Accessibility links

Facebook   X   LinkedIn   Email

Experts Warn: Malvertising on the Rise

May 7, 2025

The name is short for malicious advertising, but malvertising’s long record of infecting devices is growing fast. Last fall, Malwarebytes found month-to-month, a 42% increase in malvertising in the U.S. It’s a strong message that users need to be hyper-aware of these aggressive and hazardous online ads.

Cybercriminals use malvertising to download malicious code onto a device. Once a device is infected, any number of cyberattacks can happen. Any online search can bring up malvertising…it can look like sponsored content, or it can hide in ads needing to be clicked on. And unknowingly visiting a website infected by malvertising can contaminate your device in a flash.

It’s not just the everyday user who needs to look out for malvertising; big companies can fall victim just as easily. Employees at Lowe’s were targeted by a Google ad inviting them to click a link to visit their staff portal. The link “myloveslife.net” misspelled the Lowe’s name—which should have been “myloweslife.net.” However, many employees didn’t even know the real portal URL—a big part of the problem.

Clicking the bogus link brought staffers to a phishing page complete with company logos, and since the page looked legit, employees took the bait. The lesson here is to be sure staffers know the legitimate URLs for the company’s internal portals, and they should know what they are for their own online safety, too.

Malvertising Hygiene

Staying clear of malvertising requires using your cyber-smarts. Here are a few to keep in mind the next time an ad calls your name.

  • Closely check the URL spelling before you click.
  • Rather than click on an ad, type in the known URL yourself.
  • If you suspect you’re on a shady site, immediately close the browser window.
  • Beware of ads luring you with low prices and urgent actions.
  • Keep all software patched and updated, including your browser.

We know malvertising isn’t new, but it is getting better and harder to detect. So, keep your cyber-smarts at the ready and always question before you click.


Mac Users Targeted by Poseidon's Trident

Scams & Phishing

Mac Users Targeted by Poseidon's Trident

Mac users are in the crosshairs again. Recently, a new campaign distributing malware targeting them via malicious Google ads for the Arc browser was observed and reported by Malwarebytes. This is the second such instance in recent months, highlighting Arc's growing use in the Mac world. Cybercriminals are riding the Arc popularity wave and pointing their cyber-trident right at MacOS users. This latest campaign involves a macOS stealer, branded as "Poseidon." READ FULL STORY
'Tis The Season Of Fake Shopping Sites

Scams & Phishing

'Tis The Season Of Fake Shopping Sites

As we’re all getting back into the holiday spirit after a somewhat glum 2020 season, it’s important to remember that the holiday shopping season doesn’t end on December 25. In fact, some retailers put their marketing effort into overdrive. There are after holidays sales, new year’s sales, and even “getting rid of all this stuff we didn’t sell at Christmas” sales advertised under some creative title. Retailers try to take advantage of the shopping spirit as far into the new year as they can and those who like to capitalize on this are also upping their game. READ FULL STORY
When Employees Are Away, Cybercriminals Play. Securing Your Network During the Holidays

Corporate Security

When Employees Are Away, Cybercriminals Play. Securing Your Network During the Holidays

The holiday season can be a time of cheer, but also of time of utter chaos and distraction. That’s when those Grinchy cybercriminals step up their naughty tricks. While many of us go about our holiday business, maybe take more vacation time, and overall just try to be full of glee, they get to work taking advantage of all of that and more. In fact, according to studies, cybercrime skyrockets, sometimes to the tune of 550%, around this time of year. READ FULL STORY
Malvertising Campaign Tracks Down Our Payment Card Info Using USPS

Scams & Phishing

Malvertising Campaign Tracks Down Our Payment Card Info Using USPS

The fewer items we receive via the U.S. Postal Service (USPS) these days, the more excited we get when we do get packages delivered by the service. Well, cybercriminals are always up to something and now they are trying to take away our excitement when we go get the mail. Researchers at Malwarebytes provided a detailed process of how a recently discovered malvertising campaign works and helps criminals track down our payment card information for their own use. READ FULL STORY
BlackCat Brings Bad Luck Using Google Ads

Scams & Phishing

BlackCat Brings Bad Luck Using Google Ads

Trend Micro researchers recently identified that a notorious ransomware group is using various malvertising tricks within Google Ads to distribute fake WinSCP installers. They are using Targeted Attack Detection (TAD) service. What is that, you say? This means that if you click on an infected ad that you see on your webpage, your network could get a bad case of cat scratch fever. Threat actors are taking advantage of Google Ads to launch malvertising campaigns. READ FULL STORY