In 2024 we have seen the evolution of powerful tech that continues to shape our corporate and personal lives. From AI tools designed to boost marketing strategy efficiency, to hybrid cloud infrastructure expanding corporate structures beyond geographical boundaries, there’s no telling what the ad tech industry will see in 2025. Or how will cybercriminals continue to exploit tech innovation to evolve their malicious tactics. From AdSecure, and based on 2024 trends, we bring you the top ad security threat predictions for 2025.

Malvertisers will continue to use AI to launch their attacks

Artificial Intelligence has brought a lot of improvements to the ad tech ecosystem in 2024, including the enhancement of real-time bidding optimization, more in-depth analytic visibility and conversion predictability. However, this powerful tech has also been taken advantage of by Malvertisers, who are using AI to create sophisticated malicious campaigns.

For instance, social engineering attacks delivering Spear Phishing, Scareware or Malware scams have been enhanced with Predictive AI Analytics. With them cybercriminals have learned end user behavior and managed to adjust their tactics in real-time to circumvent detection software, ad blockers, and going unnoticed by sandboxing techniques. As a next step, AI-Powered Chatbots, Deepfakes and Voice Cloning techniques have been leveraged to create hyper customized ads designed to exploit end user fear, worry, and hope. This is followed by malicious landing pages built using AI Generators, designed as hyperrealistic replicas of legitimate companies to trick the end user into clicking compromised URLs.

Insight: According to HP’s Treat Insights report (December 2024), Malvertisers have started exploiting AI to grant themselves easy entry into malicious advertising. This has allowed novice cybercriminals to launch attacks using AI-generated, for instance, building droppers for email attacks, or using GenAI to create complicated code without needing to be code savvy, easing their way into the Malvertising business.

Multi-Factor Authentication will be the key to mitigating InfoStealer remote working security risks

As companies turn to hybrid IT setups with workers dispersed across the globe, InfoStealer Malware campaigns are on the rise. In these complex corporate environments we find a mix of company and personal devices, on-premises data centers, hybrid clouds, all interconnected using the internet.

InfoStealer attacks bypass traditional defense methods and collect end user identity data from apps and browsers, exploiting system vulnerabilities: If the end user unknowingly clicks on an InfoStealer ad campaign and their point of access to their company software isn’t properly protected, they can end up granting the Malvertiser access using their identity. With this threat exponentially growing over the past few months. In 2025 companies will need to rely on Multi-Factor Authentication (MFA) technology and device verification more than ever, to protect employees’ access points.

Insight: Although the existence of MFA tech is widely known and so are its benefits, only 55% of small companies in the world use MFA technology to protect their assets. Plus, on average, only 13% of employees in small businesses use MFA to access their accounts, meaning that a lot of job roles are still at risk of leaking sensitive company information.

Marketing Technology News: MarTech Interview with Andrew Pascoe, Vice President Of Data Science Engineering @ NextRoll

IoT and Connected Devices vulnerabilities exploited

Increasingly more buildings are using IoT to keep things running every year. That covers company buildings, homes and also critical buildings and city infrastructure. And so, it comes as no surprise that Malvertisers have also decided to target connected devices like Smart TVs, which can at the same time be connected to a building’s security infrastructure such as electronic doorbells and security cameras, with their malicious methods. IoT devices often have less than optimal online security measures and are often targeted with DDoS (Distributed Denial-Of-Service) attacks, MITM (man-in-the-middle), botnets and InfoStealer attack vectors. Once these devices have been corrupted by the cybercriminal, this can infiltrate it several ways, and because of the nature of the device, they can do so remotely and without too many barriers.

Insight: According to a recent study by Forescout, from all device groups (IoMT, OT, IoT and IT) IoT devices accumulate 33% of all vulnerabilities in 2024, a 14% increase from the year prior, which is likely to increase even further in 2025. The most exposed devices across all of the groups are, of course, computers, mobiles, and servers, which accumulate nearly 90% of all vulnerabilities. Right behind we can find IP cameras, Smart TVs, Smart printers and even PACS systems like blood glucose meters.

Google Ads targeted with Cloaking techniques

In 2024 we have seen a lot of popular ad networks such as Google Ads falling victim to Malvertising tactics multiple times. In the case of Google, many of these attacks have been delivered through Ad Cloaking. With this method Malvertisers can impersonate popular software such as KeePass, AnyDesk, WinSCP and Arc Browser to trick the end users into downloading Malware. The malicious campaigns show legitimate click URLs, which once clicked redirect the unsuspecting victim to malicious sites riddled with Malware like Trojans, InfoStealer software and more.

Other Malvertisers have preferred to use Google Ads to launch tech support scams targeting the end users of popular platforms like eBay. Others have launched corrupted Search Ads posing as employee portals from big companies such as Lowe’s and Ransomware and Fileless Malware attacks targeting Systems Administrators for big companies like Windows, etc.

Insight: Because Malvertisers get away with such techniques by creating multiple accounts simultaneously and using text manipulation and cloaking, they usually fly under the radar, going entirely undetected. And as Malvertisers evolve their methods with new technologies and adapt to ad networks’ security methods, this tactic will most likely continue being used in 2025, targeting not only popular networks like Google, but also platforms of all sizes across the globe.

Final thoughts

As increasingly more complicated working structures and powerful tech tools continue to change the online environment, Cybercriminals continue to exploit software vulnerabilities to steal sensitive business. This highlights once again the importance of investing in ad security. Not only to safeguard business information and assets, but also to promote a safer digital ecosystem, granting a pleasant online user experience and personal online security.

Marketing Technology News: GenAI and the Future of Marketing