Jeff Gelles: Despite global crackdown, malware-protection scams abound

Posted: October 05, 2012

If you fret about viruses, Trojan horses, or other malicious software infecting your home or office computer, there was reason to be cheered by this week's Federal Trade Commission multi-barreled crackdown on some smarmy malware profiteers. But not really to be reassured.

The FTC announced on Tuesday a $163 million judgment against a "scareware" operation it first targeted four years ago, centered on a company that called itself "Innovative Marketing Inc." - scammers with a sense of humor! This web of businesses and people, from as near as Maryland and as far as London and Belize, delivered dire warnings to the screens of U.S. computer users, saying their machines were infected. Then they tricked the victims into paying to fix nonexistent problems - or problems that didn't exist until they encountered the scam.

On Wednesday, the FTC joined agencies from around the world to shut down six tech-support scams that investigators said targeted tens of thousands of computer owners the old-fashioned way - by phone. From "boiler rooms" mostly in India, they tricked victims into paying hundreds of dollars for the removal of bogus viruses and other maladies, meanwhile scoring their credit-card info and remote access to their computers.

So kudos to the sheriff, but take this all as a big red, flashing warning that the Internet police are badly outgunned, and that the World Wide Web is still the Wild Wild West. You don't need a six-shooter to protect yourself, but you do need a cool head and as much knowledge as possible to steel yourself against its collection of smooth-talking but vicious varmints.

Let's start with a primer on how the latest scams worked.

If you use a home or office computer - sadly, even one of Apple's virus-resistant Macs - chances are you've encountered scareware. Innovative Marketing's versions went by names such as WinFixer, WinAntispyware, SystemDoctor, Antivirus XP, and DriveCleaner.

Whatever the alias, the M.O. was the same, the FTC said: "Bogus scans that falsely detect the presence of dangerous or illegal files or programs on consumers' computers."

The scammers preyed on users' anxieties - perhaps about sites they visited, or worried that other family members had visited, or perhaps that totally innocent Web browsing had led them unintentionally astray.

"Warning! 216 pieces of compromising content have been detected on your computer!" read one of the scam's pop-up screens. It suggested a scan found evidence of "XXX sites," "High risk to your career and marriage," and "Monitoring and investigation of your computer without your awareness," and invited victims to click to "Repair Now!"

Is scareware still a huge problem, even if Innovative Marketing and its collaborators have been shut down and barred from similar activities? Absolutely. In fact, the best-known dent in Apple's protective armor showed up last year as Mac Defender, and it's essentially the same thing.

"Apple security alert," one version was headlined, alongside a large yellow warning triangle. "To help protect your computer, Apple Web Security have detected Trojans and ready to remove them," it advised, in broken English that undoubtedly spared some grammatically sensitive targets.

Staying alert is your best defense against any of these scams, of course - a point that FTC Chairman Jon Leibowitz made Wednesday at a news conference on the tech-support scams largely centered in India, which he likened to a "bad Bollywood movie."

"Madam, it will be my humble request to you, please do not try to click on any of them," a scammer warned an undercover FTC investigator in one recorded exchange, as the con artist led her through a file displaying words like warning and error, and concluded: "Your computer is one of those computers that's been infected. OK?"

Leibowitz said the scams have likely generated tens of millions of dollars for the 14 companies and 17 individuals known to be involved, who claimed to be from companies such as Microsoft, Dell, and Symantec. In about a year, Australia has recorded 10,000 complaints, and the FTC, 2,400.

As with any such scam, the complaints are just the tip of a large iceberg. Some victims are too embarrassed to admit they fell for it. With this scam, many more probably believed their losses were money well-spent - that they were saved by the scammers from an ugly malware infection.

Microsoft's Frank Torres calls the latest scam a crime of "social engineering," an up-to-date term to describe an old-fashioned con game.

"Microsoft will never cold-call you to say that your computer isn't working right," Torres says, in case you had any doubts.

Torres says the scam also brings to mind another old-fashioned game: the arcade delight known as Whac-A-Mole.

For now, it's clear the varmints will keep popping up. Your job is to let the sheriff whack them - and to stay carefully out of the way.

Contact Jeff Gelles at 215-854-2776 or

For more information, visit

comments powered by Disqus