Business
Russian Cyberforgery Ring Steals up to $5 Million a Day Through Fake Websites, ad Fraud
SAN FRANCISCO—In a twist on the peddling of fake news to real people, researchers say that a Russian cyberforgery ring has created more than half a million fake internet users and 250,000 fake websites to trick advertisers into collectively paying as much as $5 million U.S. a day for video ads that are never watched.
The fraud, which began in September and is still going on, represents a new level of sophistication among criminals who seek to profit by using bots — computer programs that pretend to be people — to cheat advertisers.
“We think that nothing has approached this operation in terms of profitability,” said Michael Tiffany, a founder and the chief executive of White Ops, the ad-focused computer security firm that publicly disclosed the fraud in a report Tuesday. “Our adversaries are bringing whole new levels of innovation to ad fraud.”
The thieves impersonated more than 6,100 news and content publishers, stealing advertising revenue that marketers intended to run on those sites, White Ops said.
The scheme exploited known flaws in the system of digital advertising, including the lack of a consistent, reliable method for tracking ads and ensuring that they are shown to the promised audience.
The spoofed outlets include a who’s who of the web: video-laden sites like Fox News and CBS Sports, large news organizations like the New York Times and the Wall Street Journal, major content platforms like Facebook and Yahoo and niche sites like Allrecipes.com and AccuWeather. Although the main targets were in the United States, news organizations in other countries were also affected.
“It will be a big shock to all of these publishers that someone was selling inventory supposedly on their sites,” Tiffany said in an interview Monday, before the report’s release. White Ops and an advertising industry organization, the Trustworthy Accountability Group, held a conference call with about 170 advertisers, ad networks and content publishers Tuesday morning to brief them on their findings.
Tiffany said White Ops had traced the fraud to Russia and believed that the organization behind it was a criminal enterprise out to make money. There was no evidence of a connection between the fraud and the politically motivated hacking during the United States election that U.S. intelligence agencies and President Barack Obama have linked to the Russian government.
The Methbot scheme — named after the word “meth,” which shows up in its software code — was carefully designed to evade the anti-fraud mechanisms the advertising industry has put in place in recent years. Digital ad fraud was projected to cost marketers more than $7 billion U.S. in 2016, according to a study by the Association of National Advertisers and White Ops.
To carry out the operation:
1. The Methbot forgers first took numeric internet addresses they controlled and falsely registered them in the names of well-known internet service providers.
Among those were Comcast, AT&T and Cox, as well as fake companies like AmOL. This allowed the thieves to make it look as if the web traffic from Methbot’s servers in Dallas and Amsterdam were really coming from individual users of those internet providers.
2. The forgers then associated the addresses with 571,904 bots designed to mimic human web surfers.
Embedded in the bots’ web browsers were fake geographic locations, a fake history of other sites visited and fake logins to social networks like Facebook. “The bots would start and stop video just like people do and move the mouse and click,” Tiffany said.
3. The perpetrators connected the bots to the automated advertising networks that sell unsold ad space for thousands of websites.
A bot would pretend to visit a website like CNN.com, and the ad networks would conduct a microsecond bidding war against one another to show a brand’s video ad. But instead of going to the real CNN, the bot’s web browser would go to a fake site that nobody could see, and the ad would play there.
4. Finally, the system would report fake data to the ad networks and advertisers to convince them that humans had watched the ad on the real content site.
“It would send just the right kind of metrics back to look like real live audiences that were logged into Facebook and watching videos all day,” Tiffany said. The thieves then collected payment for the ads.
The report did not name the advertisers tricked by the fraud.
David Hahn, the executive vice president of strategy at Integral Ad Science, an advertising security firm that competes with White Ops, said the Methbot fraud affected just a tiny portion of the ad traffic of his own clients.
“There are new bots and new ways in which the bad guys are trying to figure out ways around our technology all the time,” he said.
The automated ad networks that buy and sell access to ad space on popular websites operate in a murky, fast-paced world, and it’s often unclear to advertisers who such middlemen truly represent.
“As a buyer, how do you check that those other companies are authorized sellers of the ad inventory?” said Neal Richter, who until recently was the chief technology officer for Rubicon Project, a major exchange for automated ad sales. “You need to know who you’re doing business with.”
Trustworthy Accountability Group, which is a joint effort of the ad industry’s major trade groups, is already blacklisting the internet addresses used by Methbot’s bots, adding them to a master list used by many in the industry to screen out fraud.
