Ad Scammers Getting Harder To Spot

from the reasons-to-use-adblock dept

When we've discussed adblockers in the past, one important point that many people have raised is the growing likelihood of scammers "buying" ads as a method of distributing malware through popular sites. Apparently, that business of "malvertising" is getting more and more popular... and more and more sophisticated. Joshin4colours points us to a story about a super sophisticated "malvertiser" who went to great lengths to appear legit. In another discussion about that case, it's suggested that somewhere around 50% of "self-service" advertising setups may be part of some kind of scam. I'm not sure I quite believe that number, but if the number is even half of that, it does raise questions about how online ad buying and ad placement works, and how it will work in the future. Perhaps this will finally drive companies who insist on banner ads, rather than more effective forms of advertising/marketing, to rethink their position.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Anonymous Coward, Aug 4th, 2010 @ 12:41am

    people were seriously suggesting that blocking people from your site because of an adblocker was good practice on a marketingblog, this shows the folly of their ways: i don't trust online advertising, it's sleazy, dishonest and misleading.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    BruceLD, Aug 4th, 2010 @ 12:42am

    Subject

    The recent PDF vulnerability with all Apple iPhone/Touch/iPad devices where a complete system hack can be performed with no interaction whatsoever makes this particular threat even more frightening.

    The malvertisers only need to change their scripts so that the major web sites are peppered with the PDF exploit, and within 24 hours they will control 100 million Apple devices around the world.

    I wonder whose going to hit first; Apple or the hackers?

    http://www.zdnet.com/blog/hardware/your-iphone-ipad-and-ipod-touch-devices-are-all-wide- open-to-hackers/9207?tag=mantle_skin;content

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Yogi, Aug 4th, 2010 @ 2:33am

    No biggie

    Just No Script the whole damn internet-tube thingy and you'll be safe.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Aug 4th, 2010 @ 4:00am

      Re: No biggie

      NoScript is too hard to use for most users (quick: NoScript shows five domains for this site, which ones are safe to unblock? And how can you recognize something is broken on a site because of NoScript, instead of just being a quirk of the site?).

      Adblock Plus with Easylist is easier (almost completely zero-maintenance, even for newbies, and easylist blocks more than merely ads), but weaker (as it is blacklist-based, it can only deal with known threats).

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Aug 4th, 2010 @ 6:37am

        Re: Re: No biggie

        (quick: NoScript shows five domains for this site, which ones are safe to unblock? And how can you recognize something is broken on a site because of NoScript, instead of just being a quirk of the site?).

        Quicker: Leave them all blocked and the site functions perfectly well.

         

        reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Aug 4th, 2010 @ 9:57am

          Re: Re: Re: No biggie

          Yeah right...try watching a Youtube video with everything blocked.

          I love NoScript, but I can admit it can be a little annoying/hard to use sometimes. It's the price of security I guess.

           

          reply to this | link to this | view in chronology ]

        •  
          identicon
          Anonymous Coward, Aug 4th, 2010 @ 10:10am

          Re: Re: Re: No biggie

          Techdirt has ads on it?

           

          reply to this | link to this | view in chronology ]

  •  
    identicon
    Lawrence D'Oliveiro, Aug 4th, 2010 @ 4:16am

    Interesting Article

    While I don’t claim to fully understand what they seem to mean by “tags” and “pixels”, I did get the bits about 1) cross-checking the provided phone number against the bank’s website, and 2) checking the date of registration of domains, both those of the customer and of their references. Worth including as SOP in future.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Rob, Aug 4th, 2010 @ 6:16am

    I love Techdirt, but I find this article amusing to read when TD's page is half filled with ads.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    JMG (aka Joshin4colours), Aug 4th, 2010 @ 6:50am

    Ads aren't the problem

    Before people start saying "See? Ads are destroying the interwebz!!11", just remember that credit card scams are just as common (if not more so) and people still use credit cards all over the place. The problem isn't the online advertising medium, it's the fact that there are still ways to exploit the system and the fact that consumers need to be better informed. Online advertising can work effectively, but like other advertising, has to be done smartly. There is still plenty of growth to be seen in the online advertising/media space, with some innovation and a bit of elbow grease.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      direwolff (profile), Aug 4th, 2010 @ 4:08pm

      Re: Ads aren't the problem

      JMG, being informed doesn't seem to help since this exploit is so prevalent for all iOS devices. Same with credit card exploits. Knowing there are scammers doesn't help matters as they're pretty good at hiding their tracks by choosing exploits that not obvious, or attacking weak points in the chain (ie. merchant who has not properly configured and secured their servers w/latest updates).

       

      reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This