{"id":15993,"date":"2020-06-30T13:42:38","date_gmt":"2020-06-30T08:12:38","guid":{"rendered":"https:\/\/www.adpushup.com\/blog\/?p=15993"},"modified":"2022-11-08T13:14:39","modified_gmt":"2022-11-08T07:44:39","slug":"ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked","status":"publish","type":"post","link":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/","title":{"rendered":"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked","gt_translate_keys":[{"key":"rendered","format":"text"}]},"content":{"rendered":"\n<p class=\"has-background\" style=\"background-color:#e4ffea\"><em>Attackers make their way into user&#8217;s device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.<\/em><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Ads are a great way to monetize online traffic for publishers. However, some hackers are out there waiting to inject their own links onto your site and redirect them to an unsafe location.<\/p>\n\n\n\n<p>With the Coronavirus pandemic affecting much of the world, <a href=\"https:\/\/www.adpushup.com\/blog\/the-unintended-side-effects-of-coronavirus-for-the-publishing-industry\/\" target=\"_blank\" rel=\"noreferrer noopener\">publishers are decreasing their floor prices<\/a> and with that hackers are also standing ready to take advantage. One of the techniques used by there hackers is to <a href=\"https:\/\/www.adpushup.com\/blog\/what-is-ad-injection\/\" target=\"_blank\" rel=\"noreferrer noopener\">inject their malicious code to publisher&#8217;s website<\/a>. Here is what you need to know about malicious ads with redirecting links and how you can stop them.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_79_2 counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents:<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #000000;color:#000000\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #000000;color:#000000\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#What_is_a_Malicious_Redirect\" >What is a Malicious Redirect?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#How_Are_Malicious_Code_Injected\" >How Are Malicious Code Injected?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#What_are_the_Types_of_Insertions\" >What are the Types of Insertions<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#What_Types_of_Devices_Are_Most_at_Risk_for_Malicious_Ads\" >What Types of Devices Are Most at Risk for Malicious Ads?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Risks_of_Being_Hacked_by_Malicious_Code\" >Risks of Being Hacked by Malicious Code<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#How_to_Determine_If_Your_Site_is_Infected\" >How to Determine If Your Site is Infected<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Finding_and_Removing_Malicious_Redirects\" >Finding and Removing Malicious Redirects<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Pages_or_Posts\" >Pages or Posts<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Site_Files\" >Site Files<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#htaccess_Files\" >.htaccess Files<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Widgets\" >Widgets<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Ad_Network\" >Ad Network<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#How_to_Fight_Against_Malicious_Injections\" >How to Fight Against Malicious Injections?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#Get_Good_Ads\" >Get Good Ads<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#FAQs\" >FAQs<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"What_is_a_Malicious_Redirect\"><\/span><strong>What is a Malicious Redirect?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>A <strong>malicious redirect<\/strong> is code that a hacker inserts into a web publisher\u2019s site to redirect the person using their site to go to another website. Hackers may use this process to lure your users away to their similar products or services, or they may try to install malware and other harmful viruses on your users\u2019 devices, which may <a rel=\"noreferrer noopener\" href=\"https:\/\/www.idstrong.com\/data-breaches\/\" target=\"_blank\">compromise their personal information<\/a> and may potentially subject you to liability.<\/p>\n\n\n\n<p>A key difference between this type of attack and others is that the attack starts from a legitimate website (publisher&#8217;s website) instead of a virus on a user\u2019s hardware or software. <\/p>\n\n\n\n<p>Once the user clicks on a link (or ad), he is taken to another site where their information may be stolen. In <a rel=\"noreferrer noopener\" href=\"https:\/\/www.sciencedirect.com\/science\/article\/pii\/S016740481730007X\" target=\"_blank\">one study<\/a>, researchers developed a monitoring system to detect URL redirects and identified more than 100,000 of them across 776 websites. Researchers found that a significant number of these redirects occurred after a user clicked on an ad.