Content

Suspicious Web Services Want YOU!

The other day, while I was going about my browsing, a pop-under ad stopped by.

These nasty little ads are widely despised by Internet users, and typically I just filter them out, but sometimes it's necessary to disable the filter for a moment to let someone's animation-ridden site do its thing, and that's when it came along.
Much as I dislike pop-unders (and -overs, for that matter), this particular visitor was an especially obnoxious example of its nasty little clique. While it purported to be political propaganda, I suspect it was something very different.

At first glance the ad was simple enough - an exhortation to join the GOPTeamLeader, an online service for U.S. Republican Party activists. It invited me to fill in my name and a couple of personal details - email and physical addresses - and offered a button to join the service.

Great. Aside from the fact that I am neither a U.S. citizen nor resident in the United States, and thus entirely unconcerned with the Republican Party, there were a few elements missing. A privacy policy, for starters. What's going to happen to my email address and other data? How do I know it won't promptly be signed up for every spam service on the planet? The short answer is, I don't. The long answer might be that I should trust them - this is a reputable political party, surely they wouldn't be harvesting personal details for commercial gain.

So we follow the link to the ad sponsor's homepage, and see what they have to say for themselves, right? Wrong - there's no such link. No link of any sort in fact, aside from the form's "submit" button.

For all I know, this might not be an ad for the Republican Party at all. It could be a spam agent out gathering personal data. The URL of the page (not visible on the actual window, since the status bar and title bar were obfuscated) was an on-line ad-host - not promising but not necessarily incriminating. There's no reason why a political party shouldn't hire a commercial ad provider to offer a service.

More interesting was the form's submit target - an IP address unrelated to either the ad-host or any of the GOP sites ("Grand Old Party" is an historical appellation for the Republicans). Now that's starting to look suspicious. More so was the fact that the site doesn't identify itself - no web homepage (just the hosting script for form submission), an ftp service that doesn't name the server, and so on. Reverse DNS, nothing. Traceroute showed me where it's hosted, but no answer to my queries in that direction as yet.

The final nail in the coffin, as far as I'm concerned, is that if you visit the GOP web site (www.gop.gov), you do indeed get a pop-up ad inviting you to join TeamLeader. Despite being similar to the pop-under I got, it's far from identical, and in fact links to a form at the GOP web site, complete with privacy policy, rather than offering a form inside the pop-up itself.

In conclusion, I was presented with a pop-under ad that was either a particularly insidious attempt at harvesting personal details for a nameless commercial entity, or it was a woefully inadequate example of ignorant propaganda. My money's on the former, although the GOP web admins have as yet not deigned to answer my queries.

All the anti-virus, web-filter, firewall and IDS tools in the world won't protect innocent users from social engineering attacks. For if not GOP propaganda, that's exactly what it was. I'd love to be proved wrong, even if that would mean putting Republican web efforts in my bad books, but I suspect not.

Every time I start to sympathize with web advertisers or mailing services which do seem to be trying to make a difference, something like this happens. The net result (if you'll pardon the pun) is the undercurrent of distrust and suspicion evinced by so many web users, to the detriment of those offering legitimate services. How much business are you losing because customers simply distrust every service by default? Hopefully, not much - yet. But I don't see that problem getting any smaller, quite the opposite in fact. Regulations and controls are well-meaning but badly coordinated, and not making a whole lot of difference. Perhaps when the online revolution comes, this lot will be first against the wall, and the world will be a happier place. Or not - but a man can dream, can't he?

Jon Tullett is U.K. editor for SC Magazine (www.scmagazine.com).
 

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.