I received an email from classmates.com today... and it contains some misinformation

The email said (my comments are in bold):

"Thank you for contacting Classmates. I can understand your frustration and will do my best to address your concerns.

Thank you for letting us know that your experience on Classmates.com was interrupted. We always want to know if someone abuses the trust you have in Classmates so that we can remedy the situation as soon as possible.

We’re continuing to investigate this incident. Here’s what we know to date:

One of the advertisements on Classmates.com included some hidden code that allowed a deceptive ad to piggyback along with it. When someone clicked a link on Classmates.com or in an email from Classmates, the deceptive ad imitated their computer’s functionality, trying to mislead them into downloading some software.

Sandi: There was not one advertisement - I identified three distinct advertisements being:

nztv.prod.untd.com/RealMedia/ads/Creatives/ISP/CM_GeminiIntera_FPWS_5_10179/160x600
nztv.prod.untd.com/RealMedia/ads/Creatives/ISP/CM_GeminiIntera_LB_1_10179/728x90.swf
nztv.prod.untd.com/RealMedia/ads/Creatives/ISP/CM_GeminiIntera_FPR_4_10179/300x250.swf 

It was **NOT** necessary for somebody to "click[ed] a link on Classmates.com".  The hijack occurred immediately one of the malicious advertisements was displayed on a victim's computer (assuming the computer met certain country, IP and timezone requirements as set by the fraudsters) and no user interaction was required.

If a user was hijacked by clicking on a link in a classmates.com email, I can only assume that clicking on that link loaded a classmates.com web page which then displayed the malicious advertisement.

Again, NO USER INTERACTION IS REQUIRED to trigger a redirect - all that is necessary is for the advertisement to be displayed on a victim's computer (assuming the computer met certain country, IP and timezone requirements as set by the fraudsters).

Classmates did not send you a virus or try to mislead you into downloading anything. The advertiser in question violated our terms of service and we have removed the ad from our site.

Sandi: I can only hope that all *three* advertisements were removed, not just one.

I also hope that they (as in United Information) also removed:

nztv.prod.untd.com/RealMedia/ads/Creatives/ISP/MWS_Getfreecar_LBLINT_2_8671/gfc_728x90.swf

and

nztv.prod.untd.com/RealMedia/ads/Creatives/ISP/MWS_GetFreeCar_LBLINT_6_8671/getfreecar728x90_REVISED_07052006.swf

Because the deceptive ad popped up after clicking a link in an email from Classmates, some users believed they received a virus from our email. This is not the case. None of our email products included a virus.

Classmates.com should now function normally for you. We’re sorry if this caused you any inconvenience.  We’re doing everything possible to keep this from happening again.
 
Thank you for your cooperation and patience. As always, please let me know if I can be of further help.

Sincerely,

Laurie
Classmates Member Care Lead
www.classmates.com"

 

Published Tue, Mar 25 2008 14:08 by sandi
Filed under: , , ,

Comments

# re: I received an email from classmates.com today... and it contains some misinformation

Thursday, July 10, 2008 10:45 PM by jennifer yonts

i want to cancel my registration with classmates.com under the names of jennifer crowder and jennifer yonts

# re: I received an email from classmates.com today... and it contains some misinformation

Saturday, July 12, 2008 10:46 AM by stacy

how do i read amn e-mail from classmates.com its in my emails but i can't read

# I lost my classmates connection when I switched Isp

Thursday, July 24, 2008 8:39 AM by Anna

I recently switched my ISP from AOL to comcast.net and lost my connection to Classmates. I had paid for gold membership and would hate to lose the money plus all the info I had entered and the classmates I had been able to get in touch with. Can you help? Thank you

# password

Sunday, July 27, 2008 1:06 PM by wayne smith

TO WHOM IY MAY CONCERN,  (besides me)

  I HAVE REQUESTED MY PASSWORD SEVERAL TIMES,AND AS OF THIS MOMENT I HAVE NOT YET RECEIVED IT. MISPLACEMENT IS SOMETHING THAT WILL NOT HAPPEN AGAIN. YOUR HELP IN THIS MATTER WOULD BE GREATLY APPRICATED,IN SO FAR THAT I HAVE PAID FOR MY GOLD MEMBERSHIP AND AS YET HAVE NOT HAD THE PLEASURE OF ITS CONTENT.

                                                          ALWAYS A DURFEE GRADUATE

                                                             Wayne Smith

                                                              CLASS OF "64"

# forgot password

Tuesday, July 29, 2008 1:02 PM by lisa thompson

I am waiting on my password, to update my status. I haven't received it yet.  

# re: I received an email from classmates.com today... and it contains some misinformation

Wednesday, July 30, 2008 6:48 PM by Miss Holley King

I am recuperating from surgery and when i was on my MySpace account

I met an old friend from high School SO I thought I would do this www.classmates.com thing.

I uploaded a photo

wrote a story

all of it.

The next day it would take my password

(which I use for EVERYTHING)

So I 'clicked' for them to e-mail me a new password

5 minutes my butt...

I am still waiting on my password, to update my status.

In fact I have requested every day.

I haven't received it yet.  

SO I think I am ready to forget this whole

www.classmates.com thing.

And I really wanted to hook up with this one old friend too.

Oh well.

# re: I received an email from classmates.com today... and it contains some misinformation

Monday, January 18, 2010 1:23 PM by PasoDave

ClassMates Spyware is back!!!

I've been infected on two Saturdays in a row.  Apparently it is coming through on an ad attached to ClassMates.