Slashdot Mirror

← Back to Stories (view on slashdot.org)

Symantec Sued For Running Fake "Scareware" Scans

Posted by samzenpus on from the selling-fear dept.

Sparrowvsrevolution writes "James Gross, a resident of Washington State, filed what he intends to be a class action lawsuit against Symantec in a Northern District California court Tuesday, claiming that Symantec defrauds consumers by running fake scans on their machines, with results designed to bully users into upgrading to a paid version of the company's software. 'The scareware does not conduct any actual diagnostic testing on the computer,' the complaint reads. 'Instead, Symantec intentionally designed its scareware to invariably report, in an extremely ominous manner, that harmful errors, privacy risks, and other computer problems exist on the user's PC, regardless of the real condition of the consumer's computer.' Symantec denies those claims, but it has a history of using fear mongering tactics to bump up its sales. A notice it showed in 2010 to users whose subscriptions were ending in 2010 warned that 'cyber-criminals are about to clean out your bank account...Protect yourself now, or beg for mercy.'"

18 of 391 comments (clear)

  1. Who still pays for antivirus? by DCTech · · Score: 5, Insightful

    There are perfectly good free antivirus programs now, if you want to run one. Most of them are actually better than the non-free antivirus programs. Microsoft Security Essentials is a free antivirus that is many times better than Symantec's and others. On top of that it is lightweight and fast, compared to the bloated crap that Norton is. It works on slower machines too, detects more viruses and doesn't break stuff.

    On 8 June 2011, PC Advisor listed Microsoft Security Essentials 2.0 in its article Five of the Best Free Security Suites, which included Avast! 6 Free Edition, Comodo Antivirus 5.4, AVG Antivirus 2011 and BitDefender Total Security 2012 Beta.

    So choose from those. Personally I don't run any antivirus as I don't download random executables from the internet nor surf to random porn sites or download from torrent sites. Windows is also secure now a days, and I haven't had a single malware in like 10 years.

    1. Re:Who still pays for antivirus? by PenquinCoder · · Score: 5, Informative

      I'm not exactly pro-MS but DTech is correct. MSE is actually one of the better anti-virus programs for windows these days. You can't fault MS for snapping up a company/product that worked well and then including it for free in their (buggy and insecure) OS. It's at least one thing they did right.

    2. Re:Who still pays for antivirus? by kvvbassboy · · Score: 5, Insightful

      But MSE is the best free antivirus software.

    3. Re:Who still pays for antivirus? by gman003 · · Score: 5, Informative

      Dude, no, seriously. MSE actually works, and well. From personal experience, I can say that it's faster and more effective than AVG; I've heard from others that they switched to it from Avast, Comodo and Kaspersky.

      Everything else Microsoft makes is pretty crap - Windows, Office, IIS, MSN - but apparently even Microsoft crap is better than every other antivirus' crap.

    4. Re:Who still pays for antivirus? by RogueyWon · · Score: 5, Interesting

      I'm by no means anti-MS (Windows 7 is the only OS on both of my home PCs these days), but I'd take issue with the blanket statement that "Windows is also secure now a days".

      I went through endless fun thanks to the parents just before Christmas. They fell for one of those fake-DHL-shipping-notice spam e-mails (as they were actually expecting a Christmas-related DHL delivery) and, with a single click, landed their (3 month old, Norton-"protected", UAC-enabled) PC with one of the most vicious and persistent pieces of malware I've ever seen. One of those fake-AV-software ransomware jobbies. It disabled Norton, blocked Windows from accessing DVD and USB drives, did a dns redirect so that browsers could only access the ransomware page and all kinds of crap. I've sorted these before by doing a system restore from a backup point in safe-mode, but even though the restore allegedly worked in this case, the malware persisted through it quite happily. Ended up doing a full format and reinstall of Windows.

      Now, there are a lot of failures in this story; my parents for clicking the link, Norton for being completely (and predictably) useless and so on. But I still have problems with describing an OS where a single click can land you in that kind of mess as "secure".

