I was reading an article on PCWorld’s website about the upcoming Google Chrome OS:

pcworld

So far so good. Except that I inadvertently clicked on one of their sponsored links:

links

which ironically states “Here is all about spyware removal and even more.”

After a few redirects, my browser is hijacked by one of those FakeAV scanners:

fakeav

Here is the HTTP traffic capture screenshot and log:

fiddlerscreen

fiddlerlog1

Most computer users will end up with this on their PC:

rog21

Third-party ads are the cause of a lot of problems. It does not matter how legitimate a site is, as long as it is referencing dynamic ads, it can expose its users to malware.

I usually never click on “Sponsored links” as I’m most likely not interested in such or such product. But a lot of people do because those links are relevant to the article (or the search). For every click, the website hosting the ad will receive some money, and more if the user “converts” (the user ends up buying whatever was promoted).

As a general rule, I would advise never to click on “Sponsored links” or ads that you see on a website. There is big debate about marketing: Does it fulfill a need people already had and never knew or does it create a need that never existed? I believe in the latter.

Then again, you may click on one by accident!

Taken From ‘malware diaries’