<\/p>\n\n\n\n<p>One prominent example of this problem occurred with the <a href=\"https:\/\/www.silicon.co.uk\/workspace\/london-stock-exchange-site-flagged-for-serving-malware-22376\" target=\"_blank\" rel=\"noreferrer noopener\">London Stock Exchange\u2019s website in 2011<\/a>. A malicious advertisement from a third-party ad network caused malicious malware to be downloaded on web users\u2019 devices without their consent. Google ended up placing a warning alerting web users that the site might contain malware after testing 281 pages on the site and finding 65 pages caused the download and installation of malware.<\/p>\n\n\n\n<p>In 2020, malware redirecting web traffic was found on <a href=\"https:\/\/www.scmagazine.com\/home\/security-news\/malware\/malware-redirecting-visitors-found-on-2000-wordpress-sites\/\" target=\"_blank\" rel=\"noreferrer noopener\">2,000 WordPress sites<\/a>, according to SC Magazine. Malicious JavaScript redirects visitors to scam websites, laying the foundation to download malware to their devices.<\/p>\n\n\n\n<h2 id=\"Malicious-Code-Injected\"><span class=\"ez-toc-section\" id=\"How_Are_Malicious_Code_Injected\"><\/span><strong>How Are Malicious Code Injected?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img src=\"https:\/\/lh5.googleusercontent.com\/5u5d5cBzk5_eAXWwgSeV_BQdriWsKoWY0wUNFMGhOVXOvO_zNi57N42QmLYmGw0IDoepG_6ALwe_PJi4m0oGHigNcljTpY8NPemkMTmyfPSSq2czPrcnlT7zbwKQZaStam7ekB5T\" alt=\"malicious code\"\/><\/figure>\n\n\n\n<p>Hackers exploit <a href=\"https:\/\/www.govinfo.gov\/content\/pkg\/GAOREPORTS-GAO-01-600T\/pdf\/GAOREPORTS-GAO-01-600T.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">weaknesses to infect computer networks<\/a>. In a study by the United States General Accounting Office, 10 out of 15 of the nation\u2019s largest federal agencies had weaknesses that made them vulnerable to attack. The weaknesses were divided into the following areas:<\/p>\n\n\n\n<ul><li>Security program management, which provides the framework for ensuring that key team members understood the potential risks and were able to select and implement effective controls.<\/li><li>Access controls, which ensure that only authorized individuals are able to alter or delete data.<\/li><li>Software development and change controls, which limit who can implement software programs.<\/li><li>Segregation of duties, which helps to reduce the risk that one person will have the access to independently perform inappropriate actions without others being able to detect it.<\/li><li>Operating systems controls, which provide sensitive programs that support multiple applications from tampering and misuse.<\/li><li>Service continuity, which ensures that operations that are dependent on computers are not interrupted.<\/li><\/ul>\n\n\n\n<p>If a hacker can access your code because of one of these weaknesses, he or she can add malicious code. Website developers input code to create a website. If the code includes the eval() function, users can input code and this function evaluates the code and incorporates it into the website. Websites that use the eval() function to allow user input which can alter your code and result in addition of a malicious redirect. This malicious code may be added to:<\/p>\n\n\n\n<ul><li>Form fields<\/li><li>File uploads<\/li><li>Query string parameters<\/li><li><a href=\"https:\/\/www.adpushup.com\/blog\/types-of-cookies\/\">Cookies<\/a><\/li><\/ul>\n\n\n\n<h2 id=\"types-of-insertions\"><span class=\"ez-toc-section\" id=\"What_are_the_Types_of_Insertions\"><\/span>What are the <strong>Types of Insertions<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The malicious ads may be included in the following locations:<\/p>\n\n\n\n<ul><li>In your pages or posts,<\/li><li>Website\u2019s files,<\/li><li>.htaccess files,<\/li><li>Widgets,<\/li><li>And ad network<\/li><\/ul>\n\n\n\n<p>The location of the malicious ad will affect how you can remove it and protect your site. We will discuss more about these in later sections.<\/p>\n\n\n\n<h2 id=\"devices-at-most-risk\"><span class=\"ez-toc-section\" id=\"What_Types_of_Devices_Are_Most_at_Risk_for_Malicious_Ads\"><\/span><strong>What Types of Devices Are Most at Risk for Malicious Ads?<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Any device that has access to the internet can potentially be exploited by malicious ads, including computers, tablets, phones, laptops and others. However, mobile phones are at a greater risk because they generally lack an antivirus software and other safeguards in place to protect against this type of attack.<\/p>\n\n\n\n<p>For example, <a rel=\"noreferrer noopener\" href=\"https:\/\/www.wired.com\/story\/pop-up-mobile-ads-surge-as-sites-scramble-to-stop-them\/\" target=\"_blank\">Wired reported<\/a> a surge in malicious ads with redirect links that targeted cell phones. If you publish content and make it mobile-friendly, you may need to be concerned about malicious redirects having easier access to infect these devices.