Even the “safest” corners of the Internet are no longer safe. Latest scam that could harm you: Cybercriminals have been placing hidden land mines in legitimate online ads on high-profile, trusted websites. When computer users click on the ads, they unknowingly download destructive software, called malware, to their computers. That allows hackers to steal financial account information or even to lock up your files until you pay a ransom to free them.
The malicious practice has been dubbed “malvertising” because the malware hides in online advertising. Malvertising has invaded extremely popular sites including Amazon, Answers.com, Yahoo and YouTube.
Even if you don’t click on an infected ad, just having the ads on your screen can put you at risk because the malware can exploit security holes in your Internet browser and download itself to your computer.
Malvertising is especially difficult for computer users or security software to spot or trace because of the nature of online advertising now. Big ad networks, such as the one owned by Google, often automatically and instantaneously insert ads when you visit a website, based on your interests, location and previous visits to other websites. Most malware is designed to be stealthy and goes undetected by traditional defenses such as antivirus software.
Self-protection: Keep your computer’s operating system, web browsers and browser plug-ins, such as Java and Adobe Flash, up to date by either setting them for automatic update or regularly checking if updates are available. Updates often are able to close security holes reported by previous malvertising victims. Also consider using a free ad-blocking plug-in with your browser, such as Adblock Plus (AdblockPlus.org).