Feeds

Washington and Microsoft declare war on scareware

One down, but how many more to go?

Security for virtualized datacentres

Washington state's top law enforcement official has filed suit against a man accused of bombarding end users with misleading messages designed to trick them into buying software to fix PC problems that don't exist.

The complaint, filed in Washington state court by Attorney General Rob McKenna's office, names James Reed McCreary IV of The Woodlands, Texas, and two of his companies, Branch Software and Alpha Red. They stand accused of pushing a software package called Registry Cleaner XP by sending end users messages falsely claiming their PCs have corrupted or damaged registry settings that must be repaired immediately. The software sells for $40.

In many cases, the warnings are delivered using Windows Messenger Service, a network administration utility for delivering system-wide messages to end users. The popup windows claim to be generated by the "Local System" and warn of a "critical error" related to the end user's registry. The messages were directed to a wide swath of internet protocol addresses, and in many cases were sent over and over, causing hundreds of windows to open that the user has to close individually.

The prevalence of so-called scareware has reached epidemic proportions. Programs frequently mimic real security features within the Windows operating system to fool people into believing their PC has been infected with malware. In many cases, it's just about impossible to remove the software once it's been installed.

"Through alarmist language seemingly delivered by a trusted source, defendants misrepresent the extent to which installing the software is necessary for repair of the computer for proper operation," the complaint argues. The error messages, which appear on machines free of any problems, "induces the consumers to purchase defendants' product, which must be used in order to 'repair' the 'errors.'"

Attempts to reach McCreary, Branch Software and Alpha Red were unsuccessful. A number listed as belonging to McCreary had been disconnected. No one answered a phone listed in this whois listing as belonging to Branch Software.

Microsoft referred the case to McKenna's office and has been helpful in assisting the AG's consumer protection high-tech unit to enforce laws against scareware mongers. Over the past three years, Microsoft has brought 17 lawsuits under Washington's Computer Spyware Act and the state's attorney general has filed seven.

Yes, the enforcement actions are a step in the right direction, but we question the efficacy of this finger-in-the-dike approach. Despite filing a raft of suits they find themselves back in court again. And at time of writing, registrycleanerxp.com continued to offer free registry scans. ®

Beginner's guide to SSL certificates

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.