Diary of a Hack: Day Four

You meet the nicest people when you're being hacked.

 No, of course I'm not referring to those soul-less sociopaths who are perpetrating the scam from Kiev or Beijing or wherever.

 I'm talking about friends who have been abundant in their kindness and concern. About colleagues and clients who have cut me slack on project deadlines, knowing how preoccupied I've been. And about the media buyers and planners who were targeted by the fraudsters, and who made an effort to track me down and get to the truth. 

 One of those media buyers in particular--Barb Rogers of Casale Media-- has been extremely supportive and helpful. It was Barb, in fact, who made the connection with another online malware case that took place last fall in Chicago--a case she helped to crack.

 Barb's story makes for fascinating reading, as you can see for yourself in this e-mail excerpt:

 I personally have a "red flag" alert on at all times with this, because of another hoax that happened out of a Chicago agency in October that is in my territory.

What happened in Chicago was pretty huge.  The Chicago media agency was Spark Communications, which is a part of Publicis (one of the largest ad agencies in the world, if you are unaware of who they are).  This "George Delarosa" contacted a bunch of ad networks through a "lead" that came through my corporate office. 

Spark is an agency I already have a relationship with, so I thought it was a little bizarre that this person was going through my corporate office to make contact, when I meet with them every few months.  Anyway, he told me that he had an "immediate" $20K to spend for Suzuki. 

His e-mail address was slightly different than Spark's, and the web site that he used looked exactly the same as Spark's (he somehow mirrored the Spark Communications web site as well).  Also, his phone number was not even close to the same trunk lines as Spark Communications.  Also, big companies, like Suzuki, very rarely, if never, spend $20K in such an immediate fashion. In addition, Suzuki had never run with our network before, so that was also a red flag for me.

In this Chicago case, similar to what has happened with you, the title of the person was "Purchasing Manager" and I usually deal with "Media Planners or Supervisors" so that was yet another red flag.  This had never happened in my territory, but I just thought there were a lot of oddities to it. 

I called the number and left a voice mail, and then also started communicating with this "George Delarosa" over email in a cautious manner, obviously.  He told me that he was in London attending the Ad:Tech London show when he emailed me back at a strange hour (up until 2009, Chicago had it's own AdTech show, and quite honestly, a Chicago agency is not going to send an employee to AdTech London...makes no sense...so another red flag). 

So, I contacted a SVP at Spark and they had told me that they were already taking legal action to catch the person who was trying to launch a virus through a scam ad campaign.  

What is funny in your case is that you are such a small agency, we would have required pre-payment (where with Spark, if there weren't so many red flags, we would have extended them enough credit more than likely to run the campaign since we already have a relationship with them and other agencies owned by Publicis).   

I don't think the person that we are dealing with from your perspective is very smart.  This George Delarosa knew terminology that we use in digital ad sales/planning/buying, so he was a bit savvier than our friends "Anna Miller" and "Linda Bodin."

I am just sorry that this person is attempting to latch onto your company to get a malicious campaign running with an ad network.  What a pain for you.  
Here is a link to some information on what we encountered and what happened in Chicago off of MediaPost:

http://www.mediapost.com/publications/?fa=Articles.printEdition&art_send...

What I don't understand is where these people make money off of launching viruses...anyway, thought I would give you some additional background as to what has been going on with other cases similar to yours.

I hope this helps.  

 --------------------------

It did help, Barb. And I'm sending you a big, public thank-you in return!

Oh, and if the George Delarosa hoax has "sparked" your interest, here's some juicy reading for you:

http://www.thetechherald.com/article.php/200944/4690/Gizmodo-victimized-...

http://www.businessinsider.com/henry-blodget-gawker-scammed-by-malware-p...

For more information about Mantra for Murder
Phone: 734/761-8440 • Email: lindafitz@mantraformurder.com