Categories: SecurityWorkspace

FTC Sets $163 Million Fine For “Scareware” Business

A US federal court has imposed a $163 million (£101m) fine on the operators of a “scareware” business that tricked computer users into thinking their machines were infected with malware, and then sold them a “fix”.

The tough punishment was issued by the Federal Trade Commission (FTC), the US consumer protection agency. The main defendant, Kristy Ross, was also permanently prohibited from selling security software and “any other software that interferes with consumers’ computer use”.

It is thought that Ross and two co-founders of the offending companies – Sam Jain and Daniel Sundin – will be jointly liable for the fine.

False advertising

The “scareware” operation was discovered by the FTC back in 2008, as part of the efforts to safeguard consumers from spyware and malware. Ross and six other defendants were accused of deceiving over a million customers by selling them security software to combat the non-existent infection, discovered by the “system scanners” made by the same group of companies.

The culprits would place flash banners on trusted, popular websites, displaying something that looked like a running anti-virus scanner. It would inevitably find a host of viruses, spyware, and illegal pornography on a user’s computer, and offer to buy security software designed to “fix” any and all problems.

The banners were placed on behalf of legitimate organisations without their consent, and looked perfectly normal to the advertising agencies thanks to some clever coding.

The solutions would usually come under generic names, such as WinFixer, WinAntivirus, DriveCleaner, ErrorSafe, and XP Antivirus, and cost from $40 to $60 (£24 – £37). Naturally, none of them actually offered any sort of protection against malware.

The two companies charged in the case – Innovative Marketing and ByteHosting Internet Services – operated using a variety of aliases and maintained several offices, including one in Kiev, Ukraine. According to the FTC, Innovative Marketing took in around $60 million (£37m) in revenue between 2000 and 2008, when the first legal action was brought.

Under a settlement announced in 2011, defendant Marc D’Souza and his father, Maurice D’Souza, were already ordered to give up $8.2 million (£5m) they earned through the scheme.

According to ArsTechnica, Ross argued she was just an employee of the company, was not a “control person” and did not have “requisite knowledge of the misconduct”. However, the court decided otherwise.

To avoid such scams, the FTC advised computer users to always keep their anti-virus and firewall solutions updated and switched on, and not click on any links within pop-ups. “If you’re faced with any of the warning signs of a scareware scam or suspect a problem, shut down your browser,” read an advisory from the FTC.

Doing some basic research before installing any software is also a good approach: “If you get an offer, check out the program by entering the name in a search engine. The results can help you determine if the program is on the up-and-up.”

Last year, the FBI arrested members of two cyber-crime gangs who may have netted more than $74 million (£46m) using the same “scareware” method.

How well do you know Internet security? Try our quiz and find out!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

15 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

17 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

18 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

19 hours ago