      Personally, I use AVG, on the grounds that it provides some basic protection and makes my system chug less than most of its rivals. But it's by no means infallible, throws up a depressing number of false positives and the only way to avoid infection does appear to be abject paranoia (which is now my default policy).

    5. Re:Who still pays for antivirus? by Anonymous Coward · · Score: 5, Insightful

      You don't have to "willingly" download applications/.exe's to get malware, trojans, etc. There's a lot more out there then you think....

    6. Re:Who still pays for antivirus? by Joce640k · · Score: 5, Insightful

      I haven't had a single malware in like 10 years.

      How do you know? It's not like they pop up a window to let you know if the installation was successful.

      --
      No sig today...
    7. Re:Who still pays for antivirus? by Anonymous Coward · · Score: 5, Funny

      Since you have worked at a PC shop, and are therefore are presumably a leading information security expert and well versed in the intricacies of system security auditing, please explain this process of manually checking for viruses. Given the general nature of how serious compromises actually work, this revolutionary method will be game changing. I am eagerly awaiting my subscription to your newsletter.

      In all seriousness, I hope you didn't bill hours for your security expertise, although sadly I suspect you did.

    8. Re:Who still pays for antivirus? by CastrTroy · · Score: 5, Interesting

      Well, I guess it all depends on whether or not we want to be running general purpose computers or not. You don't see many people complaining about viruses on the XBox or other game consoles. You don't see people getting viruses on the iPhone/iPad. But then, you can't run whichever program you want on these platforms. You can only run MS (or Apple, or whoever) approved software, unless you take some huge steps to go around the protections. The computer can either be designed to run whatever program the user tells it to run, or it can be made secure so that it only runs signed software. You can't have it both ways. Sadly, I think for this reason, that the majority of the population will go to appliance type computers in the next decade, where the downside is that they can only run signed software from specific markets, but with the upside that they will never get a virus. Those of us who know what we are doing can run general purpose computers, possibly without even having virus scanners, because we are smart enough to not even run the virus in the first place. I have MS Security Essentials, and if it wasn't so lean, I wouldn't run it, because it hasn't detected a single thing in the 2 years I've been using it. Because I know not to download and run crap off the internet.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    9. Re:Who still pays for antivirus? by Anonymous Coward · · Score: 5, Informative

      Do you run your linux box as root? No??? Then why run all your Windows 7 executeables as administrator? Either you secured your parents box, or they were logged in with an administrator account and clicked through the UAC pop up without reading or without understanding.

      Even if you're logged in as an administrator, that UAC pop up is the "user confirmation prompt" that you were just screaming about not having. And no recovery path? How do you think you'd recover from an rm -rf if you were logged into your term as root?

      The fact of the matter is, there was a failure to secure the computer. Judging by how you described the situation and the support structure, that failure was yours.

    10. Re:Who still pays for antivirus? by Anonymous Coward · · Score: 5, Informative

      Depending on the specific situation you may be violating the EULA for those clients. MSE is only for use in a business with up to 10 PCs. After that you need to use and pay for Forefront.

    11. Re:Who still pays for antivirus? by TheLink · · Score: 5, Informative

      I'd argue its because Microsoft has access to their own source-code

      I doubt that's the real reason, because both Norton and McAfee used to be good. Then they started to be bigger resource hogs than most viruses they were protecting you against (yes there's other evil stuff that viruses do but keep reading...).

      I definitely recall Norton/Symantec making systems more unstable or causing problems:
      1) Years ago someone had problems fetching email, turns out Norton/Symantec was intercepting the POP3 connections to scan for viruses (ok fine), but some email was causing it to _crash_ (extremely not fine- especially if it turns out to be an exploitable code-injection bug).

