Feeds

Bogus anti-spyware firm fined $1m

Scareware tactics backfire on Secure Computer

Protecting against web application threats using SSL

A firm accused of marketing bogus anti-spyware software has paid $1m to settle a lawsuit brought by the US State of Washington.

New York-based Secure Computer (not to be confused with legitimate security firm Secure Computing) is accused of using spamming and pop-ups in an aggressive and allegedly deceitful marketing campaign designed to promote sales of a product called Spyware Cleaner.

The case against Secure Computer followed complaints that the firm and its marketing associates were punting software that falsely claimed computers were infected with spyware, before using scare tactics to push them into shelling out $50 for a product that did more harm than good.

Washington State's investigation showed that users running so-called free scans using the software were always informed their PCs were infected even if their computers were clean. Even worse, Spyware Cleaner failed to detect some types of spyware. During the free scan, the software also surreptitiously erased a computer's Hosts file, which can be used to store web addresses that a user wants to block.

The lawsuit alleged violations under Washington's 2005 Computer Spyware Act, federal and state spam laws, and the state Consumer Protection Act.

An estimated 1,145 Washington residents who purchased Secure Computer's Spyware Cleaner software and, in some cases, Popup Padlock (a so-called upgrade that was actually a duplicate program) are eligible for refunds under the agreement filed in federal court.

The case against Secure Computer and its affiliates is the first to be settled under Washington's newly enacted computer spyware laws.

Washington Attorney General Rob McKenna said the successful conclusion of the case was a "victory" for Washington consumers and the online marketplace. "It sends a strong message to internet businesses that they must promote their products ethically and legally. We won't tolerate deceptive marketing such as 'scareware' that preys on consumers' fears about spyware and online threats," he added.

Secure Computer stopped flogging Spyware Cleaner (previously marketed through sites including myspywarecleaner.com and checkforspyware.com) after the state filed its lawsuit back in January. Settlements with three other defendants in the case were agreed earlier this year.

Under an agreement signed last week in Seattle by US District Court Judge Ricardo Martinez, Secure Computer and Paul Burke (its president) agreed to pay $200,000 in civil penalties, $75,000 in restitution for consumers, and $725,000 in state attorneys' fees and costs. The firm also agreed to be bound by an injunction that means it will face even heavier fines if it engages in similar marketing practices again.

Secure Computer didn't admit to any wrongdoing in the case, but it did agree to send out email notices to all its customers in Washington State informing them of their right to receive refunds. "Customers" of the Spyware Cleaner and Popup Padlock in other states are not eligible to refunds.

Washington consumers who believe they are eligible for refunds may file a complaint with the Attorney General's Office online at www.atg.wa.gov or call 1-800-551-4636 to request a form or additional information.

Some of the emails punting Spyware Cleaner pose as messages from MSN Member Service with subject lines such as "Special Security Alert for MSN Members". Other messages arrive as pop-ups via Windows Messenger. These alleged tactics prompted Microsoft to file a federal lawsuit against Secure Computer alleging the firm used its trademarks without permission to suggest Microsoft recommended the ineffective software.

Microsoft's case against Secure Computer remains pending. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.