Shabby Inline Adverstising In Fairfax RSS Feeds

Over the last couple of weeks I came to conclusion that both my work computer and home desktop computer had somehow managed to become infected with a virus.

This was something of a surprise, given the security techniques in place in both my home network, and the corporate network – but as always, I keep an open mind as hackers develop new attack vectors all the time.

It seemed to be happening whenever I was clicking news items in my personal news aggregator, where the links were to Fairfax newspaper sites. I was being presented with the following interstitial advertisement:

Given the various languages presented on the right hand said, the fact that Google Chrome was offering to translate the page from French, and the really poor appearance of the page, it seemed like my clicks were being intercepted and redirected.

It looked very malware-like. If nothing else, it looked really unprofessional.

As it turned out, my clicks were being intercepted and redirected – by the Fairfax RSS feeds themselves. Their RSS feeds have recently been changed to serve the interstitial in between the click, and the user being delivered to the actual page they are interested in.

Now, I have no problem with Fairfax seeking to improve their advertising revenue – business is tough – but there is no acknowledgement that the interstitial is supposed to be there, no suggestion that it is from the destination site, and it looks really “hacky”.

I went into full virus check mode, before I took a moment to examine the original RSS feeds, and find that it was deliberate.

I’m sure I won’t be the only person to view this as a potential virus/malware attack – so poorly and shabbily this has been implemented. Fortunately, since I wrote my own news aggregator, I coded around it anyway – and I don’t get the interstitial now.

But for everyone else, if you’re going to use interstitials, give the visitor confidence they aren’t being attacked.