“Your computer is infected!” a large message screams at you, taking up most of your screen. “Click here to repair,” it urges, and you’re tempted to click. What if the warning is legitimate? You did just navigate to an unfamiliar website, after all. This is one of the many ways scam advertisements can lure you in, with promises of tech support or computer repair that most often result in the spread of malware, or perpetuate theft and fraud.
Facebook, Twitter and Google have teamed up, together founding a new organization called TrustInAds.org (www.trustinads.org), aimed at protecting people from malicious online advertisements. Since it’s creation, AOL and Yahoo have joined as well. Member companies collaborate to identify trends in order to more quickly identify and take down new scam advertisements. The organization’s goal is to bring awareness to consumers about online ad-related scams and deceptive activities and work with policymakers and consumer advocates to protect people from these sorts of deceptive practices.
“Among the legitimate online ads offering valuable tech support services to consumers are some from bad actors attempting to prey on unsuspecting internet users,” said Rob Haralson, Executive Director of TrustInAds.org. “These bad actors, often highly sophisticated, go to great lengths to hide under the radar from the manual reviews and automated filtering technologies used to catch fraudulent ads.”
The ads commonly work by initially appearing harmless: “we’ll clean your computer for free!” The user is redirected to a webpage or encouraged to call an 800 number where they are then instructed to install software onto their machine. The scam advertisers often pose as tech support, indicating that the software installation is the necessary first step toward repair. The downloaded program often contains malware such as viruses, spyware, or keystroke loggers.
In other instances, the ads direct users to a scam site or a phishing site – one that seeks your personal information and uses it to steal your identity. Sometimes they try to sell you counterfeit goods. Recent TrustinAds reports are highlighting false claims made by weight-loss advertisement scams.
Obviously, these types of malicious advertisements can reflect negatively on the originating website. If you got a virus on your computer
because of an advertisement you clicked on when you were visiting Facebook, you will be less likely to click on any advertisements there in the future.
The member companies of TrustInAds.org have a vested interest in keeping your experience with advertising a positive experience: ads are how these free services make their money. If you can’t trust the ads you click on as a consumer, then the hosting site and legitimate advertisers lose revenue.
Ads on Facebook, Google, and the other companies listed above go through a rigorous manual and automated screening process. They inspect the landing pages where the user is directed upon clicking on the ad. While the majority of ads are legitimate businesses soliciting customers, there are scammers that diligently work to game the system.
Through the creation of TrustinAds.org, Facebook and Google have been able to identify and remove over 4,000 suspicious advertiser accounts that linked to more than 2,400 tech support websites. However, more scam ads find their way through the screening process every day. To that end, TrustinAds.org aims to help consumers identify potentially fraudulent ads, and provide a forum for consumers to report ads that they feel are suspicious.
How can you seek tech support and still protect yourself from the bad guys? Here are some tips:
Know who you’re getting help from. Many of scam advertisers never identified themselves in their advertisement. Check the website of the provider, and call the provider directly from the number on their website. Others try to lure in unsuspecting victims by posing as representatives of legitimate companies, such as Google or Facebook customer support. This is particularly common when the ad generated from a search for “Gmail customer support” or “Facebook customer support.” If a support representative claims to be associated with a big-name company, make sure that you reached that person through the company’s legitimate support channels.
Never share passwords over the phone. No legitimate company will ever ask you for your account password, under any circumstances. If they do, hang up and report them immediately.
Be wary of downloading software from unknown sources. Remote support is a common avenue for getting your computer issues resolved, and in most cases you must install a program in order to allow a remote technician to access your computer. However, before you install software or allow a remote technician access to your computer, research the company as you would any service technician that you would have in your home. You wouldn’t welcome in a painter or plumber that knocked on your door without some preliminary screening. You should treat installing software or granting remote access to your computer no differently from giving someone a key to your home.
Keep your anti-virus and anti-malware software updated. Make sure you’re running the latest versions of software and applications, installing updates to your operating system, antivirus/antimalware programs and your browser as well as applications such as Java (download updates directly from the application’s website, not through pop-up ads). Microsoft Security Essentials, Windows Defender and Malwarebytes Anti-Malware are free programs that you can run frequently to scan your machine for malicious content.
TrustInAds.org has a blog on their website you can follow for the latest news and information about malware threats. You can also sign up for email updates. Lastly, there’s a link on the website to report threats you encounter or suspect for all of the providers: AOL, Yahoo, Facebook, Google and Twitter. Submit your report here: http://trustinads.org/report-a-bad-ad/.