Remember the recent rogue software incident involving the New York Times? An approved ad was swapped out over the weekend in place of one with malicious code, which drove visitors to a site designed to trick them into parting with their money. Although it was rectified relatively quickly, it still left company officials red-faced and flustered.

Below are some tips offered by Google on how to stop malicious online ads in their tracks:

• Know who you're working with: Google recommends running a background check on the company's website, as well as information in the domain records of the company. Be vigilant about potential red flags such as a recent domain registration date, or false or hidden contact information.
• Secure partners: Google notes that not all ad networks or exchanges may implement strong security. Obviously, running ads from such partners is not a good idea.
• Perform a comprehensive Q&A on ad content: Media files such as Flash files and PDF files should be scanned using various online tools such as Wepawet and Adopstools to ensure that malicious code is not being loaded on the sly. This includes JavaScript, which could be easily obfuscated to hide its real intention.
• Quick reaction: The New York Times debacle took place over a weekend, no doubt by design. A strong incident response plan with a team on stand-by would help ensure rapid response to neutralize and rectify threats.

For more:
- check out the original slides from eWeek

Related Articles:
Rogueware, the new malice in malware
The 10 most terrifying IT debacles of 2009
Symantec identifies top rogue security software
The malware problem is larger than you think