Tuesday, September 30, 2008

Microsoft and State of Washington Fight 'Scareware'

Microsoft and the state of Washington are waging a legal war against vendors of "scareware," according to an announcement from the Washington State Attorney General's Office issued on Monday. Scareware pressures the user into buying software or a service, typically via alarming pop-up messages.

The latest in a flurry of lawsuits was filed on Monday by the state's AG against a Texas-based distributor. James Reed McCreary IV of The Woodlands, Texas, is accused of sending bogus pop-up messages to PCs running Windows Messenger.

The official-looking pop-up warns about a damaged or corrupted registry. Users are directed to a Web site for a free scan that invariably identifies 43 critical problems that can be fixed by purchasing a software program (Registry Cleaner XP) for $39.95.


The state and Microsoft say Registry Cleaner XP is a nebulous program that does nothing but "lull the consumer into a false sense of security."

State Attorney General Rob McKenna called the software "a blatant rip-off of consumers." The lawsuit alleges "claims of misrepresentation, harassment, and high-pressure sales" by the defendant.

According to lead attorney Paula Sellis, senior council for the Washington State Attorney General's Office, the state will ask the court for an injunction to shut down Alpha Red and Branch Software, Houston-based companies owned by McCreary.

"Under Washington law, we are suing for restitution for victims in the state, however, since we are asking for an injunction to cease and desist, this might have a positive effect for users in other states indirectly," said Sellis in a telephone interview.

This latest suit brings the number of civil actions against spyware and scareware proliferators to 24, since Washington enacted the Computer Spyware Act in 2005. Microsoft has filed 17 of those suits. According to Sellis, the state and Microsoft have prevailed in all of the suits to date.

"We have been extremely successful in our suits and have recovered attorney fees, and restitution in many of the cases," Sellis said. "In 2006 we were successful in recovering more than a million dollars from a New York-based company called Secure Computer that had a similar scareware program [to Registry Cleaner XP]."

Microsoft has filed no less than seven suits against SMP Soft for programs that "allegedly falsely alert consumers to problems on their computers and offer to sell software fixes." Programs named in the suits include Scan & Repair, Antivirus 2009, MalwareCore, WinDefenderXPDefender.com and WinSpywareProtect.  Defendants in these suits face up to $2,000 per violation plus restitution and attorney fees, according to the state's AG office.

According to the statement released on Monday, consumers can file complaints themselves. However, such lawsuits typically file against "John Doe" defendants because tracking down identities in such cases can be difficult.

Microsoft estimates that spyware is the problem for the more than 50 percent of calls to its customer support reporting computer crashes. The state AG calls spyware "the biggest online threat to consumers and businesses since the advent of the Internet."


‘Burn After Reading’: Mixed Nuts, By Kurt Loder
Microsoft Announces SP-1 for Forefront Client Security