Definition: Malicious Ads, or Malvertising
Using online advertising to spread malware. Malvertising (short form for malicious advertising), requires placing ads filled with malware, on legitimate website pages and through authentic online advertising networks in order to infect a web browser and device. (PC, or mobile device).
Web publishers unknowingly allow what appears to be a legitimate ad to be placed on one of their webpages. In reality, the ad contains malware. Once someone clicks on the ad, their computer becomes infected with malware.
Sometimes the ads come in “alert” form, such as a warning that there is a malware infection, in order to use scare tactics via social engineering, to get the user to act quickly. Note: Users will NEVER receive a legitimate warning about malware infections via an ad through their browser. Alerts like those only come from a comprehensive Internet security program.
Another way the malvertising infects a computer is simply by the user loading the infected page, which is also known as a drive-by-download. Drive by downloads can be installed on your computer simply by looking at a spam email, browsing a compromised website, or via a malicious pop-up window. The ad is full of links that make browsers acquire software from harmful websites and pages via known security holes in unpatched web browsers (NOTE: This is one reason it’s so important to keep your patches up-to-date!).
[…] […]