<\/p>\n\n\n\n<h2 id=\"Risks-of-Being-Hacked\"><span class=\"ez-toc-section\" id=\"Risks_of_Being_Hacked_by_Malicious_Code\"><\/span><strong>Risks of Being Hacked by Malicious Code<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img loading=\"lazy\" width=\"609\" height=\"334\" src=\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malware-detected.jpg\" alt=\"malware detected\" class=\"wp-image-15990\" srcset=\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malware-detected.jpg 609w, https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malware-detected-300x165.jpg 300w, https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malware-detected-150x82.jpg 150w\" sizes=\"(max-width: 609px) 100vw, 609px\" \/><\/figure><\/div>\n\n\n\n<p>Malicious redirects can cause your users to be lured away by competitors or hackers, resulting in a loss of revenue for your business.<\/p>\n\n\n\n<p>Additionally, malicious redirects may send your users to spoof sites that collect their Social Security number, credit card numbers, or online banking logins. This can compromise their personal information and make them vulnerable to <a rel=\"noreferrer noopener\" href=\"https:\/\/infotracer.com\/resources\/identity-theft-prevention\/\" target=\"_blank\">identity theft<\/a>.<\/p>\n\n\n\n<p>Another possible threat is that the hacker may install a virus or malicious software on the user\u2019s device. If many of your users are affected by the malicious code, you may have a data breach to worry about.<\/p>\n\n\n\n<h2 id=\"Determine-If-Your-Site-is-Infected\"><span class=\"ez-toc-section\" id=\"How_to_Determine_If_Your_Site_is_Infected\"><\/span><strong>How to Determine If Your Site is Infected<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>While you can inspect your site occasionally and click on the links to ensure that they only go to your approved locations, sometimes the attack only occurs on mobile devices or unprotected computers. Hence, you may not be able to find the problem once it is reported to you.<\/p>\n\n\n\n<p>However, you can use a reputable program that will routinely scan your site for this possible attack, as well as others. Once you identify the problem, you can take steps to remove the malicious redirect and restore the functionality of your site.<\/p>\n\n\n\n<h2 id=\"Finding-and-Removing-Malicious-Redirects\"><span class=\"ez-toc-section\" id=\"Finding_and_Removing_Malicious_Redirects\"><\/span><strong>Finding and Removing Malicious Redirects<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" width=\"750\" height=\"500\" src=\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malicious-code.jpg\" alt=\"malicious code\" class=\"wp-image-15991\" srcset=\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malicious-code.jpg 750w, https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malicious-code-300x200.jpg 300w, https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malicious-code-270x180.jpg 270w, https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/malicious-code-150x100.jpg 150w\" sizes=\"(max-width: 750px) 100vw, 750px\" \/><\/figure>\n\n\n\n<p>How you remove the malicious redirect will depend on where it is located. As a web publisher, you may need to check the following locations for possible malicious redirects:<\/p>\n\n\n\n<h3 id=\"pages-or-posts\"><span class=\"ez-toc-section\" id=\"Pages_or_Posts\"><\/span><strong>Pages or Posts<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>This type of redirect may be easier to find than others because it is often on all of your posts and pages. You may see a long line of script that you do not recognize. You can remove the malicious redirects by using your <a href=\"https:\/\/digital.gov\/topics\/content-management-system\/\" target=\"_blank\" rel=\"noreferrer noopener\">content management system<\/a>, a database tool that allows you to edit multiple pages at a time, or by downloading the text offline and then uploading the clean script.<\/p>\n\n\n\n<h3 id=\"site-files\"><span class=\"ez-toc-section\" id=\"Site_Files\"><\/span><strong>Site Files<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<div class=\"schema-how-to wp-block-yoast-how-to-block\"><p class=\"schema-how-to-description\">A common place hackers place these redirects are within a theme\u2019s header. If this is the case, you may notice a large amount of script right after your header in your source code. However, these redirects can be anywhere in your files. Follow these steps to identify and remove the redirect:<\/p> <ol class=\"schema-how-to-steps\"><li class=\"schema-how-to-step\" id=\"how-to-step-1667892729196\"><strong class=\"schema-how-to-step-name\">Check which script is causing the malicious redirect by viewing the source of your site and searching for the term &#8216;script&#8217;.<\/strong> <p class=\"schema-how-to-step-text\"><\/p> <\/li><li class=\"schema-how-to-step\" id=\"how-to-step-1667892745493\"><strong class=\"schema-how-to-step-name\">Look at the code next to each \u201cscript\u201d you find to determine if it is malicious or part of your site\u2019s functionality.<\/strong> <p class=\"schema-how-to-step-text\"><\/p> <\/li><li class=\"schema-how-to-step\" id=\"how-to-step-1667892756920\"><strong class=\"schema-how-to-step-name\">Remove the malicious script by using your site\u2019s theme editor or take the source offline and clean it up before loading it back onto your server.