The commercialisation of the Internet has led to advertisers grasping the new medium and employing many new tactics to promote their brands and products as effectively as possible. The interactive features of HTML and embedded scripting (programming) languages such as JavaScript have allowed these advertisers to step outside the web page, and create ads that pop up or overlay the pages they are embedded into.

In itself, there is nothing wrong with this behaviour; the advertiser's revenue often keeps resources online that would otherwise have to close. However, the ability to pop-up information can be exploited and overdone, and it is often an intrusion rather than effective advertising.

More malicious websites have also exploited scripts to do more than just pop-up windows; some can install software or modify your system settings to allow intruders into your computer. There are safeguards built into the more up to date browsers - they usually warn you if something is about to be installed, and give you the choice of cancelling.

Attacks through pop-ups are rare, and the main problem with them is the annoyance factor. Increasingly, browsers have built-in pop-up blockers, or you can download or purchase them separately (e.g Google's toolbar for Internet Explorer), though the advertisers are finding ways around this, using pop-unders (they just hide below your browser window, appearing when you close the page).