Malvertising (short for malicious advertising) is a cyberattack technique that uses online advertisements to spread malware, redirect users to fraudulent websites, or steal personal information.
Unlike traditional malware attacks, malvertising does not always require a user to download a file or click a suspicious link. In some cases, simply viewing a compromised advertisement on a legitimate website can expose users to security risks (learn more about drive-by download).
Cybercriminals often place malicious code in online ads that appear on trusted websites through advertising networks. Because these ads can look completely legitimate, it may be difficult for users to recognize the threat.
How Does Malvertising Work?
Malvertising campaigns typically begin when attackers create or compromise an online advertisement and submit it to an advertising network.
When the ad appears on a website, it may:
- Redirect users to malicious websites
- Display fake security warnings
- Promote fraudulent software downloads
- Attempt to steal login credentials
- Exploit vulnerabilities in outdated browsers or software
Some attacks require users to click the ad, while others may trigger automatically if the device has unpatched security weaknesses.
What Are the Risks of Malvertising?
Malvertising can lead to several security and privacy problems, including:
- Malware infections
- Ransomware attacks
- Identity theft
- Financial fraud
- Stolen passwords and account credentials
- Unwanted software installations
Because malicious ads can appear on otherwise trustworthy websites, even cautious internet users can become victims.
How Can You Protect Yourself from Malvertising?
You can reduce your risk by following these security practices:
- Keep your operating system, browser, and apps updated
- Use reputable antivirus and anti-malware software
- Avoid clicking unexpected advertisements
- Enable browser security features
- Be cautious of pop-ups claiming your device is infected
- Use an ad blocker if appropriate for your browsing needs
Modern security software can often detect and block malicious websites and downloads associated with malvertising campaigns.
Malvertising is the use of malicious online advertisements to distribute malware, steal information, or redirect users to harmful websites. Because these ads can appear on legitimate websites, maintaining up-to-date software and using reliable security protection are important steps in reducing your risk online.