<\/strong> <p class=\"schema-how-to-step-text\"><\/p> <\/li><\/ol><\/div>\n\n\n\n<h3 id=\"Htaccess-Files\"><span class=\"ez-toc-section\" id=\"htaccess_Files\"><\/span>.h<strong>taccess Files<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>If the malicious script is in your .htaccess file, it may be more difficult to find because these redirects often base the offending code on the type of browser that is used or who sent the user to your site, so it may appear differently. This may require that you get some outside help to locate the script and make the necessary corrections.<\/p>\n\n\n\n<h3 id=\"widgets\"><span class=\"ez-toc-section\" id=\"Widgets\"><\/span><strong>Widgets<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>This type of code can also be inserted into your widgets. To remove it, you will need to download your site to your computer. You can <a href=\"http:\/\/etd.fcla.edu\/CF\/CFE0002798\/Dai_Jianyong_200908_PhD.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">search for the malicious code manually<\/a> or with a scanning program designed for this purpose. You may need to check multiple locations to find the offending script, including:<\/p>\n\n\n\n<ul><li>.js files<\/li><li>.json files<\/li><li>Theme files<\/li><li>Core files<\/li><li>Plugins<\/li><\/ul>\n\n\n\n<p>You will then need to clean the files and then upload them back to your server.<\/p>\n\n\n\n<h3 id=\"ad-network\"><span class=\"ez-toc-section\" id=\"Ad_Network\"><\/span><strong>Ad Network<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Some third-party ad networks may not be stringent about the types of advertisements they allow. For example, during the pandemic, some are allowing even riskier advertisements on their site to avoid losing revenue. The only cure for this is to use a reputable ad network.<\/p>\n\n\n\n<h2 id=\"Fight-Against-Malicious-Injections\"><span class=\"ez-toc-section\" id=\"How_to_Fight_Against_Malicious_Injections\"><\/span><strong>How to Fight Against Malicious Injections<\/strong>?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>There are several ways that you can guard against future attacks, including:<\/p>\n\n\n\n<ul><li>Install strong antivirus software<\/li><li>Complete routine scans of your site<\/li><li>Validate inputs<\/li><li>Use static code<\/li><li>Avoid vulnerable evaluation constructs<\/li><li>Work with a reputable <a href=\"https:\/\/www.adpushup.com\/blog\/the-best-ad-networks-for-publishers\/\">ad network<\/a><\/li><\/ul>\n\n\n\n<h3><span class=\"ez-toc-section\" id=\"Get_Good_Ads\"><\/span><strong>Get Good Ads<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>While there may be malicious hackers out there, there are proactive ways that you can protect yourself. Simultaneously you can protect your users from them and prevent your website\u2019s security from getting compromised. As a web publisher, knowing how to secure your website can help you reap the benefits of monetizing your ads while building a valuable audience.<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>This is a guest post by <strong>Ben Hartwig<\/strong>. He is Web Operations Director at InfoTracer who takes a wide view from the whole system. He authors guides on the entire security posture, both physical and cyber. Ben Enjoys sharing the best practices and does it the right way!<\/p>\n\n\n\n<h2 id=\"h-faqs\"><span class=\"ez-toc-section\" id=\"FAQs\"><\/span>FAQs<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1667892817562\"><strong class=\"schema-faq-question\">1. What is malicious user redirection?<\/strong> <p class=\"schema-faq-answer\">The URL redirection vulnerability allows an attacker to force users of your application to an untrusted external site. Typically, the attack is carried out by sending a link to the victim, who clicks the link and is unknowingly redirected to a malicious website.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1667893342884\"><strong class=\"schema-faq-question\">2. How do malicious redirects work?<\/strong> <p class=\"schema-faq-answer\">These URL redirection attacks are used by cybercriminals to gain users&#8217; trust. By embedding URLs in website code, an .html file is used to redirect traffic to a malicious web page. A phishing email or htaccess file. 17% of malware infections are caused by URL redirection attacks.<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1667893417787\"><strong class=\"schema-faq-question\">3. What happens if I click on malicious link?<\/strong> <p class=\"schema-faq-answer\">If you click on a phishing link,\u00a0the attacker will automatically receive some basic data, such as your device statistics, approximate location and any other information you may have voluntarily provided.