Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Web hosters warned of pop up scareware ads

Sophos : 15 September, 2009  (Technical Article)
After the New York Times website infection with malicious pop up adverts, Sophos is warning companies to beware of inadvertently hosting infectious ads for fake anti-virus products
IT security and data protection firm Sophos has issued a warning to online businesses to be aware of the danger of delivering malicious adverts via their websites.

The advice comes in light of an attack this weekend where fake anti-virus alerts appeared on the computers of users who visited the New York Times website, urging them to install bogus security software (known as scareware) which would compromise PCs. Hackers attempted to trick unsuspecting victims into purchasing fake security software after being alarmed by the pop-ups.

It is not the first time a media outlet has fallen foul of poisoned adverts serving up malware and fake anti-virus alerts. The Daily Mail, ITV and Radio Times have experienced similar incidents in the past. As online advertising grows even more popular and websites outsource online advertising to third- party networks, Sophos expects that these types of threats will continue to plague high-end publishers in the near future.

Sophos is urging media organisations, website publishers and ad networks to take caution when delivering online ads and not put visitors at risk.

The IT security and data protection firm believes that the primary responsibility for delivering safe adverts lies with the ad networks themselves, who should be screening their advertisements for malicious content upstream, before it reaches the media sites. Media organisations should demand that steps are taken to protect their website users from possible infection, but must not push responsibility on to their readers to ensure that they have strong security in place.

Graham Cluley, senior technology consultant at Sophos, commented, 'This weekend's attack on NYTimes.com shows how even the most popular media outlets in the world are vulnerable to malware advertising. Any organisation running a website, who chooses to use a third party ad network to get extra revenue, must be aware of the security risks for visitors to the site. It is imperative that the stream of adverts delivered to a website is clean. Too many sites have suffered a reputation hit in the past because they have delivered malicious adverts. Can any business afford to do this to their users?'

'To their credit, the New York Times posted a warning on its website and on Twitter, advising readers to take care while they investigated the source of the infected advert,' continued Cluley.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo