The Federal Trade Commission has asked a U.S. District Court to shut down a spyware operation that hijacks computers, secretly changes their settings, barrages them with pop-up ads, and installs adware and other software programs that spy on consumers' Web surfing. The spyware may cause computers to malfunction, slow down, or even crash. The FTC alleges the spyware operation violates federal law and will ask the court to bar the practices permanently and order the defendants to give up their ill-gotten gains.
“Consumers don’t deserve to be pestered and spied on by people who illegally hijack their computers,” said Lydia Parnes, Acting Director of the FTC’s Bureau of Consumer Protection. “We’re putting purveyors of spyware on notice: This is our first spyware case, but it won’t be our last.”
Earlier this year, the FTC received a complaint from the Center for Democracy and Technology concerning pop-up ads for Spy Wiper and Spy Deleter. In response to this complaint and other information, the Commission commenced an investigation of Seismic Entertainment Productions, Inc., Smartbot.Net, and Sanford Wallace. Since December 2003, they have operated Web sites that distribute spyware. According to the FTC, the defendants used a variety of techniques to direct consumers to their Web sites. At these Web sites, consumers had spyware downloaded onto their computers. The spyware attacks a feature of Internet Explorer’s Web browser to download software, so consumers received no notice that it is being installed and did not consent to its installation.
The spyware changed the consumers’ home pages, changed their search engines, and triggered a barrage of pop-up ads. According to the FTC, the spyware also installed additional software, including spyware that can track the computer use of consumers. As a result of the spyware and other software the defendants installed, many computers malfunctioned, slowed down, or crashed, causing consumers to lose data stored on their computers.
Having created serious problems for consumers, the defendants offer to sell them a solution. The spyware causes the CD-ROM tray on computers to open, and then tells consumers “FINAL WARNING!! If your cd-rom drive(s) open. . . You DESPERATELY NEED to rid your system of spyware pop-ups IMMEDIATELY! Spyware programmers can control your computer hardware if you failed to protect your computer right at this moment! Download Spy Wiper NOW!” Spy Wiper and Spy Deleter, another purported anti-spyware product the defendants promoted, were sold for approximately $30.
The FTC charged that the defendants engaged in unfair acts and practices in violation of the FTC Act in connection with downloading spyware onto the computers of consumers. The agency alleged that the defendants acted unfairly in downloading software without any notice or authorization that modified the Web browser to change consumers’ home pages and search engines and that downloaded additional software (including spyware) that caused harm to consumers. The FTC also charged that the defendants acted unfairly in downloading spyware that causes serious harm to consumers, thereby compelling them either to purchase the anti-spyware product the defendants offer or spend substantial time and money to fix their computers. The defendants receive a commission on the sales of anti-spyware products that result from their activities.
The FTC has asked the court to issue an order preventing the defendants from disseminating spyware and giving up their ill-gotten gains.
The FTC has issued tips for consumers to help them prevent spyware from being installed on their machines. Experts at the FTC and across the technology industry suggest that you:
If you think your computer might have spyware on it, experts advise that you take three steps: Get an anti-spyware program from a vendor you know and trust. Set it to scan on a regular basis — at least once a week — and every time you start your computer, if possible. And, delete any software programs the anti-spyware program detects that you don’t want on your computer.
For more information about protecting your computer and your personal information online, visit www.ftc.gov/infosecurity.
The Commission vote to authorize staff to file the complaint was 5-0. The complaint was filed in the U.S. District Court for the District of New Hampshire.
NOTE: The Commission files a complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. The complaint is not a finding or ruling that the defendant has actually violated the law. The case will be decided by the court.
Copies of the complaint are available from the FTC’s Web site at http://www.ftc.gov and also from the FTC’s Consumer Response Center, Room 130, 600 Pennsylvania Avenue, N.W., Washington, D.C. 20580. The FTC works for the consumer to prevent fraudulent, deceptive, and unfair business practices in the marketplace and to provide information to help consumers spot, stop, and avoid them. To file a complaint in English or Spanish (bilingual counselors are available to take complaints), or to get free information on any of 150 consumer topics, call toll-free, 1-877-FTC-HELP (1-877-382-4357), or use the complaint form at http://www.ftc.gov. The FTC enters Internet, telemarketing, identity theft, and other fraud-related complaints into Consumer Sentinel, a secure, online database available to hundreds of civil and criminal law enforcement agencies in the U.S. and abroad.
(FTC File No. 042 3142)