<\/p> <\/div> <\/div>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"excerpt":{"rendered":"<p>Attackers make their way into user&#8217;s device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects. Ads are a great way to monetize online traffic for publishers. However, some hackers are out there waiting to inject their own links onto your site and redirect them to an<\/p>\n","protected":false,"gt_translate_keys":[{"key":"rendered","format":"html"}]},"author":18,"featured_media":15992,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","om_disable_all_campaigns":false,"inline_featured_image":false,"apple_news_api_created_at":"","apple_news_api_id":"","apple_news_api_modified_at":"","apple_news_api_revision":"","apple_news_api_share_url":"","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\""},"categories":[6439],"tags":[6436],"apple_news_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v18.5 (Yoast SEO v18.9) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Potential Risks If Your Ads Are Being Hacked | Adpushup<\/title>\n<meta name=\"description\" content=\"Attackers make their way into user&#039;s device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/\" \/>\n<meta name=\"twitter:card\" content=\"summary\" \/>\n<meta name=\"twitter:title\" content=\"Potential Risks If Your Ads Are Being Hacked | Adpushup\" \/>\n<meta name=\"twitter:description\" content=\"Attackers make their way into user&#039;s device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg\" \/>\n<meta name=\"twitter:creator\" content=\"@adpushup\" \/>\n<meta name=\"twitter:site\" content=\"@adpushup\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Shubham Grover\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/#organization\",\"name\":\"AdPushup\",\"url\":\"https:\/\/www.adpushup.com\/blog\/\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/adpushup\/\",\"https:\/\/www.facebook.com\/AdPushup\/\",\"https:\/\/twitter.com\/adpushup\"],\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2019\/02\/AdPushup-logo.png\",\"contentUrl\":\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2019\/02\/AdPushup-logo.png\",\"width\":3294,\"height\":893,\"caption\":\"AdPushup\"},\"image\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/#website\",\"url\":\"https:\/\/www.adpushup.com\/blog\/\",\"name\":\"AdPushup Blog\",\"description\":\"A\/B Testing, Monetization &amp; Ad Optimization\",\"publisher\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.adpushup.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#primaryimage\",\"url\":\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg\",\"contentUrl\":\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg\",\"width\":1234,\"height\":850,\"caption\":\"malicious ads with redirecting links\"},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#webpage\",\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/\",\"name\":\"Potential Risks If Your Ads Are Being Hacked | Adpushup\",\"isPartOf\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#primaryimage\"},\"datePublished\":\"2020-06-30T08:12:38+00:00\",\"dateModified\":\"2022-11-08T07:44:39+00:00\",\"description\":\"Attackers make their way into user's device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667892817562\"},{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893342884\"},{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893417787\"}],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"blog\",\"item\":\"https:\/\/www.adpushup.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ad Fraud\",\"item\":\"https:\/\/www.adpushup.com\/blog\/category\/ad-fraud\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/#\/schema\/person\/8dbbe9397dddf4ab1d858603e751f897\"},\"headline\":\"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked\",\"datePublished\":\"2020-06-30T08:12:38+00:00\",\"dateModified\":\"2022-11-08T07:44:39+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#webpage\"},\"wordCount\":1707,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg\",\"keywords\":[\"guides\"],\"articleSection\":[\"Ad Fraud\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/#\/schema\/person\/8dbbe9397dddf4ab1d858603e751f897\",\"name\":\"Shubham Grover\",\"description\":\"Shubham is a digital marketer with rich experience working in the advertisement technology industry. He has vast experience in the programmatic industry, driving business strategy and scaling functions including but not limited to growth and marketing, Operations, process optimization, and Sales.\",\"url\":\"https:\/\/www.adpushup.com\/blog\/author\/shubham\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667892817562\",\"position\":1,\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667892817562\",\"name\":\"1. What is malicious user redirection?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"The URL redirection vulnerability allows an attacker to force users of your application to an untrusted external site. Typically, the attack is carried out by sending a link to the victim, who clicks the link and is unknowingly redirected to a malicious website.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893342884\",\"position\":2,\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893342884\",\"name\":\"2. How do malicious redirects work?