We have seen the rate of contamination increase sharply in the last few months. In addition to making sure machines are current in their protection software, there are some steps to take to help prevent problems.
- First, use Firefox or Chrome as your browser. There are fewer hooks into the operating system and thus less chance of severe damage.
- Avoid clicking on ads. Some ads that look legitimate these days are actually offered up by bogus sponsors. They consume the ad space on the site, draw you in, and inspire you to click on something backed by malicious code. It wasn't malicious when they bought the ad space, but they have control over the space and changed the code after the fact. If you click on something, it's unlikely antivirus software will fully protect you.
- The worst situation is mouseover ads. These offer the same bad side effects as if you click, but you don't have to click. Your mouse brushing over the ad acts as a click.
We have seen malicious behavior on very legitimate sites. MySpace and Hollywood.com are just two popular destinations where we have seen rogue behavior from some of the ads. The malicious code can be reported to the site, but ultimately they are not at fault. They validated the ad when originally displayed and then it's in the hands of ad space buyers. Be extra cautious where you click and where you where you let your mouse travel.