Slashdot Mirror
Anatomy of an Attempted Malware Scam
Dynamoo writes "Malicious advertisements are getting more and more common as the Bad Guys try to use reputable ad networks to spread malware. Julia Casale-Amorim of Casale Media details the lengths that some fake companies will go to to convince ad networks to take the bait."
reputable ad networks? What are those? Is he speaking of google ad-sense? or Hulu ads? Personally, I don't consider ad networks that use banner ads as anything that are reputable (this includes any of the shady ad-networks that Google purchased as well). Non-obtrusive text ads, I can deal with. Even Hulu ads, I can deal with since it's film on film. It's just that I hate banner ads, or animated ads, when I'm in reading-mode.
Oddly enough, that's what I thought...a WHOIS on the domains provided, as well as some checks on the bank (to check that the number you are given is actually their number) can't be that hard.
I mean, we have Google. Checking these things must only take another 10 minutes or so...? Nonetheless, can't blame them. 10 minutes adds up across many prospective clients.
To much anime is bad for the brain...desu.
Sorry. Couldn't help it.
I'm also suitably stupefied. All the "pink" and "red" flags that they are obviously so clever to spot, and which she spends almost the entire article talking about, are just her dancing around the elephant in the room: that she and her team are complete fucking idiots.
Part of me wonders if there is a difference in industries which makes this look so damn stupid.
Anyone in IT has probably seen so much malware, so many phishing and scam attempts that there's a strong chance most of us would have checked any company registration numbers with the relevant authorities, checked WHOIS information and contacted the bank directly using one of the banks' own published numbers before even returning the first email. But if you didn't normally meet such rubbish (because the IT department has already filtered out most of the malware, scams and phishing attempts before they even hit your mailbox), I wonder if you'd develop the same level of cynicism?
There's a suitably harsh analysis here:
http://industrypace.com/frontpage/2010/8/4/who-can-you-trust-interactive-advertising-is-dangerous.html
Attacking your abuse of HOSTS files is not an attack on you. Please understand that.
Now for an attack on you: How can you have a degree and yet think it's consistent to say that shaving 2 bytes per line off (going from 127.0.0.1 to 0.0.0.0) cuts a file size down by 9MB but then shaving an additional 6 bytes per line off (0.0.0.0 -> 0) cuts only 4MB?
Now I need to force myself to stop replying to this thread, I feel like I'm being drawn into this sort of situation: http://xkcd.com/386/
In so many words others have expressed what I have summarized down to "advertisers don't respect their audience." Their approach has almost always been the capitalist "what the market will bear" approach and as people have grown accustomed to being assaulted with ever more eye-catching colors, styles, techniques and technologies, the limits of what the market will bear erode. People no longer realize they are being disrespected. Their paid-for internet connection are being utilized. Their time is being wasted. They will install software that resists being uninstalled and drains performance and stability from their computers. I see no end to what they will do.
There is a blurry and indistinguishable line between "reputable ad networks" and "the bad guys." The reputable are certainly not constrained by morals and not by law. How can we know they aren't simply being complicit?
They're disrespectful and idiots. What "targeted advertising" gets is showing people what they already have. I play EVE Online. I look up stuff on EVE Online. Going by my cookies and such, advertisers know I play EVE Online. So, what is advertised to me? To try EVE Online. They succeed in nothing.
"Most people, I think, don't even know what a rootkit is, so why should they care about it?"