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"These URL redirection attacks are used by cybercriminals to gain users' trust. By embedding URLs in website code, an .html file is used to redirect traffic to a malicious web page. A phishing email or htaccess file. 17% of malware infections are caused by URL redirection attacks.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893417787\",\"position\":3,\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893417787\",\"name\":\"3. What happens if I click on malicious link?\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"If you click on a phishing link,\u00a0the attacker will automatically receive some basic data, such as your device statistics, approximate location and any other information you may have voluntarily provided.\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"HowTo\",\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#howto-1\",\"name\":\"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#article\"},\"description\":\"A common place hackers place these redirects are within a theme\u2019s header. If this is the case, you may notice a large amount of script right after your header in your source code. However, these redirects can be anywhere in your files. Follow these steps to identify and remove the redirect:\",\"step\":[{\"@type\":\"HowToStep\",\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#how-to-step-1667892729196\",\"text\":\"Check which script is causing the malicious redirect by viewing the source of your site and searching for the term 'script'.\"},{\"@type\":\"HowToStep\",\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#how-to-step-1667892745493\",\"text\":\"Look at the code next to each \u201cscript\u201d you find to determine if it is malicious or part of your site\u2019s functionality.\"},{\"@type\":\"HowToStep\",\"url\":\"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#how-to-step-1667892756920\",\"text\":\"Remove the malicious script by using your site\u2019s theme editor or take the source offline and clean it up before loading it back onto your server.\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Potential Risks If Your Ads Are Being Hacked | Adpushup","description":"Attackers make their way into user's device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/","twitter_card":"summary","twitter_title":"Potential Risks If Your Ads Are Being Hacked | Adpushup","twitter_description":"Attackers make their way into user's device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.","twitter_image":"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg","twitter_creator":"@adpushup","twitter_site":"@adpushup","twitter_misc":{"Written by":"Shubham Grover","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.adpushup.com\/blog\/#organization","name":"AdPushup","url":"https:\/\/www.adpushup.com\/blog\/","sameAs":["https:\/\/www.linkedin.com\/company\/adpushup\/","https:\/\/www.facebook.com\/AdPushup\/","https:\/\/twitter.com\/adpushup"],"logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.adpushup.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2019\/02\/AdPushup-logo.png","contentUrl":"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2019\/02\/AdPushup-logo.png","width":3294,"height":893,"caption":"AdPushup"},"image":{"@id":"https:\/\/www.adpushup.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"WebSite","@id":"https:\/\/www.adpushup.com\/blog\/#website","url":"https:\/\/www.adpushup.com\/blog\/","name":"AdPushup Blog","description":"A\/B Testing, Monetization &amp; Ad Optimization","publisher":{"@id":"https:\/\/www.adpushup.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.adpushup.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#primaryimage","url":"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg","contentUrl":"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg","width":1234,"height":850,"caption":"malicious ads with redirecting links"},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#webpage","url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/","name":"Potential Risks If Your Ads Are Being Hacked | Adpushup","isPartOf":{"@id":"https:\/\/www.adpushup.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#primaryimage"},"datePublished":"2020-06-30T08:12:38+00:00","dateModified":"2022-11-08T07:44:39+00:00","description":"Attackers make their way into user's device even with advanced security in action. Here is everything a publisher should know to fight malicious redirects.","breadcrumb":{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667892817562"},{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893342884"},{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893417787"}],"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"blog","item":"https:\/\/www.adpushup.