Update 6.15.16: An earlier version of this article mentioned a specific adblocking product. Its inclusion was intended to be illustrative only, and not an explicit promotion. We have removed the product’s name because it was leading to some confusion in this regard. Thanks for the great feedback.
Here’s a scary number: 1.3 billion. That’s the monthly traffic of msn.com, which was hit by a malvertising campaign earlier this year. Here’s an even scarier number: 70 percent. That’s the estimated amount of malvertising campaigns that deliver ransomware as a payload. What’s 70 percent of millions and millions of pageviews that cycle through the most popular websites each day? Far too much.
All this is to underscore the very real danger of malvertising. One of the basic tenets of cybersecurity is user awareness. If you practice safe browsing habits, you can protect yourself from a number of threats. But malvertising is a different beast. It hits you without your knowledge, often lives on reputable sites, and most of the time, delivers one of the most dangerous forms of malware today. Practice safe Internetting, and you could still be vulnerable.
What is malvertising?
Malvertising, or malicious advertising, is the use of online advertising to distribute malware with little to no user interaction required. You could be researching business trends on a site like NYTimes.com and, without ever having clicked on an ad, be in trouble. A tiny piece of code hidden deep in the ad directs your computer to criminal servers. These servers catalog details about your computer and its location, and then select the “right” malware for you.
