Fraud detection companies note a rise in “ad injection," whereby Web users’ browsers are commandeered and ads are stuffed into sites without publishers’ permission. Similar malware that’s used to infect consumers with bots can also be used to inject unwanted ads in their browsers, slotting in additional ads in pages where no ads would usually be, or layering them on top of legitimate ads.