Security experts have warned of a major malware network known as 'Shnakule' that uses a combination of fake advertising banners and bogus security alerts to infect computers.
Researchers at Blue Coat said that the malware spreads through code embedded in advertising banners that redirect to a third-party site which attempts to launch a fake anti-virus attack.
The pages generate a pop-up window designed to resemble a Microsoft security alert. Victims are warned that their systems are infected and instructed to download and install a 'fix' which is, of course, the malicious software.
Chris Larsen, a senior malware researcher at Blue Coat, told V3 that poisoned advertising attacks and rogue security alerts are very common, but that the combination of the two in a single attack is rare.
Larsen explained that malware writers often use embedded attacks to launch browser exploits and other 'drive by' malware download methods.
"The idea has been around for years because it works," he said. "Malvertising is a great way for the bad guys to reach lots of people."
Further complicating matters is the polymorphic nature of the malware. The payload is constantly changing its code, making it difficult for conventional security tools to detect.
In this case, Larsen believes that the criminals running the operating have set up a series of specialised servers which are being passed off to a larger advertising network as a series of legitimate advertising servers.
However, Larsen said that the hueristics tools used by many security packages should be able to detect this suspicious behaviour.
Computer users are advised to be wary of pop-up windows claiming to be a security warning, particularly those that appear while browsing the web.
"If you are ever on the internet and the browser pops up full screen telling you it has a virus, it is fake," Larsen said. "Anything within your browser window is suspect."
EE, O2, Vodafone, Three and Airspan open the bidding
Worried about data privacy? Here are several ways to secure your Facebook account
The ICO is seeking an urgent warrant to investigate a major data breach - everything you need to know as the story continues to unfold