download).
  • Malware is used to gain illicit access to financial accounts and sensitive systems; lock consumers and organizations out of proprietary systems; and extract private data (e.g., passwords, healthcare info) for blackmail or to sell on the Dark Web to other threat actors with more devious plans.

What is malvertising?

  • Malvertising—a portmanteau of "malware" and "advertising"—is the injection of malicious code or malware-laden ads into legitimate online advertising networks, webpages, or apps. is the collective name for malicious software intentionally designed to damage or gain unauthorized access to a computer, server, mobile device, or network.
  • Malvertising can be used to deliver any form of malware via a variety of mediums: infected ad tag code, false creatives that attack consumers, compromised advertiser landing pages, corrupted domains/pixels of adtech partners, and more.
  • Common malvertising attacks and tactics include phishing auto-redirects, auto-refreshes, deceptive downloads, drive-by downloads, cloaking, fingerprinting, adware, scareware, tech support scams, and fake software updates.

Our Threat Behavior Taxonomy is an intuitive approach to cataloging malware that emphasizes the affect on the end consumer—and the ultimate goal of the threat actor.

Phishing

Auto-redirects to popups and browser hijacks using fake surveys and/or other malicious content to solicit sensitive data from consumers.

EXAMPLES:

  • Cloaking
  • Data Exfiltration
  • Exploit Kit
  • Ad Injector
  • DDoS Bot
  • Credential Harvesting
  • Malicious Android Package Kit (APK)

Backdoors

Attacks that deliver a wide variety of malicious payloads to consumers with or without interaction; leave consumer devices vulnerable to future attacks. Often found on compromised advertiser landing pages.

EXAMPLES:

  • Ransomware 
  • Keylogger
  • Remote Access Trojan (RAT)
  • Rootkits
  • Cryptominer
  • Cross-Site Request Forgery
  • Worm Data Exfiltration

Scams

Schemes to defraud consumers or mislead them into sharing personal data that can be leveraged in future attacks. Often hijack celebrity images for fake endorsements.

EXAMPLES:

  • Crypto Schemes
  • Bogus Investments
  • Questionable Dietary Supplements
  • Data Exfiltration
  • Misinformation
  • Command & Control Communication
  • DNS Tunneling

E-Skimming

Attacks employing malicious files for theft and/or unauthorized use of consumers’ sensitive data.

EXAMPLES:

  • SQL injection
  • Credential Harvesting 
  • Cryptojacking
  • Remote-Code Execution

Ad Fraud

Content executing click and/or impression fraud.

EXAMPLES:

  • Impression Fraud
  • Click Fraud
  • Clickjacking
  • Ad Stuffing
  • Ad Stacking 

THREAT Alert: STRINGRIPPER

New Ad-tag based phishing attack marks a frightening evolution in malvertising.

Read More

NAMED THREATS

The Media Trust’s Malware Desk—the largest and most experienced team of digital threat analysts in the industry—gives names to particularly pernicious and enduring threats. We track them over time—and indeed, many have way-too-long lifespans—recording their spread and evolutions. This helps media companies, adtech, ecommerce, and advertisers identify and remediate threats faster, before they can have a devastating impact on consumers and business.

DOLOS: Fake Tech Support Scams Attacking Seniors

Targeted at the most vulnerable groups online (e.g., seniors, minors), this evasive malware convinces consumers that their devices are compromised and to call a bogus tech support operator, who takes remote control to cause financial harm.

LEARN MORE

GHOSTCAT: Prolific phishing redirects Attacking Through Video

Once the bane of mobile display advertising, GhostCat (aka ScamClub) has exploited programmatic video arbitrage to barrage consumers with phishing redirects—often on premium publishers.

LEARN MORE

SOCGHOLISH: King of Driveby Downloads

Long a plague of email and search, SocGholish has broken into display advertising—via compromised landing pages from legit advertisers—to instantly infect consumer devices with backdoors… And it appears to be targeting governments and infrastructure.

LEARN MORE

STRINGRIPPER: Hijacking Legit Ad CampAigns

Phishing upstart StringRipper hijacks the creatives and tags from legit advertisers, and then uses advanced levels of fingerprinting and obfuscation to evade detection and hit vulnerable consumers.

LEARN MORE

FIZZCORE/CELEBCORE: Bogus Celebrity Endorsements

Threat actors are increasingly using AI and cloaking to lure consumers into crypto schemes or buy shady health products via fake celebrity endorsements.

LEARN MORE

Join US In the fight against threat actors and cybercriminals

LEARN MORE

CONTACT

EXPLORE MORE

Request a Demo

Footer

YOUR Data. We take privacy seriously. If you’d like to know the data we have about you, all you have to do is ask. You can contact us via email at info@themediatrust.com

© 2025 TMT DIGITAL, INC. | Privacy Policy | Terms of Use