“We have detected a virus on your computer. Click here to download Anti Virus software now”

If you’ve ever seen that pop up on a website then you have seen a “Malvert”

Clicking on that link will probably take you to an infected website or a link to download some infected software that will cause you some serious headaches.

Malverts are fake ads placed on websites, and security experts are concerned at the rise in numbers of these being placed on well known high traffic sites.

Earlier this month the New York Times website displayed such an advert claiming to have found a virus on the visitors machine. The advertiser was thought to be legitimate and did indeed place legitimate ads on the site for a week before changing to the malware ad over a weekend.

Hackers are increasingly using ad networks to distribute attacks to users visiting well known websites. They infect third party ad networks without knowing precisely which sites the ads will show on. But they don’t really care as all they want is the maximum number of eyeballs, so any high traffic sites that customarily take feeds from these networks work for them.

The return on investment due to the exposure gained is the same as a legitimate advertiser.

While these attacks are simply embarrassing for the websites concerned, they pose a serious threat for the visitors who get caught out. Many of whom are not running up-to-date anti virus software.

Eric Davis, in charge of Google’s anti-malvertising team, believes Internet Service Providers are best placed to detect infected machines.

“The internet service providers are in the best position to detect infected machines,” said Mr Davis, talking at the Virus Bulletin conference in Geneva yesterday. “They already have monitoring systems that could be used to identify signs of malware and botnet activity.”

Microsoft has taken a more direct approach by filing a series of lawsuits against suspected malvertisers.