company logo presented by rebecca henderson high-tech investigations related to consumer fraud ipma...

Company

LOGO

Presented by Rebecca Henderson

High-Tech Investigations Related To Consumer Fraud

IPMA Executive SeminarCampbell’s ResortOctober 15, 2008

Your Presenter

Rebecca Henderson Computer Investigative Specialist Consumer Protection Division’s High Tech Unit Washington Attorney General’s Office

Certifications CCNA Security+ CSFA i-Net+ C|EH

Agenda

Overview of the Consumer Protection Division What We Do High Tech Unit

Laws Related to Our Civil Investigations Consumer Protection Act Computer Spyware Act Unsolicited Commercial Email Canned SPAM

Examples of Actual Cases

Emerging Trends

Consumer Protection Division

10 attorneys and 43 professional staff

Enforces the Consumer Protection Act (RCW 19.86)

Investigates and files legal actions to stop unfair and deceptive practices

Recovers refunds for consumers and imposes penalties on offending businesses

Recovers attorneys’ fees and costs

Consumer Protection Division

Mission To secure a marketplace free from deceit and

unfairness and to promote fair methods of competition

Tools Education Informal Mediation Investigation and Enforcement Legislation

High Tech Unit

One of the most active and well-respected high tech fraud units (HTU) in the country

The division and its HTU was one of the first to enforce cases under both state and federal spam laws

One of the first in the country to pursue fraudsters under state spyware laws

Team is supported by a computer forensic expert and state-of-the-art high tech lab

Consumer Protection Act

http://apps.leg.wa.gov/RCW/default.aspx?cite=19.86&full=true

Chapter 19.86 RCW Unfair competition, practices, declared unlawful

Attorney General may restrain prohibited acts

Demand to produce documentary materials for inspection, answer written interrogatories, or give oral testimony

Civil penalties $2,000 per violation Person, other than a corporation, not more than $100,000 Corporation, not more than $500,000


Computer Spyware Act


Chapter 19.270 RCW Unlawful activities

Modification of settings Collection of personally identifiable information Installation or removal of software Taking control of a computer Preventing installation of certain software Misrepresenting security software

Civil Penalties Enjoin further violations Recover actual damages or $100,000 per violation


Commercial Electronic Email


Chapter 19.190 RCW Unpermitted or misleading electronic mail

Commercial electronic text message

Civil actions Greater of actual damages or $5,000 per violation Up to three times the damages if defendant has engaged in a

pattern and practice of violation


CAN SPAM Act

http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.shtm

CAN-SPAM Act of 2003 (Controlling the Assault of Non-Solicited Pornography and Marketing Act)

Bans false or misleading header information Prohibits deceptive subject lines Requires that your email give recipients an opt-out

method Requires that commercial email be identified as an

advertisement and include the sender’s valid physical postal address

http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.shtm

Cases – Secure Computer

http://atg.wa.gov/pressrelease.aspx?&id=3770

First case under Washington’s Computer Spyware Act

Advertised and distributed a product called Spyware Cleaner through:

SpamPop-up adsDeceptive hyperlinks

Six defendants sued for Spyware Act and Consumer Protection Act Violations



Ad for Spyware Cleaner


Free Spyware scan results always show Extreme Risk


Pop up seen after exiting the program



First to Settle in State’s First Spyware Case Zhijian Chen, of Portland, Oregon, will pay nearly $84,000 in

fines and consumer restitution for marketing bogus anti-spyware software through deceptive means

Chen promoted Secure Computer’s Spyware Cleaner through Net Send messages

Stipulated Judgment Costs and Fees: $43,917.00 Restitution: $16,000.32 Civil Penalties: $24,000 Total Judgment: $83,917




Second to Settle in State’s First Spyware Case Defendant’s name allegedly used as an alias in business

transactions

Consent Decree Gary T. Preston will pay $7,200 in legal costs and attorney’s fees Prohibits him from assisting any person or organization in

disguising its identity from the public or law enforcement




Third defendant to settle SethTraub advertised Secure Computer’s Spyware Cleaner

program using Google AdWords He will pay $2,000 in legal costs and attorneys’ fees.

Enjoined from (in the context of any advertising or sale): Using any trademarked terms Making any misrepresentations Making any unsubstantiated claims Using any terms that have the tendency or capacity to deceive

consumers




Secure Computer Settlement Marketed and sold Spyware Cleaner on several Web sites

including myspywarecleaner.com and checkforspyware.com When tested on a computer that was deliberately infected with

spyware, Spyware Cleaner failed to detect some types of spyware

During the free scan, the software also surreptitiously erased a computer’s Hosts file

Judgments Costs and Fees: $725,000 Restitution: $75,000 Civil Penalties: $200,000 Total Judgment: $1,000,000




Cases – High Falls Media


Promoted a software program called Spyware Slayer through deceptive means

Failed to disclose costs of a music download service until after consumers provided personal information




Pop-up seen when closing www.freepcscan.com


Results of free scan always show extreme risk


www.247downloads.com represented as a “legal PTP” music, movie, game, and software download service

http://www.247downloads.com/


Free Download Club actually requires monthly subscription for $29.95 a month to be a member


Consent Decree

Civil Penalties: $300,000 (with $275,000 suspended upon compliance with this Consent Decree)

Restitution: refunds for consumers who purchased their products

Costs and Fees: $30.000

Total Judgment: $330,000


Injunctions Using the word “free” without actual cost in

close proximity Representing a product or service as

“unlimited” when there are limits Creating a false sense of urgency in the

context of advertising Collecting personal information from

consumers without clear disclosure

Cases – Movieland.com


Advertised a free, three-day trial offer that requires users to download software

After trial period, billing software was remotely activated causing a pop-up window to take up most of the screen

Clicking “Continue” launches a 40-second video

Prevented users from using Control Panel to uninstall the program





Popup Demonstration

Audio Body

Kate


Injunctions

May not use Internet to offer anonymous free trials to consumers located in the State of Washington.

Cannot collect payment for goods or services without a valid contract

Shall not distribute, download, or install any software program, code, script or other content without certification from user that he is the computer owner

Cases – Quikshield


Advertised for a pop-up blocker using pop-up ads

Misrepresented security risks to induce consumers to install software for security purposes

Misrepresented advertisement as a “security alert”

Software could not be completely uninstalled by reasonable means






Pop-up seen if icon on system tray is closed and computer is rebooted


Total Judgment - $16,444.37 Injunctions

Failing to provide an operable uninstall function

Misrepresenting an advertisement as a Microsoft Internet Explorer security alert message

Misrepresenting security functions are not working properly

Cases – SecureLink


Feigned the discovery of critical errors on a computer

Prevented a computer user from declining the installation of software

Modified computer settings

Intentionally misrepresented the necessity of new software for security purposes

Misled consumers into believing that registry-cleaner software had performed indicated repairs



Defendants

Manuel Corona, Jr Owner of SecureLink Networks LLC www.registryrinse.com Marketed and sold Registry Sweeper Pro and Registry Doc

Rudy O. Corella Owner of NJC Softwares, LLC www.registrydoc.com Marketed and sold Registry Doc, Registry Cleaner 32, and Registry

Cleaner Pro

HoanVinh V. Nguyenphuoc Owner of FixWinReg LLC Marketed and sold Registry Rinse, Registry Sweeper Pro, and

Registry Doc

http://www.registryrinse.com/

http://www.registrydoc.com/

Typical ad sent by Manuel Corona


Typical net send ads sent by Rudy Corella


Typical net send ad sent by Hoanvinh Nguyenphuoc



HoanVinh V. Nguyenphuoc Owner of FixWinReg LLC Sent anonymous net send messages that simulated

security warnings

Stipulated Judgment Costs and Fees: $25,000 Civil Penalties: $75,000, with $75,000 suspended on

condition of compliance with all of the terms of the Decree




Manuel Corona Owner of SecureLink Networks Intentionally misrepresented the extent software was necessary

for security purposes Induced consumers to download, install, and purchase Misrepresented the presence of critical errors on consumers

computers

Summary Judgment Costs and Fees: $141,020.45 Civil Penalties: $400,000.00




Rudy Corella Owner of NJC Softwares Sent anonymous net send messages that simulated security

warnings Bundled TwikiBar with Registry Doc Hijacked home page settings

Summary Judgment Costs and Fees: $141,020.45 Civil Penalties: $400,000.00


Cases – Messenger Blocker

http://www.atg.wa.gov/pressrelease.aspx?&id=19416

Windows Messenger spammer

Bombarded consumers with ads for pornography and Viagra

Ads also instructed consumers to download and install Messenger Blocker

Once installed, ads would stealthily be sent from consumer’s computer




Ad for PleasureRX


Ad for College Degree without tests


Ad for Messenger Blocker


Ad for generic Viagra


Ad


Program


Task Manager is disabled


Copyright warning


Injunctions

Misrepresenting urgency, exclusivity, or need for products or services in the context of advertising

Using Net Send messages to promote any products or services

Using any form of advertising that simulates a an alert or security message

Cases – SubscriberBASE


Advertised FREE laptops, HDTVs, digital cameras, etc.

Required completion of sponsor offers that would cost more than the value of the free gift

Consumer information became part of a database that was leased for commercial email use



Consent Decree

Civil Penalties: $350,000, provided that $55,000 shall be payable and $295,000 suspended on condition of compliance with all of the terms of the Consent Decree

Restitution: refunds to consumers (potentially 2.7 million dollars)

Costs and Fees: $69,365.50


Changes to disclosures

Current Trends in Deception

Fake online spyware/antivirus scanners Uses trickery through JavaScript to simulate

scanning of computer Rogue registry cleaner programs

Label all results as “critical errors” Scan of registry does not actually occur

Hosting companies “ignoring” complaints Atrivo/Intercage

XP Antivirus

Changes to Spyware Act

Removes onerous requirements that hinder ability to prove cases against violators

Creates liability for Web hosting services who ignore violators’ use of their products or merchants who pay others to violate the law

Adds violations for new forms of spyware

Clarifies the standards for proof of violations and the circumstances under which actions may be brought.

Cases – RegistryCleanerXP


New lawsuit using tougher legislation

Five causes of action against: James Reed McCreary IV Branch Software Alpha Red, Inc.

Advertised via Net Send messages


Registry Cleaner XP

Contact Information

Consumer Protection Division, TB-14Office of the Attorney General of Washington800 Fifth Avenue, Suite 2000Seattle, WA 98104-3188

Rebecca HendersonComputer Investigative Specialist(206) [email protected]

company logo presented by rebecca henderson high-tech investigations related to consumer fraud ipma...

Documents