Cisco Blogs

Malicious Advertising Threatens the Popular Ad-supported Business Model

March 18, 2010 - 2 Comments

Web 2.0 and social media are driven by user-generated content. In return for producing content, users want to receive information or experiences that encourage them to revisit a given site. In this cycle, sites can monetize the user experience by utilizing advertising to generate profits from users’ visits and eventual patronage from advertisers. By and large, users resist paying for contexts such as social networks where they post their own content, like pictures, status updates, or videos.

For this model to perpetuate, each participant must uphold their contribution: sites must generate an attractive experience, advertisers must present relevant content to user interests, and users must provide content or consume advertisements. If advertising is overrun by malicious code, users may be driven to abandon a site that is deemed dangerous, or take steps to block advertising. Many users adopting the same approach could hurt the existing business model, resulting in a financial risk to sites that are based on advertising revenue.

Advertising operators are very specialized, often finding the need to operate on tight schedules in order to capture user interest. They may need to use complex technologies to make compelling and interactive advertisements that also gather intelligence from customers about what kind of content works, who is responding to advertising, which sites work best for which types of advertisements, etc. Of course, the software that is utilized to provide these advertisements and analytics also has the capability to inject malicious content into users’ web browser sessions.

Because of this, site operators should not implicitly trust new content (or a new content provider) that comes their way. Newly delivered creative content should be reviewed to ensure that it is not malicious. If a website operator does not possess the skills necessary to assess the safety of provided content, they should consider employing a service to review new advertisements before allowing them to be posted. Wepawet is a free service; other professional services might be considered as well.

If users identify sites as particularly hostile, because of real or perceived malware activity, they could abandon a site. Poor brand image could result in wholesale defection. Worse still for advertisement-supported sites, users might start taking steps to block ads altogether. Content sites have found value in advertising-based revenue models, and they should seriously consider the difficulties currently seen in television advertisement due to the popular use of digital video recorder (DVR) technology to skip commercials.

Malware advertising is a real threat to users, but as it attacks a business model that runs much of the Internet’s most popular content, it is indeed a significant business risk as well.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Thank you for this great post. I have already bookmarked Wepawet for future analysis on different sites. Once again thank you.

  2. Wepawet is a great service and should be utilized every time before posting a new advertisement on your site. Many people think that just because it is an advertisement that it can do no harm and that is completely false.