      2) In 2007: http://www.pcworld.com/article/132050/millions_of_chinese_hit_by_symantec_foulup.html

      A virus-signature update delivered automatically to users on Friday about 1:00 a.m. Beijing time to Symantec's antivirus scanning engine mistook two critical system files of the Simplified Chinese edition of Windows XP Service Pack 2 for a Trojan horse. The two files -- netapi32.dll and lsasrv.dll -- were falsely quarantined, which in turn crippled Windows. If an affected PC was rebooted, Windows failed on start-up and showed only a blue screen.

      3) On 28 January 2010, Symantec's antivirus software marked Spotify as a Trojan horse, disabling the software across millions of computers

      Nowadays depending on the situation I use Avira, MSE or "no antivirus". My personal home machine has no AV installed. My browser runs as a different user process. If I have something that I think is suspicious, I check it with VirusTotal ( https://www.virustotal.com/ ). So far I have had no problems doing things this way, so I don't see the point of constantly incurring the extra CPU/resource costs by installing a real-time virus scanner on my machine. For the past few decades my personal machines have never been infected by a virus. I may have downloaded viruses or malware, but I have not been infected by them. And yes I do know how to check.

      A dedicated attacker might be able to put malware on my machine, but they'd know how to use virustotal or similar too, and still be able to plant malware on my machine even if I was running AV software (and wasting resources).

      The machine my parents use on the other hand has AV software installed (not Symantec, nor McAfee).

      AV software is not needed everywhere and in some cases if installed, it indicates someone is doing something wrong: http://xkcd.com/463/

      Given my track record vs Symantec's track record, I would prefer to take the bet that Symantec is more likely to screw up my system than a virus. There have been other antivirus vendors with similar screw ups too.

      On a related note, Trend screwed up notoriously - albeit with its antispam product, blocking the letter "p".

      For these reasons production servers and other important machines that are well secured and managed should NOT have antivirus software installed.

      If they are so poorly managed that the operators are much more likely to screw up than the AV vendors, then sure, install AV, but that means you are doing something wrong.

      --
    12. Re:Who still pays for antivirus? by Anonymous Coward · · Score: 5, Informative

      I'm sorry you got infected. However you are spreading FUD. MSE is, of course, a real time scanner. Anything that is written to the file system is scanned first; just like with other real time scanners. Now, there probably wasn't a definition for the particular nasty you got infected with at the time. Either that, or you turned off real time - which MSE warns you not to do.

  2. Not mine; but apropos... by fuzzyfuzzyfungus · · Score: 5, Funny

    They are merely respectable businessmen, offering you their protection...

  3. Antivirus? by SuricouRaven · · Score: 5, Interesting

    We used to use Symantic antivirus at my workplace. Then we had a virus outbreak. Not a cutting-edge virus, just an old USB-stick-infector that symantic was powerless against. Didn't even detect it half the time, and when it did failed to do anything. So we use Sophos now.

  4. Not totally fake in a way by hcs_$reboot · · Score: 5, Funny

    A number of users reported that after installing Symantec anti-viruses their system was slower, could detect false-positives, or worse, hang.
    So in a way, the "scareware" is not totally wrong, as it warns about a degraded system - which may well be the case after the full product is installed.

    --
    Slashdot, fix the reply notifications... You won't get away with it...
  5. It's not AV at the heart of this complaint. by jimicus · · Score: 5, Informative

    This isn't Symantec AV we all know and love(!) at the heart of these complaints. It's one of those "sooper-registry-optimizer!!11" programs that Symantec apparently offer.

    Now, these strike me as somewhat odd. I've been dealing with Windows in one form or another since before the registry even existed - and I've never yet seen one of these tools do the slightest bit of good. Sure, if there's a specific problem (eg. malware) then a specific tool to deal with it may well help - but every single generic registry optimiser I've ever seen seems to be optimised to suck £20-30 from the customer's bank account rather than actually help them in any way.

  6. Hmm. by slasho81 · · Score: 5, Funny

    Symantec is scaring people to get what they want. So by definition, Symantec are terrorists.