TEL AVIV, Israel, June 11, 2015 /PRNewswire/ -- Namogoo, an online security company, has published new research today indicating an overwhelming 15% to 30% of e-commerce site visitors are infected with Client-Side Injected Malware (CSIM) that causes them to view injected ads, malicious links and fraudulent spyware on otherwise legitimate sites.
Full results of the Namogoo whitepaper can be accessed at http://cdn.namogoo.com/WhitePaper-06.pdf
CSIM, a new malware phenomenon that has grown rapidly in the past two years, is able to operate completely undetected by site publishers because it lives locally on consumers' browsers or computers. This makes it an especially viable threat to the vast majority of e-commerce operators that focus solely on server-side protections. Consumers unknowingly download CSIM via bundled apps or extensions and most commonly experience injected ads - fake advertisements that look native to an authentic site, but actually lead consumers away from the website to make their final purchases elsewhere.
Injected ads made up an estimated $7 billion market in 2014, and the culprits behind the industry can range from lone developers in emerging markets to large public companies operating in the gray area of the law while siphoning off millions in e-commerce traffic and revenue from unsuspecting brands. Namogoo has already identified over 25,000 ad injector signatures, with an average of 200 new signatures appearing daily.
"We even see anti-virus companies using their software to secretly infect consumers with CSIM. It's a startling but unfortunate truth," says Namogoo co-founder and CEO Chemi Katz. "Because it's an easy way to make a buck, struggling anti-virus companies have given in to the dubious practice in order to stay alive, although we think it's quickly becoming evident in the eyes of the public."
Namogoo has developed a new technology that allows e-commerce sites to combat CSIM for the first time by suppressing all active CSIM on a consumer's computer or browser when that consumer visits a Namogoo-protected site. Namogoo's servers scan millions of pages 24 hours a day, creating malware injection blocking rule sets in real-time and delivering them to the website via a single line of code, so site publishers can control the user experience, down to the individual computer. The technology has the potential to make consumer anti-malware obsolete, much of which is lacking or ineffective.
"It doesn't make sense to expect uneducated consumers to protect themselves against increasingly sophisticated malware. Our technology shifts that burden to the brands, where it's a much fairer fight. We've been working with a lot of major US and EU e-commerce companies, and the problem is a lot bigger than people think. Even in the industry where Google recently claimed that roughly 5.5% of people visiting Google sites were seeing injected ads, the numbers we see are significantly different. We've found it to be much, much higher," says co-founder and COO Ohad Greenshpan. "About 15% to 30% of all internet users, or the equivalent of 900 million people worldwide are actually infected."
In the past six months alone Namogoo has seen client-side attacks increase by 20%, a sign that the CSIM industry is getting even more aggressive. In certain verticals, including travel and luxury, Namogoo has found an especially concerted effort by malware developers on the CSIM front as consumers are not only more likely to click on an injected ad, but ultimately make larger purchases.
To read more about Namogoo's findings for the travel industry, visit http://cdn.nmgcdn.com/NamogooTravelResearchBrief2015linked.pdf
To read more about Namogoo's findings for the luxury industry, visit http://cdn.namogoo.com/NamogooLuxuryResearchBrief2015.pdf
"CMOs, CTOs and Heads of E-Commerce need to understand that just because they don't see it doesn't mean it doesn't exist," says Katz. "We finally have the tools to measure and combat CSIM, and not a moment too soon. Malware developers know you're guarding the back door, so now they're sneaking in through the front door of your customers' devices. You have to stay protected on both sides."
Namogoo (https://www.namogoo.com) is an Israeli security company that helps brands protect themselves and their consumers against Client-Side Injected Malware for the first time. Namogoo's servers scan millions of pages 24 hours a day, creating malware injection blocking rule sets in real-time and delivering them to a website via a single line of code.
Advanced learning algorithms monitor malware patterns and continuously adapt the security shield so Namogoo-protected sites remain free from the effects of CSIM. Consumers experience the site as it was intended to be viewed in a safe shopping experience, while brands can ensure that they capture the full value of their online traffic.