Malicious advertising (Malvertising) is a malware attack that uses online ads to spread malicious code.
You visit a website with an infected banner or popup ad. No site is safe, no matter how legitimate it appears to be. Even mainstream sites such as NYTimes. com, Gizmodo, and Dailymotion have unknowingly carried infected ads.
Cyber criminals are able to utilize malvertising by submitting booby-trapped advertisements to ad networks for a real-time bidding process.
Malicious ads rotate in with normal ads. Therefore, when you visit an infected site, you might not be attacked.
Using software like pop-up/ad blockers offers some protection against malvertising, but employing anti-exploit software in conjunction with an anti-malware is your best bet.