Email-Based Extortion Scheme Targets Web Site Owners Using Google’s AdSense Program – Security Awareness Experts Insight

By   ISBuzz Team
Writer , Information Security Buzz | Feb 18, 2020 04:31 am PST

In response to a Krebs on Security report that details a new email-based extortion scheme is targeting web site owners serving banner ads through Google’s AdSense program, security awareness experts commented below.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Deepak Patel
Deepak Patel , Security Evangelist
February 18, 2020 12:39 pm

Extortion techniques used by network-based DDoS attackers are now resurfacing. The new wave of business logic attacks are using advanced bots that can mimic human behavior and use hyper-distributed IPs to cause serious disruptions. With dwindling revenues from network DDoS attacks and increasing access to low-cost infrastructure, attackers are improvising and moving up the chain. As more commerce shifts online, attackers will find ways to monetize. Automated threats should be evaluated as a business risk, and every digital business should account for them and deploy bot management solutions to protect their users and proprietary content.

Last edited 4 years ago by Deepak Patel
Javvad Malik
Javvad Malik , Security Awareness Advocate
February 18, 2020 12:35 pm

This is quite an interesting attack which seems to be an evolved form of DDoS (distributed denial of service) attacks. Whereas DDoS attacks are usually launched against large organisations to bring them down for a period of time. This particular threat goes out to website owners and tries to extort them or risk losing adsense revenue.

It\’s not clear whether this is a mere threat or whether the criminals actually have the capability or intention of following through with their demands. But it is not something that is outside of the technical capabilities of many criminals, particularly with the large number of IoT devices that get continually compromised and added to botnets.

In the big scheme of things, these are not new threats. We\’ve seen variations of these over the years, and they will continue to evolve. The important thing is for people to not give in to such demands. If they are worried, they should contact Google for adsense support.

Last edited 4 years ago by Javvad Malik
Roger Grimes
Roger Grimes , Data-driven Defence Evangelist
February 18, 2020 12:33 pm

This is a very interesting attack – a new approach and I don’t see much that surprises me often in the cybersecurity attack world. The bigger question is could Google detect this sort of fraud if it occurred? What generally happens in previous cases of fraud attacks is that it isn’t detected at all initially. The vendor’s attack sensors see it as valid attack and they block it, accidentally causing a false-positive self-denial of service attack of their own doing. Once the vendor hears enough complaints though and confirms the fraud attack, they can change their sensors to try and rule out or stop the false-positive attacks. The question is how long it takes the vendor to go from “this is a real attack” to “this isn’t a real attack” to “we can tell the difference between a real and fake attack”? Some vendors can do it quickly and others it takes months and years. The last question to ask once the vendor is aware of the fake attack is how hard is it to develop a sensor that can tell the difference between real and fake attacks and how many false-negatives and false-positives they get. I would suspect that Google will respond quickly along with the best if this actually becomes a frequent attack.

Last edited 4 years ago by Roger Grimes

Recent Posts

Would love your thoughts, please comment.x