Malvertising is back, after a brief hiatus, in the third quarter of 2017 according San Francisco-based digital threat management solutions provider RiskIQ. malvertising has risen consistently since programmatic advertising gained popularity.
Malvertising exploits online advertising by inserting malicious or malware-laden ads into genuine advertising networks and webpages.
Overall, RiskIQ scanned 53% fewer advertisements containing a blacklisted incident—phishing, scams, exploit kits, and malware—than the previous quarter, reversing a trend.
Exploit kits have continued to decline, but malware, which decreased by almost 45% last quarter, was the only type of malvertising to increase. “Meanwhile, phishing, which rose over 100% last quarter, experienced a considerable decline, which could mean attackers thought it wise to pivot to dropping malware from trying to trick users into clicking on deceptive ads that may lead to pages requesting sensitive data,” Forrest Gueterman, threat analyst at RiskIQ, said.
RiskIQ has seen a steady long-term increase of malvertising, but quarter to quarter detections appear to be cyclical. “It's interesting to note how the type of malvertising fluctuates, and how that may indicate a change in attacker tactics,” Gueterman noted.
Gueterman explained although RiskIQ's data shows a 21% drop in scams (disingenuous advertising), it continues to be a favorite tactic of threat actors—RiskIQ detected almost 990,000 incidents in the third quarter and profiled several new tactics. Scammers drive immense amounts of valuable traffic to their sites via vast scam networks. Their fraudulent landing pages (take a survey to win a free PlayStation!), are often ignored by typical malvertising detection methods because of the gray nature of their payloads but can grow to enormous sizes and degrade the quality of the internet.
To combat this problem, RiskIQ scans over 2 billion pages and nearly 20 million mobile apps per day, resulting in a curated blacklist of malicious ads from across the internet. RiskIQ also released 2017 mobile threat landscape and phishing reports for the third quarter.
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
