To enjoy the full Mail & Guardian online experience: please upgrade your browser
13 Jan 2014 12:34
A gang has been covertly targeting the Mail & Guardian's online readers with a sophisticated scam by exploiting a loophole in our security architecture. (AFP)
Since early November last year, a gang has been systematically targeting visitors to mg.co.za with a clever scam that, by exploiting a loophole in our security architecture, closely mimics a Windows anti-virus warning. When unsuspecting readers click on the "clean computer" button, they are shown a realistic (but fake) scanning process, and are then prompted to "upgrade" their anti-virus by paying a fee with a credit card.
When they do so, they effectively hand their credit card details over to the scammers.
If you suspect you have revealed your credit card details to these scammers, please do the following:
How could the M&G let this happen?
We're deeply sorry that this happened and we accept full responsibility for this lapse in our security. As a major publisher we are under constant attack by hackers and scammers, all looking for an unguarded loophole to exploit. For the last two years our security has proved sufficiently tight to mitigate these attacks, but in November the criminals changed tactics.
Traditionally, hackers and scammers will target the computers ("servers") which host a website. By gaining covert access to these servers they can then use them to infect unsuspecting readers with computer viruses or fool them with scams such as the one described above. But as security has improved it has become harder and harder to break into these servers.
By comparison, online advertising services are much more open. Many of them offer self-service systems that allow advertisers to place their own advertisements. Criminals have now realised that they can use these systems to attack large publishers.
The attack works as follows:
One factor that makes this criminal activity so hard to detect is that they appear to be legitimate advertiser networks with credible corporate websites, willing to pay market-related rates to reach our readers. And by running the scam in short bursts, they dramatically reduce the chances of being caught and shut down. These are clear signs of how organised and sophisticated these criminal gangs are becoming.
Our commitment to our readers
Now that we're aware of this new vector of attack we will be radically overhauling our security practices around advertising. We will not accept anonymous ad code from self-service platforms, and we will thoroughly vet all advertisers and networks before agreeing to do business with them.
Frankly, these practices should have been in place before this attack and we apologise that they were not. We should not have been caught by surprise. The fact that other large publishers, including Yahoo, have also been duped does not excuse our lapse.
We strongly believe that we have identified and stopped these criminals, but we need your help to confirm that this is the case. If you see any virus warnings when you visit our site please immediately contact us via this online form. They may be using more than one vector of attack and your feedback will be invaluable in rooting them out if this is the case.
Once again, we apologise. If you have any questions or need any assistance, please use the same form to contact us.
Create Account | Lost Your Password?