Webroot Vice President of threat research Richard Stiennon told the E-Commerce Times the FTC spyware suit was "very, very significant," explaining, "I think it's a good sign of the FTC using the authority they already have. So the FTC is flexing its muscles in the right way."
Think you have to compromise on security to save on costs? Think Again. Trend Micro™ Enterprise Security, powered by the Trend Micro Smart Protection Network™, can lower your content security management costs by up to 40%. Find out just how much you’ll save with our TCO Impact Calculator.
The U.S. Federal Trade Commission took action against spyware this week by asking a U.S. District Court Judge to halt an operation that allegedly plagued users who clicked for free file-sharing software with performance-slowing, private-information-gathering software that also altered search results for victims.
The FTC said Odysseus Marketing and principal Walter Rines lured consumers to its free software, billed with statements such as, "Download Music Without Fear" and "Don't Let the Record Companies Win." Once downloaded, however, the software -- which failed to make file-sharing anonymous -- reformatted search engine results through bogus, lookalike sites; generated pop-up advertisements; captured consumer data; and could not be uninstalled.
Claiming unfair and deceptive practices that violate the FTC Act, the agency sought a halt to the operations of the New Hampshire-based outfit, which was also reportedly connected to a major U.S. spammer who has been dubbed the "Spam King."
Three Strikes for Spyware
The FTC's suit follows other class-action lawsuits against alleged spyware senders, as well as legislation currently being considered by the federal government.
FTC Chair Deborah Platt Majoras testified before the U.S. Senate recently, explaining the key elements of spyware, adware and other malicious software that make it illegal.
"The Commission's spyware law enforcement strategy focuses on three key questions," she said. "First, were consumers aware of the installation of the software on their computers? Second, what harm did the installation of the software cause? Third, how difficult was it for consumers to uninstall the software after it had been installed?"
In the latest filed complaint, the FTC alleges Odysseus acted illegally under all of those criteria, hiding disclosure in an end user licensing agreement, making the software difficult to detect and remove, and further infecting users' machines when they tried a supposed uninstall tool.
Effective Enforcement
Webroot Vice President of threat research Richard Stiennon told the E-Commerce Times the FTC spyware suit was "very, very significant."
"I think it's a good sign of the FTC using the authority they already have," he said. "So the FTC is flexing its muscles in the right way."
Stiennon said that, despite the four spyware bills before the U.S. legislature, there is really no need for additional legislation.
"My opinion is, there are enough laws on the books already to counter both spamming and spyware," Stiennon said. "In terms of enforcement, only the FTC is going after it," he added, referring to exceptions such as New York state attorney genera Eliot Spitzer and others, who have successfully prosecuted malware makers and mailers.
Tackling With Technology
As for keeping up with spyware and other malware from the technical, IT security perspective, Stiennon said companies such as his believe they are doing so.
He explained that Webroot has a team of 40 people, updating anti-spyware definitions from a Web-scanning tool and working on advanced techniques and tools "to really tear into the tricky stuff."
Stiennon said the use of malicious software for spamming and for spyware had gone beyond merging and was actually evolving into more inconspicuous and damaging attacks, such as mass phishing attempts and targeted ID thefts.
"It's all headed to where there's the most money to be had," Stiennon said.
Firms Come Together to Fight Phishing Attacks October 06, 2005
"Keep in mind, a significant number of AOL's customer base are users who may not be very computer-savvy or very security-savvy," StillSecure Chief Strategy Officer Alan Shimel said. "So this is a good move for the customers. Usually when AOL implements a solution of this type it's transparent to the end-user."
Related Stories
Report: Consumers Changing Online Habits Due to Spyware July 07, 2005
So far, the types of Web sites that users are avoiding are mainly peer-to-peer networks and sites about which they know little. To date, core e-commerce appears to be unaffected by the concerns, with consumers confident that well-known sites -- from eBay to Amazon and with many in between -- are spyware free.
Intermix To Pay $7.5 Million To Settle Spyware Case June 16, 2005
New York Attorney General Eliot Spitzer's case against Intermix had been closely watched because it represented the first effort by law enforcement to crack down on spyware and because Intermix was seen as exhibiting much of the same behavior as hosts of other online marketing companies.
First State of Spyware Report Shows Bad Guys Winning May 11, 2005
Frederick Felman, senior vice president of Marketing for Tenebril, said spyware creators are escalating the war between the writers of malicious code and those trying to remove it. Tenebril, a security and privacy solutions company, markets the anti-spyware software SpyCatcher.
FTC Assassinates Spyware Spoofer March 14, 2005
Ken Dunham, director of malicious code research at iDefense, said this FTC bust is probably just the beginning of government crackdowns on Internet fraudsters: "I expect to see additional actions taken by the government and other authorities to try to stop spamming, stop fraud and stop malicious attacks."
Spycatcher Deadly to Spyware - But Watch Out March 05, 2005
When you visit the same Internet havens for secret spyware infections, the spyware you previously removed from your computer easily reinfests your computer. This makes spyware chasing an ever-present maintenance task. Not so with SpyCatcher 3.5. It goes one big step further. It prevents spyware from re-installing.
Related News Alerts
More by Jay Lyman
Open Source Developer Dumps Novell Over Microsoft Deal December 26, 2006
A key open source developer, Jeremy Allison, who cofounded the Samba project, has resigned from Novell in protest over the company's recent agreement to enter a collaborative arrangement with Microsoft. The deal has created an uproar in the open source community because it does not treat all recipients of the GPL equally and thus violates the spirit of the license, critics say.
Financial Firms Tap Microsoft for Linux December 22, 2006
Three major financial institutions are among the first companies to go to Microsoft for Linux services, provided through an agreement the software giant struck with Novell. Although a recent survey showed customer approval of the collaboration, many members of the open source community view Novell's move as sleeping with the devil.
Mozilla Beefs Up Security in Firefox 2.0 December 21, 2006
Mozilla's latest update to its open source Firefox browser includes security measures targeting phishers. Phishing scams that use social engineering techniques to dupe Web surfers into revealing personal financial information have become an effective way for cybercriminals to conduct their nefarious activities on the Internet.
Headline Feeds
Talkback: 
