Update: Katie Deines, Senior manager, Corporate Communications for Expedia, informs us, that Expedia is not the OTA mentioned in MediaPost's article, and that the company has several ongoing initiatives to safeguard against the threat of malware. We therefore changed to original title of this post to a more generic one.

Social network and media sites that either sell ad space through third-party networks or allow consumers to upload videos on their servers need to remain vigilant about the content running across their networks, several online security experts warn.

Banner ads, video content and fake social network profiles have become the pipeline for stealing personal information as more consumers jump online. In the past year, ads on highly trafficked Web sites such as Expedia, Rhapsody, Blick and MySpace have triggered malware downloads. Most of the malware is distributed through pop-up ads, and not all of them require a click.

For instance, an online travel agency that rented parts of their online page as a method to generate revenue never suspected hackers would use it to steal information from consumers. The way it worked was a company rented ad space from the travel agent through a third-party ad network. It began serving up legitimate shockwave ads that eventually rotated to those containing malware and rogue antivirus software that installed keyloggers on the consumers' machines.

Get the full story at MediaPost