Webmaster Forum Rules | Posting Guide | Contact Us | Testimonials | Contributing Geek Program | Advertise on Geek/Talk
Welcome to the GeekTalk Webmaster Discussion Forums from GeekVillage.com

Click Here To Register. It's Free!

Go Back   geek/talk: Signature-free discourse for serious web publishers > YOUR REVENUE: Making Money On The Internet > Making Money with CPC and/or CPM Programs
User Name
Password
Register FAQ Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
Old 03-25-2008, 10:40 AM   #1
AdamAGB
Registered User
 
Join Date: Mar 2008
Posts: 13
Default New Type Of Fraud: Fake Advertisers

The last few months I've seen a disturbing trend that represents a new type of fraud...

I'll get media inquiries from people claiming to be account managers or media directors from obscure advertising agencies (that actually have decently designed websites). They'll say they have a client they're representing and would like to purchase $X,XXX in impressions with very specific requirements (frequency capping, geo-targeting, etc.)

Once you've invoiced them, they pass along their flash banners, which seem completely innocent. However, if you really dive into the banners' code you'll see deeply hidden pure nastiness. Adware/malware/etc.

It took 20 days of member complaints for us to figure out the source of the pop ups. The code in the banners was such that it only randomly triggered and only in certain situations.

For all ad inquiries make sure to consult Google, WHOIS, and don't be afraid to ask for documentation. I have no doubt this type of fraud will continue to grow in the future.

Last edited by AdamAGB; 03-25-2008 at 10:44 AM.
AdamAGB is offline   Reply With Quote
Old 03-26-2008, 06:15 AM   #2
nixwebo
Registered User
 
nixwebo's Avatar
 
Join Date: Mar 2008
Posts: 77
Default

Interesting, it was flash code they were passing the malware and such through?

Not good, I will definetly keep my eyes out for this, thanks for the heads up AdamAGB!
nixwebo is offline   Reply With Quote
Old 03-27-2008, 01:09 PM   #3
AdamAGB
Registered User
 
Join Date: Mar 2008
Posts: 13
Default

I hope it's OK to publish two sample emails, just so people know what they look like and if anyone Googles them results will appear...

------

Greetings,

My name is Frank Collins, my position is Director of Media Purchases. I am writing you on behalf of an Advertising Agency “ReachWe”, with headquaters in Geneve, Switzerland. We are currently in the process of developing an alternative sources of traffic for our clients. Our objective, much like yours, is to help our clients reach their marketing goal and provide them with best media coverage of their products or service available on the Web.

In present we want to utilize target markets of North America, United Kingdom and Australia. In addition to these markets we strongly work with Western Europe and might be interested in Asian Markets. We would like to hear more about your traffic details, available media objects and prices. Given this information we will be able to choose the best client from for possible campaign.

The budgets for our campaigns are usually very flexible. Some of our key partners are names like: FedEx, Expedia, Avon, and Bosch to name a few. You will find my contact information below. Thanks for your time and consideration.

Frank Collins,
Director of Media Purchases
ReachWe LLC.
http://reachwe.com/
Rue Plantamour 25
1201 Geneve, Switzerland

------

Hi Adam,

This is Jan Solli from 4cetera agency. We are looking for running Leaderboard campaign with your site.

728x90, starting ASAP. Please, let me know how we can follow up on this together.

Date range: starting ASAP – ending February, 15th, with a possibility to extend the campaign till March, 31st

Payment terms: Invoice by monthly delivered impressions each first date of a new month (you will bill us for January impressions on February, 1st).

GEOs: USA, Canada, UK, Australia, France, Italy, Japan.

1/24 hrs. freq. capping

Leaderboard 728x90 campaign.

What adserver do you use?

Please, let me know if you have any questions and how we can follow on this.

Thanks,

Jan Solli

Sales Coordinator
logo.gif
Email: solli@4cetera.com
AdamAGB is offline   Reply With Quote
Old 03-27-2008, 01:34 PM   #4
dognose
Registered User
 
Join Date: Jan 2005
Posts: 195
Default

I don't sell ads directly (partially just for this reason).

I just hope the legitimate ad networks that deliver ads for my site don't fall for this.
dognose is offline   Reply With Quote
Old 03-29-2008, 08:31 AM   #5
Daisy
Registered User
 
Join Date: Mar 2008
Posts: 24
Default

I think I'll stay away from directly selling ads as well. I'd like to control what's on my sites.
Daisy is offline   Reply With Quote
Old 03-30-2008, 09:07 AM   #6
Alex|Canep Media
I am a Contributing Geek. Are You?
 
Join Date: Apr 2006
Location: USA
Posts: 361
Default

Frank Collins from ReachWe LLC contacted a member of our advertising sales team earlier last month to place a large order on European banners and popunders. We ended up rejecting the creatives because we found that they where injecting Malware on people's computers on every 3rd load.

4cetera agency has not contacted Canep Media, but I just blacklisted the agency to make sure we do not run into problems with them in the future. Thank you for the report.
Alex|Canep Media is offline   Reply With Quote
Old 03-31-2008, 05:10 PM   #7
wsz
Registered User
 
Join Date: Sep 2000
Posts: 614
Default

I seem to recall reading some time ago about a major CPM ad network getting hit by something like this.

It was a third-party served type of deal, where the creative was to be pulled from the advertiser's server. So, the initial creative offered looked OK, and got approved by the network. Then later, the advertiser suddenly changed the creative to have Active-X nasties or something like that. And they did it over a weekend, when they figured that the network's customer service people weren't in the office.

So there is still a danger, even if you only run established, reputable networks. And the networks have potential risk if they let the advertiser serve the banners.
wsz is offline   Reply With Quote
Old 04-16-2008, 09:22 AM   #8
Piotr
Registered User
 
Join Date: Apr 2008
Location: Munich
Posts: 1
Default

Hi everyone,

I work for Yahoo! and Reachwe LLC also approached us recently. We found out that there is something wrong with their ad... they used a domain called unicastads.com for hosting to fake the 3rd party ad vendor Unicast. We contacted Unicast and they told us that it's not their domain. Our feeling was that it's fraud and now we found your thread here. It seems to be really fraud! ... and harmful too if they deliver Malware every 3rd view.

Piotr
Piotr is offline   Reply With Quote
Old 04-24-2008, 04:13 PM   #9
kenmargolis
Registered User
 
Join Date: Apr 2008
Location: San Francisco
Posts: 1
Thumbs up This is a great resource about this company

We were contacted and this was very helpful info.
Thanks,
Ken
kenmargolis is offline   Reply With Quote
Old 04-26-2008, 01:17 PM   #10
Kimberly
Registered User
 
Join Date: Apr 2008
Posts: 1
Default

Quote:
Originally Posted by Alex|Canep Media View Post
Frank Collins from ReachWe LLC contacted a member of our advertising sales team earlier last month to place a large order on European banners and popunders. We ended up rejecting the creatives because we found that they where injecting Malware on people's computers on every 3rd load.

4cetera agency has not contacted Canep Media, but I just blacklisted the agency to make sure we do not run into problems with them in the future. Thank you for the report.
Hello,

Europe has been hit by several banners in the last weeks. Several people including me are trying to get these banners out of circulation and alert media compagnies of the danger of these advertisments. A search on a partial link brought me to this topic. (ReachWe)

Be very carefull when accepting advertisements from 3rd party, check them out and look up their whois information. Spread the word amoung your collegues please.

May I invite you also to read the following websites to have a general overview of known domains and banners.

Flash Mystery, or how you get infected by *.SWF files
http://www.bluetack.co.uk/forums/ind...pic=18064&st=0

Sandi Hardmeier's blog
http://msmvps.com/blogs/spywaresucks/default.aspx

Thanks.
Kimberly is offline   Reply With Quote
Old 05-02-2008, 01:25 PM   #11
bermuda
Registered User
 
Join Date: Jul 2007
Posts: 68
Default

Thank you guys for the information provided. It seems that the adware people are all the time thinking about the new ways for their intension.

You know, sending the Flash made banners does seem to be suspicious because the other types of ads might be deleted by the Antivirus programs as soon as they arrive in the email inbox.
bermuda is offline   Reply With Quote
Old 06-17-2008, 06:36 PM   #12
mcain
Registered User
 
Join Date: May 2008
Posts: 2
Default

**** never heard of this, thanks for the heads up!
mcain is offline   Reply With Quote
Old 10-09-2008, 11:07 AM   #13
xmsmmgrs
Registered User
 
Join Date: Oct 2008
Posts: 28
Default

I also got this kind of e-mails but I just deleted them. A fix could be asking them to give image or text ads instead.
xmsmmgrs is offline   Reply With Quote
Old 10-10-2008, 01:40 PM   #14
tallship
Registered User
 
Join Date: Aug 2008
Location: San Pedro CA
Posts: 19
Default Here's another to stay away from

Same **** only saying they represented Rhapsody.com a top 10 sie. AdShaven was dumping malware thru a java script ad. We found it a day after it was up and pulled it. Today 24/7, our ad server, called and said we had a campaign scheduled that had malware. Guess who? I told them that we had pulled Adshaven and obviously would not run it.
tallship is offline   Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
800 million dollars wasted on click fraud Larwee Making Money with CPC and/or CPM Programs 11 07-17-2006 11:36 PM
Click fraud is less than expected Larwee Making Money with CPC and/or CPM Programs 0 04-25-2006 02:09 PM
Click fraud is costing a small fortune Larwee Making Money with CPC and/or CPM Programs 1 02-12-2005 07:16 PM
"How is a dinky little banner supposed to generate sales for our advertisers?" demae Making Money with CPC and/or CPM Programs 7 05-29-2001 07:16 PM
Who's the biggest ****mers on the net advertisers or publishers? fairhousing Making Money with CPC and/or CPM Programs 5 06-10-1999 10:08 AM

Please support our advertisers. They ensure our survival.

All times are GMT -5. The time now is 06:05 AM.


GeekVillage.com is copyright © 1998-2014 iOnline Web Design. All rights reserved.
Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.