The federal government took much needed action today against sleazy PC tech support scammers and fake AV peddlers. Actions include lawsuits, a judgment of $163 million, and freezing of multiple assets. PC tech support scammers will be familiar to regular readers of this blog because David Harley and others have charted the progress of this scam in multiple posts. The scam involves con artists calling you up, typically from India but using a European-sounding first name, and persuading you that they can, for a fee, fix problems on your Windows machine (the problems are not real, and neither is the expensive fixing they do if you fall for the scam).
The FTC action against tech support scammers happened just two days after David Harley posted about the Virus Bulletin session on this topic, which is probably a coincidence, but a welcome one. The extent of the scam and the large amount of money it appears to be making for its perpetrators was made clear in that session in Dallas presented by David, along with Martijn Grooten, Steve Burn and Craig Johnston.
So what did the FTC do today? Here is what was said in the official Federal Trade Commission announcement:
"The Federal Trade Commission has launched a major international crackdown on tech support scams in which telemarketers masquerade as major computer companies, con consumers into believing that their computers are riddled with viruses, spyware and other malware, and then charge hundreds of dollars to remotely access and fix the consumers' computers...At the request of the FTC, a U.S. District Court Judge has ordered a halt to six alleged tech support scams pending further hearings, and has frozen their assets."
According to the Washington Post: "The agency has frozen the assets of companies involved in six of these scams. It has also taken measures to block phone lines and Web sites the companies used to contact consumers...The FTC said it worked with its counterpart agencies in Canada and Australia to identify and track the scams. Microsoft also played a part in identifying the scammers."
The agency also confirmed what researchers have previously noted, that the call centers were largely concentrated in India. That could present a problem when the courts try to enforce some of these actions, a fact reflected in the calls, renewed today by FTC chairman Jon Leibowitz at the press conference, for the Senate to pass a bill that would extend the FTC's ability to coordinate its investigations with foreign countries. I think every security professional and anti-virus researcher would second that call.
Adding to the very welcome sense that our federal government is getting to grips with cybercrime was the almost simultaneous announcement that a federal court, acting on an FTC complaint, has imposed a $163 million judgment on a woman who "allegedly helped run a scareware ring that tricked over one million consumers across six countries into purchasing fake security software." (Information Week)
This judicial action, carried out yesterday, represents continuing fallout from a long-running case involving Belize-based Innovative Marketing, Inc. (IMI), and a subsidiary, Cincinnati-based ByteHosting Internet Services. In addition to the $163 million judgment, the court ordered IMI to cease marketing and selling its software, which was sold under such names as WinFixer, WinAntivirus, DriveCleaner, ErrorSafe, and XP Antivirus. (Two of the people involved in this scam, Sam Jain and Daniel Sundin, are already on the run, as noted in a blog post from a year ago).
These latest actions by the authorities are not likely to make the bad guys, or girls, stop dead in their tracks, but they do put a finger on the underworld scales in which risk is weighed against reward. The greater the chances of getting caught and punished, the less appealing a scam becomes. And the fewer people fall for the scams, the less the rewards. So make sure you warn friends and family about people calling up to fix their Windows computer, and online ads that try to scare you into buying antivirus software with false claims about your current state of infection.
(Here is a link to the VB paper My PC has 32,539 errors: how telephone support scams really work.)
(If you suspect your Windows computer has a virus you can perform a free and safe scan here.)