Where the money is, criminals are sure to follow.

As such, one of the latest trends in cybercrime is malvertising. The term refers to the placement of real-looking online ads through which cybercriminals spur viewers to engage, then download malware directly or redirect them to websites that use background code to distribute viruses, ransomware or other malicious programs — also known as “drive-by downloads.”

Unfortunately, maladvertising can initially be hard to distinguish because it’s distributed the same way as legitimate ads on otherwise viable ad networks and sites. In some cases, cybercriminals re-register previously legitimate domains to appear trustworthy. Skilled hackers can even install malware directly to visitors of legitimate websites without their interacting with a fake ad.

The worldwide paid media market recently hit more than half a trillion dollars and is expected to reach $674 billion by 2020. That’s so attractive to cybercriminals that fraudulent impressions, infringed content and malvertising together cost the U.S. digital marketing, advertising and media industry $8.2 billion annually, says one study. And the same technology that allows advertisers to gather personal data about their customers allows malvertisers to fine tune their own victims.

Big players targeted

Even major news sites aren’t immune to the technology. One attack last year was delivered through multiple ad networks to infect websites for the New York Times, AOL, the BBC and the NFL. Users were redirected to servers hosting the malware, which sought back doors into users’ computers for the installation of ransomware which encrypts hard drives and demands payment in bitcoin to unlock them. The Guardian reports Hollywood Presbyterian Medical Center in L.A. paid $17,000 in such ransom last year. Forbes has also battled malvertising aimed at readers who turned off ad blockers to selectively access its news, while Spotify was victimized by fake ads for its free streaming service that instead installed viruses.

Threat affecting entire industry

Analysts point out all parties in the online advertising delivery chain are threatened. Publishers are losing the trust of their user bases, demand-side platforms are being excluded from exchanges and brands are wasting their marketing budgets and losing brand equity, notes James Pleger on MarTechAdvisor. The problem is also exacerbating ad blocking by consumers who see it as one more reason to dissociate themselves from online advertisers; in fact, the number of Americans using ad blockers is expected to grow 24 percent to 86.6 million people this year.

In response to the threat, online audiences are increasingly dubious of ads that seem unprofessional, highly sensational, overly urgent or out of line with their browsing behavior. Some believe the trend will have a major detriment on clickable ads. The ad industry is responding by more intense vetting of those buying ad space, educating consumers on the kinds of ads that tend to be fake, encouraging consumers to run anti-virus/anti-malware software and helping publicize malvertising incidents.

“The fight against malvertising won’t be easy,” Pleger writes. “But unless we tackle this problem head-on, the threat will always be looming. By proactively scanning and tracking ads as they traverse the supply chain, you can empower your team to take immediate action to identify and remove malicious malvertisement hosts and advertisers from your network or publisher website, minimizing the threat to your end users. Together, we can make the internet a safer place.”