Don’t become a Advertising Malware victim

ad malware1

The e-mail comes in. You're excited. It's a very high CPM deal from a major brand name advertiser. You don't recognize the e-mail address of the sender. You think to yourself: “ Must be a small interactive shop that the major brand is using”. You send back an e-mail asking for their IO (Insertion Order) and start looking at your available ad inventory. You go back and forth with them, they are anxious to get the ad run started ASAP. They offer to up the CPM if you can get it started today. You are ready to make some major $. Everything looks good. But is it?

?The culprit masqueraded as a national advertiser and provided seemingly legitimate product advertising for a week,? NY Times spokeswoman Diane McNulty wrote. ?Over the weekend, the ad being served up was switched so that an intrusive message, claiming to be a virus warning from the reader's computer, appeared.?

In the real world I've gotten the e-mail from the small interactive agency with a large buy from a major brand. After some online investigation I walked away from the deal.  Why?  They weren't real.  Start with their “” domain name.
  • ad malware1Even thought the company site looks nice they list no physical address, no phone number, no list of clients, no listing of “white papers” or client success stories.  Misspellings or lots of double-speak jargon claims raises a red flag.  The picture on the right is a screen capture from one of the marketing sites that contacted me. Would a legitimate marketing agency representing a major brand have copy errors like this on their home page?
  • Do a whois lookup of their domain name.  How long has the domain been registered? Was it registered in China or eastern Europe one month ago? Does the owner of the domain listed have a Gmail or Yahoo e-mail address? Is the domain hidden by an anonymous registration?  Is the address a real street in a real city?  Do a Netcraft search of the server. If the server is hosted in China or eastern Europe that should at least raise a yellow flag.
  • They won't send you a banner GIF and clickthorough URL.  They will send you javascript tags as the creative element. Does the code for the ad creative have the same domain as the marketing web site? Do the same domain and server investigating.  Javascript tags are common for rotation of banners but it does give them control to put whatever they want on your site.
  • Ask for their W9. Ask to do a credit check. A W9 with SS or company tax ID with the wrong number of digits equals a red flag.
  • Ask for the name of their contact at the major brand.  If they give you the contact's phone number, don't use it.  Call the main switchboard phone number of the brand company headquarters and transfer to talk with the contact. I got a call back from the brand contact once.  Caller ID showed me the US brand contact was calling me from Bulgaria.
The article about the New York Times incident linked above is from September of 2009.  But I was contacted this week by someone trying to pull the same scam.  They're still out there but you can avoid the ad malware trap on your site by taking a little time to do some online detective work.

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.