Slashdot Mirror
FTC Kills Scareware Scam That Duped Over 1M Users
coondoggie writes "The Federal Trade Commission today got a court to at least temporarily halt a massive 'scareware' scheme, which falsely claimed that scans had detected viruses, spyware, and pornography on consumers' computers.
According to the FTC, the scheme has tricked more than one million consumers into buying computer security products such as WinFixer, WinAntivirus, DriveCleaner, ErrorSafe, and XP Antivirus. The court also froze the assets of Innovative Marketing, Inc. and ByteHosting Internet Services, LLC to preserve the possibility of providing consumers with monetary redress, the FTC stated."
Part of the problem is that these users have administrator privileges. I have seen many posts here on /. and elsewhere that claim it is quite possible to run as a non-administrator under Windows. In a corporate environment it should be possible to remove admin privileges (unless those who posted such claims were lying).
Personally, I was amused by this scamware, seeing it scan my PC and find various infected DLLs -- the only problem being that my Linux PC doesn't have any DLLs (except for a few in my WINE installation).
The real "Libtards" are the Libertarians!
No. Perhaps you don't understand. The "scan" is totally bogus -- it "ran" in my SeaMonkey browser under Linux and "detected" various infected DLLs. Since I don't have any DLLs on my system, the "scan" is obviously a scam.
Now, I just wanted to qualify the "I don't have any DLLs" by making a throaway remark that there are actually some on my system as part of WINE. This does not mean I ran the malware under WINE.
The real "Libtards" are the Libertarians!
I find that interesting. My laptop is almost 10 years old, with a PII 233 Mhz chip and maxed out at 96Meg of RAM, but I have Linux running on it. And, I've never had the slightest difficulty connecting it to the Internet or surfing the web. Either you have some very weird hardware or you haven't tried very hard.
Good, inexpensive web hosting
If I go to stopsign.com it will detect all sorts of Windows nastyware on my Linux box.
They have ads on Direct TV.....
I am the unwilling control for my Origin.
...The only reason you see a "click here if this is inappropriate" on any website is so they can cover their own ass and prevent getting sued...
Actually, there's another reason. If you click on anything at all, they can record your address in their web journals and tick a box labeled "This person is a potential mark". It's one of the reasons why I close these bogus displays by going around and closing them from the operating system. I do not trust any button or other clickable control presented to me from any window that I didn't specifically ask to see. Even the little X in the top right corner, they can emulate those controls with controls of their own, and can record the fact that you've paid them a bit of attention. And for such people, the less attention you pay them the better.
Do not mock my vision of impractical footwear
You can't lock out the primary user of a home computer from installing programs. No matter how many hoops you have to jump through (excplicitely authorize, enter password, etc.) there are still a ton of people that will jump through all the hoops and still end up with the garbage installed.
After all, keep in mind that there were a million people that were esentially tricked into pulling out their creditcard and paying money to these people. Removing admin rights and having to enter a sudo password before they can install the malware in question still doesn't change the fact that they honestly thought they 'needed' to install the program in question in the first place.
You can only do so much to protect people from themselves, and in cases like there there isn't much you can do other than prosecute / sue the snot out of the companies doing the malicious advertising and unfounded scaremongering.
That shop was a small shop, and the users need a little more slack with their machines since I only talk to them about once a week. I don't have backdoors like the task scheduler locked up, so if you *really* wanted it, you could have admin on these boxes, and a couple apps (I hate quickbooks) require it, so there's a few RunAs scripts and so on that could port you into adminship.
Nonetheless, I was still impressed.
Boot Windows, Linux, and ESX over the network for free.
Administrator is a fancy term for the guy who logs in as root and can kill any misbehaving processes launched by the user.
Again, backups. I just lost 6 months of work to a hard drive crash two days ago that will cost me $1200 to recover. Mechanical failures are wonderful things. Now I have backups in my apartment and remote backups setup. Backups are trivially cheap, there is no reason not to use them other than your own stupidity. Yes, I was stupid not to have one two days ago.
You seem to have some intelligent points to make. However, I can't decipher them. I'm not trying to be a pedant, but can you take a second and try to rework your post to make it more clear? In particular, can you elaborate on your point about ebay not encrypting passwords?
--why?
So america was taken over by the commies but the populace never knew it.
Liberty freedom are no1, not dicks in suits.