MALVERTISING

Malvertising is formed from malicious plus advertising. It’s an online scam in which reputable sites are tricked into distributing bogus advertisements that link to malicious code. It has become a significant issue within the past year, with many well-known sites suffering from the problem, and it’s expected to get worse.

A malvertising exploit from April 2009, simulating a genuine anti-virus product
Click on image to enlarge it

A classic example is an advert that offers a free anti-virus scan, but which instead downloads an application that takes over your browser to harvest credit-card numbers and passwords or send fake e-mails through your account. Since such fake scans work by frightening users, they are also called scareware. The problem for legitimate owners of sites is that it’s hard to detect the fake ads until somebody complains, by which time damage has been done and the publisher’s reputation compromised.

Malvertising is a specific type of what’s called malware (“malicious software”), which can be installed on your computer in a variety of ways. It used to arrive most often in e-mail attachments, but most users have got wise and protect themselves against it. It now infiltrates in other ways — disguised as a legitimate download or served up from a contaminated site.

Publishers have told us that malvertising is one of the biggest threats to their business, and antiquated ad infrastructure technology is largely at fault.

Business Wire, 12 Jan. 2010.

The latest threat for internet users is malvertising, the use of ad networks for distributing malicious software.

Cape Times (South Africa), 16 March 2010.

World Wide Words is copyright © Michael Quinion, 1996–2012. All rights reserved. See the copyright page for notes about linking to and reusing this page. For help in viewing the site, see the technical FAQ. Your comments, corrections and suggestions are always welcome.