Why porn sites? It all has to do with advertisers. Most advertisers aren’t willing to touch porn sites with a 10-foot pole — which leaves plenty of room for sketchy ad partners to spread spam and malware. Tap or click here to see a dangerous new sextortion malware that records people visiting adult sites. But if you thought porn sites were bad for your computer before, you won’t believe how much worse things have gotten. A new security report has revealed that the web’s most popular adult sites are infested with ads that install malware on visitor’s computers. Here’s why billions of Windows users might be at risk.

Porn ads are full of malware

Everyone knows adult websites aren’t the safest places to visit — but even if you’ve stumbled upon one by accident, your computer may be at risk. Several of the biggest adult sites on the web have been infected with malware-containing advertisements coming from a single malicious ad network. According to Malwarebytes, a hacker group calling itself Malsmoke worked to infiltrate ads on adult websites and redirect them to malware downloads over the last few months. If you click on one of these ads, malware goes straight to work downloading itself to your computer. As bad as this is, adult sites have another issue that compounds the malware problem: Many of them feature popup ads that open without needing to be clicked on. Previously, Malsmoke had set its sights on smaller websites. But it seems the group finally hit the jackpot by pulling off an attack on xHamster — one of the web’s most popular porn sites and the 20th most trafficked site in the world overall. Just to put things in perspective, Netflix is the 19th most trafficked site. That’s a lot of visitors being exposed to malware at once!

How dangerous is this malware threat?

First, a bit of good news: Not everyone exposed to the malicious ads will be at risk for infection. All of the infected ads exploited security holes in Adobe Flash Player or Internet Explorer. If Flash or IE aren’t installed or used on a computer, it won’t be affected by the malware. That said, there is a chance that infected users may become part of a larger malware operation like the Emotet botnet. This means you can expect an uptick in malicious emails and cyberattacks in the near future from thousands of zombie PCs. Tap or click here to see why Emotet is so dangerous. If you want to protect yourself, your best bet is a solid cybersecurity program like Microsoft Defender that will block viruses and scan your system on a regular basis. And if Defender isn’t your cup of tea, there are plenty of excellent free options that can keep your computer safe and clean. Tap or click here to see our favorite free online virus scanners for Mac and Windows. Here are a few other pointers to keep yourself from being affected by malicious ads and other nasty cyberattacks:

Avoid sketchy websites like porn sites, illegal movie download sites and third-party app stores.Use strong passwords without including personal information or common phrases. Make sure to never reuse them across separate accounts Tap or click here to see how to create stronger passwords.Avoid opening emails from unknown senders, and check all the URLs and sender email addresses carefully. Do this even if the message looks like it came from someone you know. Tap or click here to test your scam-spotting knowledge.

It also helps to enable two-factor authentication for any account that allows it. Strong passwords can still be cracked by hackers, but they won’t have a way to physically get their hands on your phone. Tap or click here to see how to set up 2FA for your favorite online accounts.