Almost amusingly brazen scheme: scammers pose as advertising account executives, and convince publishers to host fake advertisements for legitimate sounding corporations. The advertisements are embedded with malicious code and/or lead to fake websites, the goal is to collect names and addresses that can be resold, or worse. Dozens of high profile ad agencies have been targeted, as well as high profile websites like The New York Times, the Gawker Media group, and others who don’t want to publicly admit they’ve been duped.
The scam goes something like this: Someone posing as an agency executive or marketer approaches a publisher with a credible e-mail domain like vonage-inc.com or hyundai-inc.com and asks for a quick turnaround campaign, often over a weekend. The ads then install malware or harvest user identities and continue to do so until the publisher figures it out. Often they don’t and the “advertiser” — sometimes part of a European organized-crime syndicate — will even pay for the campaign and run another.
…
What do the scammers want? Eyeballs, and installs, for the most part. Some are paid by the number of malware installs they can get; others by the number of identities harvested or number of computers than can be used remotely as part of a bot network. In all cases, the bigger and more trusted the site, the easier to make money. “It’s purely financially motivated,” said John Harrison, manger at security firm Symantec.
Gawker Media was one of the latest to fall victim, and ran a campaign last week that installed malware on visitors to Gawker sites for several days until the ads were discovered. The scammers were clever enough to credibly pose as employees of Spark SMG, a unit of Publicis Groupe, and had a detailed knowledge of Spark clients and repertoire of industry lingo convincing enough industry insiders to create a fake campaign for Suzuki across Gawker sites.
As is typical, they created a legitimate-looking e-mail address, @spark-SMG.com (real Spark employees are @sparksmg.com), and called from a Chicago area code. Their ads only infected computers in intervals, so routine tests on the ads wouldn’t discover the malicious code.
…
Mr. Caruso said the scammers would have very likely paid for the campaign. Depending on the goal of the scam, it can be a very good business. Identities can be resold to organized crime; scare ads can harvest sales of phony anti-virus software. In the end, the goal is not to get caught, because when they do, Mr. Caruso said, “they have to change their name, change their LLC and come up with a new scam.”
[Click to continue reading Advertising: Latest Ad Scammers: Faux Ad Agency Execs – Advertising Age – Digital]
Sterling Cooper never had to deal with this aspect of the modern world…