What is Malvertising?

Malicious advertising (Malvertising) is a malware attack that uses online ads to spread malicious code.

How Malvertising Works

You visit a website with an infected banner or popup ad. No site is safe, no matter how legitimate it appears to be. Even mainstream sites such as NYTimes. com, Gizmodo, and Dailymotion have unknowingly carried infected ads.

how malvertising works
The infected ad uses an iframe, an “invisible” webpage element, to do its work. You won’t see it, and you don’t even have to click anything to activate it.
The landing page is where malicious code attacks your system.
The attack code exploits your system and installs malicious software.


Cyber criminals are able to utilize malvertising by submitting booby-trapped advertisements to ad networks for a real-time bidding process.


Malicious ads rotate in with normal ads. Therefore, when you visit an infected site, you might not be attacked.


Using software like pop-up/ad blockers offers some protection against malvertising, but employing anti-exploit software in conjunction with an anti-malware is your best bet.

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language