14 DAY TRIAL // Since lately we've seen a lot of situations in which all sorts of malicious advertisements are served via email or social networking websites, we'll take a look at how these schemes actually work and how the masterminds that run these operations make a generous profit.
Paid archives are among the most common elements utilized in these schemes, especially since there are no current laws or regulations that combat such practices.
Microsoft's Malware Protection Center explains that each such scam is composed of two main human components, the service owner and the Advert. The Adverts are in fact the individuals recruited through the famous 'make money' ads.
The service owners recruit Advert as their minions and pay them to do the dirty work for them, their main responsibility being to provide hosting services, landing pages and handle billing and recruitment.
Adverts, on the other hand, have a much higher responsibility since they are the ones that actually create the paid archives. In some cases, the ones that own the services will provide the content themselves if the Advert is not interested in spreading his own materials.
In the end, the Advert gets paid depending on how many times his content was downloaded by internet users.
So how does it actually work?
The Advert compresses a piece of software using an open source program, usually 7Zip, making sure that the resulting file is protected by a password. After placing the file on some strategical locations, much of the work is done and all the masterminds have to do is wait for the victims to make their move.
Each time an individual tries to install one of these applications, they are required to send an SMS to a certain number to “activate” the software. What users usually don't know is that the numbers where the messages are sent are actually premium rate numbers which means that each SMS can be charged with up to $20 (14 EUR).
In other scenarios the victims are requested to reply to a message they receive after providing their phone numbers. Again, the reply goes out to a premium rate number.
In some cases, the rogue apps might be advertised as being paid variants, but instead, the archive contains the free version of the application or even maliciously crafted elements.
Security solutions providers catalog these applications as being harmful so a good security product will in many cases keep you safe. Also, make sure you download free products only from the vendor's website or from trusted resellers.