MSN.com victim of a malvertising campaign

Next story
Olivia Storey

MSN.com suffered a recent malvertising campaign that redirected victims from their genuine webpage to fake tech support teams with the goal of extorting as much money as possible.

A recent malvertising campaign has targeted MSN.com users, within a Taboola advert. Taboola is a global ‘discovery platform’ for marketing and advertising that recommends digital content to users, and was sharing a story on the MSN webpage.

Instead of taking the user to the Taboola recommended story, once you clicked on the advertisement, there was a redirection to a tech support ’warning’.

The warning informs the user that the computer has crashed and that in order to fix the issue, you must call a number for immediate assistance.

This malicious page cannot be closed normally as there is code which repeats the ‘warning’ indefinitely. This creates a façade that the average user could perceive as a genuine warning, causing them to call the number that they believe is Microsoft support.

Obviously, this number is a part of the scam and instead of taking to the real Microsoft support, it’s actually a team of fake technicians with a goal of extorting as much money as possible out of the user.

Mark James, ESET IT Security Specialist, explains how malvertising is so successful and how to avoid falling victim to malvertising scams.

“People are used to clicking popups in windows; if it’s an error there’s a popup, if there’s a question it’s usually a popup, and if the programmer or developer wants to ask a question there’s usually a popup.

“The majority of us are skim readers; we generally read the first line, some of the middle stuff and usually the last line.

“Our brains are looking for three things: what’s wrong, usually in the first line; how can we fix it, in the middle bit, and lastly, if we are lucky can we fix it right now? Which usually if available, at the bottom.

“If we are presented with all that information in one easy to manage popup there is a good chance it’s going to get clicked.

“What we often don’t do is determine its authenticity.

“As said previously we are used to popups and more importantly we want to trust the contents of the popups.

“If it’s a yes/no question we assume no is no and vice-versa.

“When it comes to malvertising all that goes out the window. It’s designed to be easy, often brief and eye catching, with one goal, “Click or follow the link”.

“The trust part is already established if it appears to come from a recognised source, after all if the computer is telling us to go there it must be safe right!

“Often in these cases your only defence is common sense, and the ability to decide if “it’s too good to be true”.

“In most cases if it is then it’s a scam, I know you hear it all the time but it really is as simple as thinking before you click,  it could be the difference between a close call and being a victim.”

How often do you see this form of scam? Let us know on Twitter @ESETUK.

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.