via: Adage
Gawker, NYT.Com Fall Prey to Fake Buyers Who Harvest User Identities
NEW YORK (AdAge.com) — Ads have long been a gateway for spammers and hackers to distribute malicious code, but now the crooks are showing a new level of sophistication by posing as agency executives walking right into the front doors of well-known publishers.
The scam goes something like this: Someone posing as an agency executive or marketer approaches a publisher with a credible e-mail domain like vonage-inc.com or hyundai-inc.com and asks for a quick turnaround campaign, often over a weekend. The ads then install malware or harvest user identities and continue to do so until the publisher figures it out. Often they don’t and the “advertiser” — sometimes part of a European organized-crime syndicate — will even pay for the campaign and run another.
“They’re bold, and they have budget,” said Michael Caruso, CEO of ClickFacts, an online-security firm that works with News Corp. “These guys know internet advertising, and may have worked in the industry, or at least they know enough to convince a salesperson they know the business.”
What do the scammers want? Eyeballs, and installs, for the most part. Some are paid by the number of malware installs they can get; others by the number of identities harvested or number of computers than can be used remotely as part of a bot network. In all cases, the bigger and more trusted the site, the easier to make money. “It’s purely financially motivated,” said John Harrison, manger at security firm Symantec.
