Malvertising
The use of legitimate online advertising networks to deliver malicious code or scams to users.
Attackers buy ad inventory through normal channels and embed malicious payloads — drive-by exploit code, fake browser update prompts, tech-support scams — that load when the ad renders. Because the attack arrives through trusted publishers and ad exchanges, it can hit users on otherwise reputable sites.
Ad blocking is one of the most effective countermeasures: no ad rendered, no malvertising payload. Several enterprise security guidelines now recommend ad blockers as endpoint hardening for this reason.
