Malvertising
Malicious advertising — legitimate-looking online ads that, when clicked, redirect users to malware downloads or phishing pages.
Also known as: malicious advertising, drive-by download
Last reviewed: 1 June 2026
Malvertising involves injecting malicious code into online advertising networks, which then display the ads on legitimate, high-traffic websites. Users visiting reputable sites see what appears to be a normal advert — for a well-known brand, a software download, or a security product — but clicking it leads to a drive-by malware download or a phishing page.
More sophisticated malvertising can trigger malware installation without any click, simply by loading in the browser. Attackers often rotate the malicious payload to stay ahead of ad-network filters.
Malvertising is difficult to defend against at the network level because the legitimate publisher may have no knowledge of the malicious content. Using an ad-blocker, keeping browsers and plugins updated, and enabling click-to-play for browser plugins reduces exposure.