Enlarge / A tech support scam pushed by Zirconium displays the authenticated URL of Microsoft, making it easy for some people to trust. (credit: Confiant)

Last year brought a surge of sketchy online ads to the Internet that tried to trick viewers into installing malicious software. Even credit reporting service Equifax was caught redirecting its website visitors to a fake Flash installer just a few weeks after reports of a data breach affecting as many as 145.5 million US consumers.

Now, researchers have uncovered one of the forces driving that spike—a consortium of 28 fake ad agencies. The consortium displayed an estimated 1 billion ad impressions last year that pushed malicious antivirus software, tech support scams, and other fraudulent schemes. By carefully developing relationships with legitimate ad platforms, the ads reached 62 percent of the Internet’s ad-monetized websites on a weekly basis, researchers from security firm Confiant reported in a report published Tuesday. (Confiant has dubbed the consortium “Zirconium.”) The ads were delivered on so-called “forced redirects,” in which a site displaying editorial content or an ad suddenly opened a new page on a different domain.

Confiant CTO Jerome Dangu wrote the following in an email: