As the ClayNation was busy voting on the Tweeterwall last week, an odd and scary screen popped up for many voters. The page looked like an announcement from the user’s security system. But, if one looked carefully, it was, in fact, a web site that was trying to scam the user and infect their computer. Word spread quickly and fortunately, most of the voters were not infected by the scam.
When I found the following information posted on Thursday, I found it timely and interesting. I hope that Microsoft and the courts can slow these people up.
On Thursday, September 24th, Microsoft filed five civil lawsuits, the first of their kind against a nasty phenomenon known as malvertising. Malvertising is the practice of hiding malicious codes in seemingly safe online ads that instead seek to prey on users.
Microsoft has tried to work with ad networks to thwart such “malvertising” in the past, but this is the first time it has gone to court.
Tim Cranton is an Associate General Counsel for Microsoft. He said:
“Malvertiser ads may redirect users to a website that advertises rogue security software, also known as scareware that falsely claims to detect or prevent threats on the computer. Our filings in King County Superior Court in Seattle outline how we believe the defendants operated, but in general, malvertising works by camouflaging malicious code as harmless online advertisements.”
Other forms of malvertising infect a victim’s computer with malicious software for various purposes, including stealing users’ personal information, or holding the user’s computer for ransom in order to get paid to disinfect the PC.
Last week, The New York Times’ Web site was hit by a form of malvertising. It told readers that their computer might be infected with a virus and redirected them to a site that purports to offer antivirus software.
A Microsoft spokesperson told CNET News that
“Scareware is often distributed among criminals, which therefore results in many of the animations a user may see utilizing a common design and interface. However, without additional information and specific details about the attacks, we cannot be certain that any of today’s filings directly relate to the attacks on The New York Times’ Web site.”
During the past year, Microsoft has become aggressive against spammers, click fraudsters and the users of scareware. Now they have added malvertisers to this list. They are making a concerted effort to make the web a safer place to use.
Besides filing these lawsuits, Tim Cranton posted a short list of common-sense tips for keeping internet users safe. The tips included making sure users have the latest antivirus updates and a firewall as well as anti-malware tools. Additionally, smart users should be careful of offers of free security and virus scans by companies they don’t know, and never provide personal information on a Web site unless the user is certain the site is safe.