Scans Detected Spyware That Wasnt There; Spyware Removal Software Claims Were False Settlements Require Defendants to Give Up Nearly $2 Million in Ill-Gotten Gains
Two operations that promoted spyware detection products by making bogus claims have agreed to settle Federal Trade Commission charges that their claims were deceptive and violated federal law. Each operation claimed to detect spyware, even when there was not any, and then sold consumers anti-spyware software that either did not work or did not work as advertised. The settlements require the defendants to give up a total of nearly $2 million in ill-gotten gains, and prohibit deceptive claims. One set of defendants will be barred from selling or marketing any anti-spyware product or service in the future.
In March 2005, the FTC charged that Spyware Assassin and its affiliates used Web sites, e-mail, banner ads, and pop-ups to drive consumers to the Spyware Assassin Web site. Consumers were told the Web site “scanned” consumers’ computers at no cost to determine whether they were infected with spyware. The results of the “scans” were positive, and the site warned consumers that they had spyware installed on their systems.
The FTC charged that the defendants’ free remote scan was phony, and the defendants’ representations that they had detected spyware on the consumer’s computer were deceptive. In addition, the defendants claimed that the software they sold for $29.95 would remove all spyware programs and files. The FTC’s complaint alleged that the “anti-spyware” software did not remove all or substantially all spyware, and the defendants’ deceptive claims violate the FTC Act, which bars deceptive claims.
In June 2005, the FTC charged an unrelated operation, Trustsoft, with using similar tactics to sell its “SpyKiller” software. The FTC alleged the defendants sent pop-up and e-mail messages informing consumers that their computers had been remotely “scanned” and that spyware had been “detected,” even though defendants had not performed any such scans. The defendants urged consumers to access the SpyKiller Web site to get “free scans” for spyware.
While the SpyKiller “scan” was running, the program displayed a status report entitled “Spyware Found on your PC:” that included a category called “Live Spyware Processes.” In fact, the FTC alleges, this category deceptively identified anti-virus programs, word processing programs, and other legitimate processes running on the system as spyware. Then, even though the “scan” itself was free, consumers usually had to pay approximately $39.95 to enable SpyKiller’s “removal” capabilities. The defendants promised in their marketing materials that SpyKiller would find and remove “all” spyware, including “all traces” of particular spyware on consumers’ computers. The FTC complaint alleged, however, that the software failed to remove significant amounts of spyware, including specified spyware the defendants claimed to remove. The complaint further alleged that the deceptive claims violated the FTC Act.
The FTC also alleged that spam messages promoting the SpyKiller software, containing similar deceptive claims, were not identified as advertising, used false “from” lines, did not include valid postal addresses, and failed to provide consumers with notice of and the ability to “opt-out,” in violation of the CAN-SPAM Act.
U.S. District Courts ordered a halt to the deceptive practices of both operations, pending trials. The settlements announced today end those lawsuits.
Both operators will give up their ill-gotten gains.
Thomas L. Delanoy and his corporation, MaxTheater, Inc., will pay $76,000 – the full amount of consumer injury. The settlement will ban the defendants from selling or marketing any anti-spyware product or service in the future. It will prohibit them from downloading or installing spyware on consumers’ computers, or from assisting others in downloading or installing it. The settlement bars them from making misrepresentations in connection with the sale or marketing of any good or service. It also contains certain record-keeping and reporting provisions to allow the agency to monitor compliance.
Danilo Ladendoft and Trustsoft, Inc., will pay approximately $1.9 million to settle the FTC charges. The settlement will prohibit them from making deceptive claims in the sale, marketing, advertising, or promotion of any goods or services and prohibits the specific misrepresentations used in promoting SpyKiller. It prohibits them from using the spyware their “anti-spyware” software supposedly detects and destroys to deliver ads. It also prohibits future violations of the CAN-SPAM Act.
The Commission votes to accept the settlements were 4-0. The U.S. District Court for the Southern District of Texas approved the settlement with the Trustsoft defendants on November 30, 2005. The U.S. District Court for the Eastern District of Washington approved the settlement with the MaxTheater defendants on December 6, 2005.
The FTC and a partnership including cybersecurity experts, online marketers, consumer advocates, and other federal officials recently launched a new multimedia, interactive consumer education campaign to help consumers stay safe online. The comprehensive Web site (www.OnGuardOnline.gov) has tips, articles, videos, and interactive activities.
The Web site offers tips to lower the risk of spyware infections, such as:
- Update your operating system and Web browser software, and set your browser security high enough to detect unauthorized downloads.
- Use anti-virus software and a firewall, and keep them up-to-date.
- Download free software only from sites you know and trust. Enticing free software downloads frequently bundle other software, including spyware.
- Do not click on links inside pop-up windows.
- Do not click on links in spam that claim to offer anti-spyware software; you may unintentionally be installing spyware.
- Consider using anti-spyware software from a reputable company.
NOTE: The Commission files a complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest.
The complaint is not a finding or ruling that the defendant has actually violated the law.
NOTE: Consent decrees are for settlement purposes only and do not constitute an admission by the defendant of a law violation. Consent decrees have the force of law when signed by the judge.
Copies of the complaints and consent agreements are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
Office of Public Affairs
Rob Kaye or Mona Spivack,
Bureau of Consumer Protection
202-326-2215 or 202-326-3795