Malvertising is the use of online, malicious advertisements to spread malware by injection of malicious code into online ads. Malicious actors pay legitimate online advertising networks to display the infected ads on legitimate websites. This exposes website users to the malware.

Malvertising isn’t reserved to sketchy porn sites. It can also appear on legitimate sites that we visit daily. A recent study found that nearly 1 in every 100 ads was impacted by a malicious or disruptive ad.

Because Malvertising requires the user to be exposed to internet ads for the attack to work why not just block all ads? The easy way to accomplish this is to deploy browser extensions such as AdBlock or uBlock Origin to your endpoints. Make sure to deploy them to all of the browser types used in your organization including Chrome, IE, and Firefox.

Always keep your browsers updated with the latest security patches. Train your users to be aware of common web based security threats. Use DISA STIGs to further lockdown and secure your browsers.