Mike Zaneis, the chief executive of the organization, said his group began a certification program last week to verify that ad exchanges truly represent the buyers and sellers they are claiming to represent. Under the system, payment for an ad flows directly to the website publisher, which would make it more difficult for forgers like the Methbot crew to get paid for their deception.
Several news organizations whose websites were faked by Methbot, including the New York Times, said Tuesday they were still evaluating the fraud case.
White Ops said the thieves received high prices for the fake ad views, garnering an average price of $13 per 1,000 video views. Overall, the botnet delivered 200 million to 300 million fake ad views per day and brought in $3 million to $5 million U.S. in daily revenue, according to the company’s analysis.
White Ops released the full list of fake internet addresses and impersonated websites so that fraud-detection services and ad networks can block them. The company has also shared its findings with U.S. law enforcement authorities and is working with them to further investigate the fraud.
Tiffany said the use of bots to steal ad revenue is not new in the industry, but it “has never happened at this scale before.”
He continued, “It all adds up to the most profitable bot operation we’ve ever seen.”
Beauty enthusiasts rejoice! Beauty Week at Hudson’s Bay is back in Toronto for another year. It’s time to stock up on all of your fall essentials and, maybe discover some new ones.
From Friday, August 18 to Sunday, August 27, you can expect a truly elevated beauty experience in-store with incredible special offers, limited-time gifts, and exciting activations.
If you’re a diehard beauty lover, you’ll already know that Hudson’s Bay is the place to shop thanks to its extensive range of over 195 skin and makeup brands from both luxury labels and masstige brands — including Tata Harper, Estée Lauder, YSL, Nars Cosmetics, Bobbi Brown, and so much more.
Throughout The Bay’s Beauty Week, visitors can take in some at-counter activations and interactive expert-led tutorials, where there will be chances to get makeup touch-ups from top-tier brands, try a spritz of the most alluring fragrances, and sample tons of new products.
This year’s Beauty Week highlight is the ‘Best in Beauty’ tote, a meticulously-curated selection of 30 deluxe samples from an array of top-tier brands like Dr. Barbara Sturm and Shiseido spanning skincare, fragrance, and makeup — all in a super sleek bag.
The tote, which is valued at over $300, is retailing for just $39 and is a fantastic way to explore new products (without breaking the bank). However, there is a limited quantity, so if you want to get your hands on one, you’ll need to be fast.
Wondering exactly what Beauty Week’s free gifts with purchases entail? If you spend over $95 at Lancôme, you will receive a six-piece set valued at $130. Or, you can get an Estée Lauder gift valued at $170 with purchases over $80. (And that’s just to name a few.)
If you’re a Hudson’s Bay Rewards member, you’ll also get $20 in Hudson’s Bay rewards when you spend over $100 on beauty.
The Canadian Armed Forces (CAF) have several non-combat jobs, some of which do not require a college degree or past work experience.
Life in the forces has several benefits, such as paid education plans (college, university and graduate-level programs), 20 paid vacation days, health and dental coverage for you and your family, maternity and paternal leave, and pension plans. You can learn more about the benefits in detail here.
And to make it easier to gauge if you qualify, the listings also include related civilian jobs to see if it’s your ideal role.
Financial services administrator
Related civilian jobs: Financial records entry clerk, financial manager, accounting technician, bookkeeper, budget officer, cashier clerk, business planner technician, and verification manager.
Description: You’ll help budget resources for all military activities besides providing financial assistance.
Education: You need to have completed Grade 10.
Duties: As a financial services administrator, you’ll be responsible for bookkeeping and managing budgets. You’ll also provide support in accounts payable and accounts receivable.
Work environment: Those in this role work at CAF bases, on ships or overseas. You might also be expected to help special operation units, recruiting offices, schools, and medical organizations.
Postal clerk
Related civilian jobs: Mail clerk, mail sorter.
Description: You’ll provide postal services to members and their families at bases and establishments.
Education: Grade 10. No previous work experience or related career skills are required.
Duties: As the postal clerk, you’ll handle mail duties.
Work environment: Besides a postal office, you may work on a ship or a mobile postal van. You might be expected to serve with Royal Canadian Navy, the Army, and the Royal Canadian Air Force in Canada and abroad.
Dental technician
Related civilian jobs: Dental assistant, dental hygienist.
Description: You’ll be helping dental officers provide dental services to CAF members, their families, and dependents.
Education: Level II dental assisting diploma from an accredited college or a National Dental Assisting Examining Board (NDAEB) certificate.
