How can web sites avoid malicious banner advertisements?
Boyd Anderson posted this comment tonight:
"What can Classmates do about xponlinescanner.com/2008/1/freescan.php?aid=77011807?"
This was my response:
What can classmates.com do?
First, source reliable instructions and advice on how to get rid of xponlinescanner from any reputable anti-spyware advisory forum, and get that information out to their clients.
Second, conduct more comprehensive checks into the background and bona fides of those they accept advertising from - see these links for advice:
Avoiding the bad guys - detecting potentially malicious advertising campaigns
Winfixer hide 'n' seek: explaining why some people see the ads, and some people don't
Third, run advertisements that they receive through services such as www.adopstools.com to check for malicious code.
Adopstools.com provides a service called an Online Click Checker. The Online Click Checker nearly always detects malicious or suspicious code in Flash based advertisements. On those rare occasions that the Online Click Checker has failed to detect that an advertisement is malicious (which I have only seen happen a couple of times), the site's owner has been very fast to respond to my email approach by updating his scanner to catch what was previously missed.