Court Freezes Assets of Alleged 'Scareware' Purveyors
A federal court has frozen the assets of several businesses accused of conspiring to trick more than one million consumers into purchasing and installing "scareware," which uses fake security alerts to frighten consumers into paying for bogus computer security software.
According to the complaint by the Federal Trade Commission, two companies -- Innovative Marketing, Inc. and ByteHosting Internet Services, LLC -- embedded extra computer code in online ads, which they placed on Web sites on behalf of legitimate companies. The code would then redirect viewers to other sites that warned of security and privacy threats on the visitor's computer.
"These sites would then claim to scan the consumers' computers for security and privacy issues," the FTC said. "The 'scans' would find a host of purported problems with the consumers' computers and urge them to buy the defendants' computer security products for $39.95 or more. However, the scans were entirely false."
The companies, which operated out of Kiev, Ukraine, and Cincinatti, Ohio, and several individuals within the firms were allegedly responsible for touting and selling such fake security products as "WinFixer," "WinAntivirus," "DriveCleaner," "WinAntispyware," "AntivirusXP" and "XP Antivirus 2008."
Some of the tainted ads ran on Web sites that typically attract massive numbers of eyeballs, including realtor.com, dating site E-Harmony, The Economist Magazine, as well as the Web sites for Major League Baseball and the National Hockey League.
When consumers who had paid for and installed the scareware products later realized their error, the defendants would "routinely delay, obstruct and refuse to honor such requests," the FTC claims.
The individuals named in the commission's complaint filed in the U.S. District Court for the District of Maryland were Daniel Sundin, Sam Jain, Marc D'Souza, Kristy Ross and James Reno. The court issued a temporary restraining order that prohibits them from falsely representing that they have run any type of computer analysis, or that they have detected security or privacy problems on a consumer's computer.
The defendants also are barred from using domain names obtained with false or incomplete information, placing advertisements purportedly on behalf of a third party without that party's consent, or otherwise attempting to conceal their own identities. The order also mandates that companies hosting the defendants' Web sites and providing domain-registration services take steps to keep consumers from accessing these Web sites.
The FTC, however, is seeking to permanently bar the defendants from engaging in scareware marketing.
In 2005, Cupertino, Calif., based anti-virus maker Symantec Corp. won a $3.1 million judgment against Jain for selling counterfeit Symantec software. ByteHosting and Reno also were named in Symantec's lawsuit, but they ultimately settled with the company for undisclosed terms.
Alex Eckelberry, president of Clearwater, Fla., based security software maker Sunbelt Software, said at nearly $40 per install, with more than a million victims, the individuals behind this scheme earned at least $40 million in ill-gotten revenue.
"We have a long history of tracking Innovative Marketing's sleazy deals," Eckelberry said on Sunbelt's blog. "They are pure, unadulaterated slime, a statement I can back it up with extensive in-house research."
A PDF published by Sunbelt shows a long list of scareware domains registered by Innovative Marketing.
December 11, 2008; 12:45 PM ET
Categories: Cyber Justice , Fraud , U.S. Government , Web Fraud 2.0
Save & Share: Previous: Microsoft Investigating Reports of New IE7 Exploit
Next: Retail Fraud Rates Plummeted the Night McColo Went Offline
Posted by: mhenriday | December 11, 2008 1:06 PM | Report abuse
Posted by: XanderB | December 11, 2008 3:02 PM | Report abuse
Posted by: ams-w | December 11, 2008 5:02 PM | Report abuse
Posted by: firstname.lastname@example.org | December 11, 2008 11:17 PM | Report abuse
Posted by: CB12 | December 12, 2008 12:35 PM | Report abuse
Posted by: peterpallesen | December 15, 2008 10:43 AM | Report abuse
The comments to this entry are closed.