Duties: Those in this role will be responsible for various responsibilities, including disinfection and sterilization of dental equipment, applying rubber dams, placing cavity liners, and controlling bleeding. In addition, you’ll assist in laboratory procedures like creating casts, custom trays, and mouthguards.
Work environment: This role will require you to work in a military dental clinic, a Mobile Dental Clinic, an Air Transportable Dental System, or onboard a ship. You might be expected to work on a base in Canada or other operations in other parts of the world.
Human resources administrator
Related civilian jobs: Records administrator, data entry supervisor, receptionist, office manager, executive assistant, payroll clerk, and information management technician.
Description: Provide administrative and general human resources support.
Education: Grade 10. No previous work experience or related career skills are required.
Duties: In addition to human resources administration and services, you’ll be handling pay and allowances, managing automated pay systems, and maintaining personnel records.
Work environment: HR administrators work at all CAF bases in Canada. They also work on ships and overseas to support the Canadian Army, Royal Canadian Navy, or Royal Canadian Air Force operations.
Medical assistant
Related civilian jobs: Emergency medical responder, ambulance and first aid attendant, registered nursing assistant, licensed practical nurse, and hospital orderly.
Description: Successful candidates will help treat the sick and injured in CAF units. You’ll be assisting and supporting nursing and medical officers.
Education: Minimum of Grade 11 biology, Grade 10 physics or chemistry, and Grade 10 math.
Duties: You’ll provide initial care and essential life support treatments in trauma cases. You’ll help with health assessments (hearing and vision tests, perform basic lab procedures, etc.) and initiate and manage medical records and reports. You’ll also be expected to provide support and first aid during training exercises.
Work environment: Medical assistants may serve with the Royal Canadian Navy, the Royal Canadian Air Force or the Canadian Army as part of the Canadian Forces Health Services Group. Those in this role are exposed to the same risks as the forces they support.
Porter Airlines is once again stirring the pot among Canadian airline rivals, now going after Air Canada’s Aeroplan members by offering to match their loyalty status to an equivalent of their own.
The beloved airline, which recently ranked as having the best cabin service in North America, challenged the competition for the second time this year, after previously deploying a similar tactic against WestJet in the spring.
Earlier in April, Porter presented customers with a limited-time offer to match the loyalty status of WestJet’s patrons with VIPorter levels.
Now, they’re offering Aeroplan members to seamlessly transition to an equivalent VIPorter Avid Traveller status based on their existing membership tier.
Members can then take advantage of an array of travel perks that come with flying Porter, including seat selection, baggage, and flight changes.
For those currently holding an Aeroplan membership, there are two ways to acquire the Avid Traveller status for the rest of 2023:
Status-Based Match:
- Aeroplan 25K members = VIPorter Venture
- Aeroplan 35K members = VIPorter Ascent
- Aeroplan 50K, 75K, and Super Elite = VIPorter First
Flight Segments-Based Match:
- 5 flight segments = VIPorter Passport
- 8 segments = VIPorter Venture
- 17 segments = VIPorter Ascent
- 28 or more segments = VIPorter First
Members will have to first submit their applications on Porter’s website. Registration will remain open until September 6, 2023.
In order to maintain their membership level through 2024, customers will have until the end of 2023 to reach the following reduced qualifying spend (QS) targets:
- Passport = $500 in QS
- Venture = $750 in QS
- Ascent = $1500 in QS
- First = $2500 in QS
Over the past year, Porter has launched an aggressive expansion strategy, including everything from introducing longer flights on newly-purchased jet planes flying out of Toronto Pearson, free WiFi, and a new all-inclusive economy experience.
With Canadians losing both Swoop and Sunwing as WestJet incorporates both into their mainline business, Porter’s direct competition is welcome to keep prices competitive.
-
Lifestyle8 months agoOntario Line subway construction permanently shuts down beloved Toronto bakery
-
Business8 months agoThe Canadian Armed Forces are hiring for several non-combat military jobs
-
Business8 months agoPorter’s new loyalty program promises to match Air Canada’s Aeroplan status
-
Business8 months agoPeople call out Sobeys for ridiculous prices after another expensive find at Ontario store
-
Business8 months ago‘Here, everything feels much closer’: Entrepreneur says leaving Toronto for Innisfil good for business
-
Lifestyle8 months agoWoman crashes car and runs around highway with bottle of booze on typical day in Toronto
-
Lifestyle8 months agoCanada considers capping international student visas to address housing crisis
-
Business8 months agoBeauty Week is back at Hudson’s Bay in Toronto and it’s time to get glam