FTC Brings Down Spyware Op
The United States federal government sent a clear message to spyware makers and purveyors this past month: you will be held liable for installing software through misleading End User License Agreements (EULAs) or without obtaining user consent.
ERG Ventures, LLC settled Federal Trade Commission (FTC) charges that a scam which infected more than 15 million computers with destructive, intrusive spyware violated federal law, according to an October FTC press release.
The Nevada, U.S. based company, along with its affiliates, will give up $330,000 U.S. in ill-gotten gains; that number will increase to nearly $3.6 million U.S (the total revenue from the scam) if the court finds that the defendants have misrepresented their financial status. The settlement also bars the company from installing software onto consumers’ PCs without disclosing its function and obtaining explicit consent, as well as from installing software that interferes with computer use.
The case first came onto the FTC’s radar last autumn, when Media Motor, the software the company allegedly bundled with freeware, was originally brought under investigation. In November 2006, ERG Ventures was charged with tricking computer users into downloading Media Motor with free software, like screensavers and videos.
The Media Motor program, according to the Commission’s report, was found to change users’ home pages, track Internet activity, alter browser settings, display pop-ups and pornographic advertising, and even disable anti-spyware and anti-virus software.
Along with this, ERG Ventures was charged with using a deceptive EULA in its Media Motor software, giving users the option to stop the installation of the software, but installing the malware regardless of whether or not the consumer rejected or accepted the terms.
While the halt of the Media Motor spyware scam is a definitive win for end users, there has been past debate in the anti-spyware community of whether or not current penalties are enough to deter cyber-criminals.
According to spyware researcher Ben Edelman, the FTC’s efforts in investigating Media Motor is commendable, but the settlement’s payment seems inadequate considering the additional profits gained from the spyware scam.
“Media Motor took in $3.5 million and will forfeit just $330,000. That sets remarkable incentives: on net, Media Motor made money from its malicious enterprise. A larger forfeiture would far better deter future similar schemes,” Edelman told Lavasoft News.
By the Numbers
Percentage of consumer PCs in the U.S. that are not protected (defined as having up-to-date anti-virus, anti-spyware, and a correctly configured firewall)
Percentage of PC users who believe they are protected
Source: National Cyber Security Alliance and McAfee Inc. study
Term of the Month
Rogue security software masquerades as a helpful security program, but uses malware or malicious tools to advertise or compel users to pay for the removal of non-existent spyware. Rogue software makers often use social engineering to trick consumers into buying their fraudulent anti-spyware or anti-virus products.
You have anti-spyware, anti-virus, and a firewall, so your computer must be secure, right? Wrong. Unless this software is enabled, updated, and properly configured, you are not protected from online threats. According to a recent industry survey, consumers overestimate PC safety – see our "By the Numbers" section for the stats. Make sure to maintain your security software; check that your security applications are both enabled and configured correctly. Keep in mind, the security software that was included with your PC when you purchased it may be a trial version that will expire if you fail to buy a subscription.
Privacy Toolbox Lands Editor's Choice