Malvertising, the use of online ads to spread malware, rose almost 19% from the firstto the second quarter of this year, including a 131% rise inphishing related advertising.

RiskIQ in the first in a series of Q2 wrap-up reports withdifferent threat themes Worldwide, malvertising continues to rise.In Q2 2017, RiskIQ scanned 18.65% more advertisements containing ablacklisted incident—phishing, scams, exploit kits, andmalware—than Q1, continuing a trend highlighted in our 2016 report,which found a 132% increase in total malvertising in 2016 over2015.

Malvertising has consistently risen since programmaticadvertising gained popularity, but what's interesting is how thetype of malvertising fluctuates quarter to quarter. According toRiskIQ detections, the total amount of malware in advertisementsdecreased by 42.73% from Q1, along with a 24.21% drop in exploitkits. In fact, exploit kits have been on the decline for the entireyear.

However, while malware and exploit kits dropped, there was a131.36% rise in phishing-related advertisements, marking a shift intactics. Attackers seem to be placing less emphasis on droppingmalware on unsuspecting victims and more on tricking them intoclicking on deceptive ads that may lead to pages requestingsensitive data. In 2016, RiskIQ saw a massive increase in phishingmalvertising, identifying 1,978% more incidents over 2015.

Meanwhile, our data shows a 36% drop in scams (disingenuousadvertising), but it continues to be a favorite tactic of threatactors—RiskIQ detected well over a million incidents in Q2. We alsodetected 845.9% more scams in 2016 than 2015, and with good reason:threat actors like NoTrove, which we profiled in April, driveimmense amounts of valuable traffic to their sites via vast scamnetworks. Their fraudulent landing pages (take a survey to win afree PlayStation!), are often ignored by typical malvertisingdetection methods because of the gray nature of their payloads butcan grow to enormous sizes and degrade the quality of theinternet.

Malvertising is so nefarious because it's a direct attack on thelifeblood of the internet as we know it. Partly fueled by thelooming threat of malvertising, ad blocking in the U.S. willcontinue to temper the growth of digital advertising. According toeMarketer, ad blocking will grow by double digits. In 2016, 69.8million Americans were expected to use an ad blocker, an increaseof 34.4% over last year. In 2017, that figure is projected to growby another 24%, to 86.6 million people.

To combat this problem, RiskIQ scans over 2 billion pages andnearly 20 million mobile apps per day, resulting in a curatedblacklist of malicious ads from across the internet. Thisproprietary list sets RiskIQ apart, enabling customers to vet newdemand sources and prevent malware within their ad infrastructure.RiskIQ is unique in that our crawling infrastructure allows us tocapture the entire ad redirect chain and creative sources, whichindicate which part of the ad-serving process was compromised, andhelps us identify the entity responsible for the threat.

Learn more about how RiskIQ can proactively scan and track adsas they traverse the supply chain so you can empower your team totake immediate action to identify and remove maliciousmalvertisement hosts and advertisers from? your network orpublisher website, minimizing the threat to your endusers.