"Paid ads scam targets Google searchers" - ehMac.ca
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read Advertise

LinkBack Thread Tools Display Modes
Old Apr 26th, 2007, 11:00 PM   #1
Honourable Citizen
HowEver's Avatar
Join Date: Jan 2005
Location: GTEh
Posts: 15,702
"Paid ads scam targets Google searchers"


Originally Posted by Toronto Star
Associated Press

SAN FRANCISCO–Google Inc. yanked paid advertisements linked to some 20 search terms that online criminals had hijacked to steal banking and other personal information from Web surfers looking for the Better Business Bureau and other sites.

It was unclear how many people were affected before the breach was discovered this week, but computer security experts said today the attack appears to be isolated and only targeting Windows XP users who had not properly updated their machines.

They said the attack was unlikely to undermine Google's core business of selling lucrative advertising links, which made up the bulk of the Mountain View-based company's $3.08 billion (U.S.) in profit in 2006 and $1 billion in the first quarter of 2007 alone.

Google said it dismantled the offending links and shut down the problem AdWords accounts Tuesday. The company is working with advertisers to identify any other malware-loaded sites that might be on the network, it said.

"We cancelled the affected ads as soon as we were made aware of the problem," the company said in a statement. "Overall, Google is committed to ensuring the safety and security of our users and our advertisers. We actively work to detect and remove sites that serve malware to our users both in our ad network and in our search results."

However, the experts said the infiltration of the Web's largest marketing network raises questions for the entire search industry about how to screen advertisers for those with nefarious motives.

The attack targeted the top sponsored links tied to Google search results, installing a program on victims' computers to capture private information used to access online accounts for 100 different banks.

"This is serious – there's confidence in the links that are at the top, whether they're sponsored or not," said Nick Ianelli, an Internet security analyst with the federally funded CERT Co-ordination Center at Carnegie Mellon University. "It's going to affect the whole industry, not just one provider."

The scheme, discovered by security software firm Exploit Prevention Labs in New Kingston, Pa., involves a ruse by online criminals to fool Google searchers into clicking through a rogue site loaded with malicious code.

The criminals created their own website and outbid legitimate businesses in Google's AdWords program to secure prime placement of ads linked to popular search terms. Users who clicked on those ads were then routed to the booby-trapped site before being sent on to the legitimate destination.

Ken Dunham, director of the rapid response team at VeriSign Inc.'s iDefense Intelligence, said criminals targeted Google's AdWords service in a similar manner in a 2005 "phishing" attack.

In that case, the criminals created a site that mimicked a well known retailer, placed an ad on Google, then stole users' credit card and other information when they tried to order products, he said.

Dunham said Google likely implemented more stringent authentication policies for its premium advertising members after that incident. However, he said it would be too costly to impose the same verification procedures for all advertisers.

The current incident raises questions for search companies about how they screen members of its advertising network and drives home the message about keeping up with security updates, Dunham said.

"Attackers have been doing this for some time – the old dog is still doing old tricks and it's working," he said. "We need to realize this is a known tactic, people should be aware of it and identify when this could be an issue."

Roger Thompson, chief technology officer for Exploit Prevention Labs, said today that no further attacks of this type had been discovered, "but the exploit site is still live and serving, so if someone finds a way to hook to it, it'll fire."
For sale: black iPod Classic 160GB

Morgan Figueiredo / Fleming = Scammer He's "The G3 Man" here on ehMac.

HowEver is offline   Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Google to buy YouTube for $1.65 billion Ottawaman Everything Else, eh! 8 Oct 10th, 2006 08:01 PM

All times are GMT -4. The time now is 01:08 PM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright © 1999 - 2012, ehMac.ca All rights reserved. ehMac is not affiliated with Apple Inc. Mac, iPod, iTunes, iPhone, Apple TV are trademarks of Apple Inc. Content Relevant URLs by vBSEO 3.6.0 RC 2

Tribe.ca: Urban living in Toronto!