National Geographic Fans Targeted with Mobile Scareware

Mobile users of the National Geographic website are targeted with scareware saying they have been infected with malware, according to the Bitdefender Labs. They are then abusively redirected to a Google Play app that would clean their Android device.

The ad poses as a message from the news.nationalgeographic.com page. “Your Android has been infected with a virus,” the deceptive alert reads. “Tap OK to remove now.”

Such messages end up on the National Geographic official web page through a chain of ad networks, including the Rubicon Project, Google`s DoubleClick and AppNexus.

“Dubious advertising techniques try to redirect users to various apps and downloads,” Bitdefender Chief Security Strategist Catalin Cosoi said. “This time, scammers managed to mess with the website of a famous international brand to gain extra-exposure and add legitimacy to their message. From kids to grown-ups – who wouldn`t believe National Geographic?”

Advertising techniques that promote Google Play applications through scareware have been used for a couple of years. In November 2013, Bitdefender warned about the alternative app store MoboMarket that attracted new users through a similar scam. Other scareware ads promoting legitimate Google Play apps subscribe people to expensive services such as wallpaper downloads.

In 2014, cyber-criminals are expected to focus more than ever on profit via malvertising and dubious advertising techniques, exposing millions of users worldwide to malware, spam, phishing and fraud via legitimate web sites.

Users are advised to keep their mobile security solution updated to protect themselves from malicious redirects. Android and iOS users can also check out Clueful, a free Bitdefender product that shows them how installed apps use, and possibly abuse, their personal information and treat their privacy.

To learn more about malvertising, read the Bitdefender study, “The Murky Waters of the Internet: Anatomy of Malvertising and Other e-Threats,” published in the Virus Bulletin.

This article is based on the technical information provided courtesy of Octavian MINEA and Octavian CHELARU, Bitdefender Malware Researchers.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.