That's not exactly how it works. While malvertising is real and ad blockers effective, the 'new' issue is bad guys are using legitimate ad services as redirect links and emailing them to people. By using ad service redirects, security software see the link as legitimate because ad companies are big business. Those links will not be blocked by security software. You won't even know it's a malicious link unless you look at the link code itself because the real link is obfuscated. It's devious. 😒