What in the world is malvertising?

Malvertising is the practice of incorporating malicious code into advertisements. Malvertising is especially dangerous because it typically involves an attacker getting a malicious advertisement into a legitimate advertising network, which displays ads on a plethora of legitimate websites. It may not require any user interaction for the attack to be successful - just visiting a website, even a legitimate website, that displays ads from an advertising network could be enough to become compromised.

Because of this, even the most careful users could end up being compromised. This also serves as a prime reason for limiting any non-work related web browsing on company computers or networks, since even browsing legitimate websites could expose the computer and network to risks from malvertising.

It was estimated that in 2012 more than 10 billion ad impressions online were compromised by malvertising.

What can you do to reduce your risk?

1. Don’t browse the web unnecessarily on company computers or networks. Stick to work-related internet use.

2. Implement web filtering tools that can block known threats.

3. Implement patch-management to install security updates for the operating system and software.

4. Keep your web browser fully updated.