Adware is a type of malware that displays unwanted pop up advertisements on your computer or device. Adware is commonly activated unknowingly when a user is trying to install legitimate applications that the adware is bundled with.

The ads are delivered through pop-up windows or bars that appear on the program’s user interface. Adware is commonly created for PCs, but mobile devices may also be targeted for adware exploits.

How does adware work?

Adware is placed in an existing application on a user’s device usually via a security vulnerability. Users can also unknowingly download it. This can happen when users do one of the following:

  • download an application with adware in it; or
  • use software with vulnerabilities that adware authors can exploit.

The goal of adware is to get users to click on or otherwise engage with advertisements. Adware developers and distributors make money when users click on the online advertising that their adware serves. Adware is often just a nuisance, but it can contain malicious threats.

Types of adware

The two main types of adware are legitimate and malicious.

Legitimate adware

Legitimate adware is downloaded with the user’s express consent and will usually involve a reward for doing so such as a discount or free software.

For example, some software is offered either free, as an advertising-supported version, or as a paid version without advertisements. Users wanting an ad-free experience can buy the paid version.

Malicious adware

Malicious adware is usually designed with the intent of delivering malicious software to the user.

Deceptive or malicious adware makes it difficult for the user to refuse consent or uses deceptive means to gain the user’s consent. Constant pop ups are an example of malicious adware.

Some types of malicious adware include the following:

  • Spyware: Software is classified as spyware when it tracks and records users’ personal information and internet browsing habits without the user’s knowledge or authorization. User data collected in this manner is often sold to third parties and can sometimes be placed on the dark web.
  • Potentially unwanted programs (PUPs): Malicious adware or spyware may be bundled in with free software or Shareware programs and utilities downloaded from the internet. Users visiting an infected website can end up with malicious adware surreptitiously installed on their device.
  • Man-in-the-middle (MitM) attacks: These attacks redirect user traffic through the adware vendor’s system, even over secure or encrypted connections. The two parties communicating believe they are exchanging information over a secure connection, while the attacker is able to collect and manipulate sensitive information as the conversation takes place.

How to detect adware

The most common way to recognise adware is the appearance of pop-up advertisements and applications that you are unfamiliar with and on browsers where they had not been displayed before.

In some cases, adware attacks can also cause changes to your browser including:

  • Lagging performance and eventual crashing
  • Unrequested changes to your browser homepages
  • Appearance of new extensions and toolbars
  • Web pages not displaying properly
  • Unwanted software installing

How to remove adware?

Cybersecurity tools can be used to remove malware.

Alternatively, users can manually remove adware from a device. Simply identify the name of the adware program and use the device’s application maintenance utility to remove the program. This requires that the user know the name of the adware, which can be difficult to identify.