Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

A View from

Fake Ad For Apparent Credit-Card Scam Was On Our Site

We were duped into serving a malicious ad.

  • July 26, 2013

Publisher’s note: From July 16 to 22, MIT Technology Review served a fake ad that led to a fake e-commerce site, one that most likely was trying to steal credit-card information. We didn’t mean to; we were duped. We have no way of knowing whether anyone gave the site a credit card number, but we served around 10,000 impressions of the ad. We’re very sorry. We’ve learned from the experience, and have made a number of common-sense changes to make sure we aren’t scammed again.

The scam began with a beguiling e-mail. Our advertising team received an e-mail on July 11 from someone calling himself Nick Sampson, saying (falsely) that he was with an online retailer called Gilt. “I can spend as much as $100,000 per month,” he wrote.

The request struck our team as odd, in that it came directly from the would-be advertiser (in the jargon of the media business, “the client,” and not an agency), and the person was ready to close a sizable deal instantly. Nonetheless, the ad went live on July 16. Soon, another oddity emerged: we weren’t getting click information back from the ad. We suspended it. But after getting an excuse from “Nick” via e-mail, we reinstated it.

On July 22, we got a message from a reader saying that the ad was associated with a Web address listed by Sophos, the security company, as a possible malware site. Only Sophos and BitDefender had flagged the site as potentially dangerous—apparently because it was newly created, one warning sign of malicious activity. Another 31 security vendors called it a “clean site.” And six more had not rated it. (See the details here.)

Why was the site on Sophos’s list? A Sophos rep says there was no evidence the site contained actual malware, but it raised flags in part because it had recently been created. We investigated and quickly understood that our ad was directing people to a fraudulent clone of the real Gilt site. “Nick” was likely part of a scam to steal credit-card numbers. 

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.

Subscribe today

Uh oh–you've read all of your free articles for this month.

Insider Premium
$179.95/yr US PRICE

Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

    Bimonthly digital/PDF edition

    Access to the magazine PDF archive—thousands of articles going back to 1899 at your fingertips

    Special interest publications

    Discount to MIT Technology Review events

    Special discounts to select partner offerings

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

    Bimonthly print magazine (6 issues per year)

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    What's Included

    Unlimited 24/7 access to MIT Technology Review’s website

    The Download: our daily newsletter of what's important in technology and innovation

/
You've read all of your free articles this month. This is your last free article this month. You've read of free articles this month. or  for unlimited online access.