Thousands Scammed by Online Ads

1) Victim browses a legitimate, high-traffic website where a legitimate-appearing ad is hosted

2) Victim clicks on the page or takes some other action on the page and this initiates a pop-up warning about a suspicious problem on the victim's computer.

3) The pop-up in the previous step starts a "sales process" where a bogus anti-spyware solution is offered and sold to the victim for amounts ranging from $19.95 to $79.95 in exchange for credit card info, etc. Bogus antispyware names used in this offer include: Spy-shredder, AntiVirGear, MalwareAlarm and 40 other more obscure names.

4) The "antispyware solution" purchased either downloads a trojan, such as Zlob, that retrieves other information from the victim over time or a rootkit, allowing remote control of the victim's computer.

6) The scammer behind the bogus antispyware solution makes money from the sale of the "solution" but is mostly interested in selling the credit card numbers for money and selling access to the trojan and rootkit infected computers. Once access to the infected computers is purchased, the criminals can mine the stolen data and commit the fraud themselves or sell it to a third party. The scammers are also selling computing resources for money.