A win for the good guys - the first successful prosecution under Washington's 2005 Computer Spyware Act

A name that may go down in history - Zhijian Chen of Portland Oregan is the first person to be successfully prosecuted, and fined, under Washington's 2005 Computer Spyware Act.

What Chen and his co-accused (Seth Traub, of Portsmouth, N.H.; and Manoj Kumar, of Maharashtra, India) did was use Messenger Service (net send) alerts to fool victims into believing that their computers may be infected with spyware or other nasties (by the way, the Messenger alerts being discussed here is not not the chat programme - rather, we are talking about the Messenger Service most often used by network admins to send pop-up messages to all users on a network - you can find more information about Net Send here) . 

Victims would click on an embedded link in the Messenger Service alert, and ended up at a Web site promoting "Spyware Cleaner".  A free online scan was offered, the victim was told they are infected with spyware (even if no spyware existed on the scanned system) and then stung for US$49.95 to "clean" their systems.

The company behind Spyware Cleaner was called "Secure Computer"... uh, yeah, right...

Chen has been ordered to pay US$16,000 in restitution to users who bought Spyware Cleaner (no, not US$16,000 per victim - US$16,000 in total), US$US24,000 in fines, and close to US$44,000 in attorney fees - all up, US$84,000.00.

Fake antispyware products are big business - check out spywarewarrior's ever growing rogue antispyware list:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

For what its worth, a firewall will invariably stop external net send alerts, and the Messenger Service is disabled by default from XP SP2 onwards.

The name of this now infamous fake antispyware application brings to mind another Blog entry that I wrote back in February:
http://msmvps.com/blogs/spywaresucks/archive/2006/02/13/83396.aspx

I see the same nonsensical advice still exists (despite MS being able to change the page enough to change the reference to "Microsoft Antispyware" to "Windows Defender".

So, let's say it once more.. legitimacy is not guaranteed just because a programme calls itself an antispyware product, or uses the words "spy," "spyware," or "antispyware" in its name or Add/Remove Programs entry.  Its hard to believe such inane advice is being offered under the by-line "Security Essentials".

 

Published Thursday, April 20, 2006 12:12 PM by sandi
Filed under:

Comments

# re: A win for the good guys - the first successful prosecution under Washington's 2005 Computer Spyware Act

Wednesday, April 26, 2006 9:48 AM by Bob
Net Send - I guess he wasn't worried about being anonymous. lol

# re: A win for the good guys - the first successful prosecution under Washington's 2005 Computer Spyware Act

Friday, June 02, 2006 11:26 AM by Scott McCracken

Sandi says: Traub was successfully prosecuted, and has to pay $2,000 for deceptively misleading victims, via Google ads, into believing they were purchased a Microsoft product, or Microsoft sanctioned product:
http://msmvps.com/blogs/spywaresucks/archive/2006/12/05/374715.aspx

I wish you'd do a little research before making false allegations against some of the defendants. In your article you say:

"What Chen and his co-accused (Seth Traub, of Portsmouth, N.H.; and Manoj Kumar, of Maharashtra, India) did was use Messenger Service (net send) alerts to fool victims into believing that their computers may be infected with spyware or other nasties"

Unfortunately, while this may be true for Chen and Kumar, lumping Seth Traub of Portsmouth, NH with them was unfair and incorrect.

Mr. Traub never used Messenger Alerts or Net Send to pass out unsolicited offers to download the Secure Computer Product. Rather Mr. Traub signed up as an affiliate through ClickBank and advertised the product through Google AdWords.

I have done a lot of research on this subject because as a fellow web marketer who uses AdWords often, the lawsuit against other marketers like Mr. Traub was an eye-opening experience.

At no time did Mr. Traub install or promote the product with the knowledge of the security leak. He also never sent messenger SPAM as the other defendants did. As soon as the aforementioned problem was brought to his attention, he removed his ad and issued a formal apology.

He did what many of us, including myself, have done in the past - found a product which was selling well through an affiliate site (such as ClickBank or Commission Junction) and ran a simple AdWords campaign to promote it.

I thought it was worth while to make that distinction.

# re: A win for the good guys - the first successful prosecution under Washington's 2005 Computer Spyware Act

Friday, June 02, 2006 11:26 AM by Scott McCracken

Sandi says: Traub was successfully prosecuted, and has to pay $2,000 for deceptively misleading victims, via Google ads, into believing they were purchased a Microsoft product, or Microsoft sanctioned product:
http://msmvps.com/blogs/spywaresucks/archive/2006/12/05/374715.aspx

I wish you'd do a little research before making false allegations against some of the defendants. In your article you say:

"What Chen and his co-accused (Seth Traub, of Portsmouth, N.H.; and Manoj Kumar, of Maharashtra, India) did was use Messenger Service (net send) alerts to fool victims into believing that their computers may be infected with spyware or other nasties"

Unfortunately, while this may be true for Chen and Kumar, lumping Seth Traub of Portsmouth, NH with them was unfair and incorrect.

Mr. Traub never used Messenger Alerts or Net Send to pass out unsolicited offers to download the Secure Computer Product. Rather Mr. Traub signed up as an affiliate through ClickBank and advertised the product through Google AdWords.

I have done a lot of research on this subject because as a fellow web marketer who uses AdWords often, the lawsuit against other marketers like Mr. Traub was an eye-opening experience.

At no time did Mr. Traub install or promote the product with the knowledge of the security leak. He also never sent messenger SPAM as the other defendants did. As soon as the aforementioned problem was brought to his attention, he removed his ad and issued a formal apology.

He did what many of us, including myself, have done in the past - found a product which was selling well through an affiliate site (such as ClickBank or Commission Junction) and ran a simple AdWords campaign to promote it.

I thought it was worth while to make that distinction.

# re: A win for the good guys - the first successful prosecution under Washington's 2005 Computer Spyware Act

Tuesday, June 27, 2006 3:17 PM by Mike L

Sandi says: Traub was successfully prosecuted, and has to pay $2,000 for deceptively misleading victims, via Google ads, into believing they were purchased a Microsoft product, or Microsoft sanctioned product:
http://msmvps.com/blogs/spywaresucks/archive/2006/12/05/374715.aspx

What Scott McCracken said is exactly the truth.

I know Seth from another Forum.

The guy has no money and is broke!  He started Affiliate Marketing in order to try and pay off some of his bills.  He found that Spyware Adware program on Clickbank and decided to promote it.  There are many Spyware and Adware programs on Clickbank.  Unlucky for him, he decided to promote that one.  He didn't even make that many sales with it!

Then he gets the lawsuit papers served to him.    He can't even afford to pay his rent and now he has a lawsuit on his hands?!?!

Anyways, I spent just under $100,000 so far this year on Google Adwords advertising alone!  And the year is only half done!  I was really looking forward to the MSN Adcenter and was going to sign up and spend my advertising dollars with them as well.  After the events around this lawsuit, there is no way that I'm going to sign up with MSN Adcenter and give Microsoft any of my Money!  I know of several other Affiliate Marketers that are not even going to bother with MSN after this.

Microsoft, you will lose a whole lot more than you will evern gain with this lawsuit!

Seth has posted more info at his blog:

http://lostsocks.blogits.com/

# Lawsuit settled: Washington Attorney General Rob McKenna v Secure Computer LLC

Monday, December 04, 2006 3:39 PM by Spyware Sucks

Back on 20 April, 2006 I reported on the first successful prosecution under Washington's 2005 Computer