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Ad Fraud","item":"https:\/\/www.adpushup.com\/blog\/category\/ad-fraud\/"},{"@type":"ListItem","position":3,"name":"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked"}]},{"@type":"Article","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#article","isPartOf":{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#webpage"},"author":{"@id":"https:\/\/www.adpushup.com\/blog\/#\/schema\/person\/8dbbe9397dddf4ab1d858603e751f897"},"headline":"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked","datePublished":"2020-06-30T08:12:38+00:00","dateModified":"2022-11-08T07:44:39+00:00","mainEntityOfPage":{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#webpage"},"wordCount":1707,"commentCount":0,"publisher":{"@id":"https:\/\/www.adpushup.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#primaryimage"},"thumbnailUrl":"https:\/\/www.adpushup.com\/blog\/wp-content\/uploads\/2020\/06\/Malicious-Ads-with-Redirecting-Links.jpg","keywords":["guides"],"articleSection":["Ad Fraud"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.adpushup.com\/blog\/#\/schema\/person\/8dbbe9397dddf4ab1d858603e751f897","name":"Shubham Grover","description":"Shubham is a digital marketer with rich experience working in the advertisement technology industry. He has vast experience in the programmatic industry, driving business strategy and scaling functions including but not limited to growth and marketing, Operations, process optimization, and Sales.","url":"https:\/\/www.adpushup.com\/blog\/author\/shubham\/"},{"@type":"Question","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667892817562","position":1,"url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667892817562","name":"1. What is malicious user redirection?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"The URL redirection vulnerability allows an attacker to force users of your application to an untrusted external site. Typically, the attack is carried out by sending a link to the victim, who clicks the link and is unknowingly redirected to a malicious website.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893342884","position":2,"url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893342884","name":"2. How do malicious redirects work?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"These URL redirection attacks are used by cybercriminals to gain users' trust. By embedding URLs in website code, an .html file is used to redirect traffic to a malicious web page. A phishing email or htaccess file. 17% of malware infections are caused by URL redirection attacks.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893417787","position":3,"url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#faq-question-1667893417787","name":"3. What happens if I click on malicious link?","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"If you click on a phishing link,\u00a0the attacker will automatically receive some basic data, such as your device statistics, approximate location and any other information you may have voluntarily provided.","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"HowTo","@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#howto-1","name":"Ads with Malicious Redirect: Potential Risks If Your Ads Are Being Hacked","mainEntityOfPage":{"@id":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#article"},"description":"A common place hackers place these redirects are within a theme\u2019s header. If this is the case, you may notice a large amount of script right after your header in your source code. However, these redirects can be anywhere in your files. Follow these steps to identify and remove the redirect:","step":[{"@type":"HowToStep","url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#how-to-step-1667892729196","text":"Check which script is causing the malicious redirect by viewing the source of your site and searching for the term 'script'."},{"@type":"HowToStep","url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#how-to-step-1667892745493","text":"Look at the code next to each \u201cscript\u201d you find to determine if it is malicious or part of your site\u2019s functionality."},{"@type":"HowToStep","url":"https:\/\/www.adpushup.com\/blog\/ads-with-malicious-redirect-potential-risks-if-your-ads-are-being-hacked\/#how-to-step-1667892756920","text":"Remove the malicious script by using your site\u2019s theme editor or take the source offline and clean it up before loading it back onto your server."}],"inLanguage":"en-US"}]}},"gt_translate_keys":[{"key":"link","format":"url"}],"_links":{"self":[{"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/posts\/15993"}],"collection":[{"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/comments?post=15993"}],"version-history":[{"count":6,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/posts\/15993\/revisions"}],"predecessor-version":[{"id":24676,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/posts\/15993\/revisions\/24676"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/media\/15992"}],"wp:attachment":[{"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/media?parent=15993"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/categories?post=15993"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.adpushup.com\/blog\/wp-json\/wp\/v2\/tags?post=15993"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}