Malvertisers Have Elderly Consumers in Their Sights

Malvertisers Have Elderly Consumers in Their Sights
featured image

Dominated by Backdoors, malware targeting elderly Internet users has doubled the beginning of summer 2022

Bad guys are always attracted to low-hanging fruit, hence why malware is often aimed at less-tech savvy consumers. That’s right—elderly Internet users like your grandparents or aging parents and neighbors. The Media Trust has seen a dramatic increase in malware incidents targeting elderly consumers this summer (Figure 1), doubling between May and August.

Figure 1: Malicious incidents, which account for thousands of impressions, aimed at older Internet users have surged over summer 2022.

What’s particularly concerning is the amount of Backdoors, which accounted for nearly half the malware targeted at elderly consumers (Figure 2). Backdoors are attacks that deliver a wide variety of known malicious payloads with or without user interaction—these can include rootkits, Trojans, DDoS bots, keyloggers, cryptominers, and even ransomware.

Figure 2: Backdoors were the predominant form of malware targeted at the elderly between May and August 2022.

And the Backdoor epidemic continues to be on the ascent for older users, with a 3.5X growth from the beginning of summer 2022 (Figure 3). The majority of Backdoor attacks drive downloads of unwanted software, which can open devices to further—and even deadlier—attacks.

Figure 3: Elderly consumers online face a growing barrage of targeted Backdoor attacks.

To add to these digital hazards, Backdoor malvertising Dolos-3PC has been casting a wide net this summer, looking for tech-inexperienced consumers to fall for its fake technical support scheme (Figure 4). While Dolos shows no signs of targeting, elderly Internet users are particularly vulnerable to this vintage pop-up malware attack.

Figure 4: Less-tech-savvy consumers fall prey to Dolos’ fake tech-support popups.

Protect Your Elders

When it comes to protecting elderly consumers from these insidious intrusions, start with educating your own family about digital dangers. Give them a crash course in how malvertising works, threat actors’ devious intentions, and how falling victim to one attack can open you, your family, and their related organizations to even more severe attacks.

Advise your family members to never call a phone number on a pop-up that claims to be technical support, and double check that you’re on the right website or in the right app before entering logins, passwords, or any other information—this is especially critical on banking sites.

As digital advertising professionals, though, we have a duty to ensure trust and safety for all consumers wandering the connected landscape. Shutting down malicious actors requires intense scrutiny of all the advertisements and code running through your ecosystems. Even then, you have to partner with a security specialist that can rapidly identify and shut down malware—especially as threat actors are constantly finding new vulnerabilities and updating their attacks.

Any time you see malware aimed at older folks, just remember—that could be served to your elderly relatives.