FTC shuts down major international scareware scam

Six mostly India-based companies targeted English-speaking consumers in the US, Canada, Australia, Ireland, New Zealand and the UK. According to the FTC, five of the six companies used telemarketing boiler rooms to call consumers. The sixth lured consumers by placing ads with Google that appeared when consumers searched for their computer company's tech support telephone number.

Then, purporting to be affiliated with major computing vendors including Dell, Microsoft, McAfee and Norton, the telemarketers conned unwitting consumers into believing that their computers are riddled with viruses, spyware and other malware, charging anywhere from $49 to $450 per PC to remotely access and "fix" the machines.

The FTC is no stranger to rectifying scareware campaigns, but FTC Chairman Jon Leibowitz said that the scam artists this time around “have taken scareware to a whole other level of virtual mayhem."

To show that the malware was there, the scammers directed consumers to a utility area of their computer and falsely claimed that it demonstrated that the computer was infected. When consumers agreed to pay the fee for fixing the "problems," the telemarketers directed them to a website to enter a code or download a software program that allowed the scammers remote access to the consumers' computers. Once the telemarketers took control, they “removed" the non-existent malware and downloaded otherwise free programs.

Scareware has been on the rise since last year, with computer users falling victim to a variety of approaches that have resulted in millions of dollars of losses through sales of fake security software and anti-virus services. This is a new twist on the theme, offering a real-time, almost untraceable fix through the cloud for non-existent problems. Furthering the league-of-shadows approach, FTC papers filed with the court alleged that the scammers hoped to avoid detection by consumers and law enforcers by using virtual offices that were actually just mail-forwarding facilities. And together, the companies used 80 different domain names and 130 different phone numbers in the scam.

At the request of the FTC, a US District Court Judge has ordered a halt to the six companies’ operations pending further hearings, and has frozen their assets. The FTC charged the defendants with a laundry list of infractions, including violating the FTC Act, which bars unfair and deceptive commercial practices, as well as the Telemarketing Sales Rule and with illegally calling numbers on the USDo Not Call Registry. It asked the court to permanently halt the scams and order restitution for consumers.

Meanwhile, the Australian Communications Authority (ACMA) and the Canadian Radio-Television and Telecommunications Commission (CRTC) have both also brought administrative actions for violations of their Do Not Call laws in the wake of the scareware discovery, and the FTC said it is working with the UK's Serious Organised Crime Agency to help halt the scam in that country.

In separate news, three scareware perpetrators have been ordered this week by a US District Court to pay out a $163 million FTC fine, after it was discovered that they scammed more than one million people out of money. Kristy Ross, Sam Jain and Daniel Sundin were charging $39.95 and up to fix “issues” in a scam that ran from 2000 to 2008 and, among other things, employed pop-up notifications in people’s browsers alerting them of PC problems.

“The FTC has been aggressive – and successful – in its pursuit of tech support scams,” said Leibowitz.

What’s hot on Infosecurity Magazine?