Microsoft Lawsuit Aims to Spook Scareware Scammers

Microsoft has teamed with Washington State Attorney General Rob McKenna to try and stamp out so-called scareware.

The AG and Microsoft have filed lawsuits against James Reed McCreary IV of The Woodlands, Texas. The suit names him as the marketer of an application called “Registry Cleaner XP.” Also included in the suit are McCreary’s two businesses, Branch Software of The Woodlands, Texas, which does business as Registry Cleaner XP, and Alpha Red of Houston.

“Spyware has arguably become the biggest online threat to consumers and businesses since the advent of the Internet. Washington became one of the first states to adopt a law explicitly prohibiting spyware activities and imposing serious penalties on violators,” Janelle Guthrie, a spokesperson with the Attorney General’s office, told the E-Commerce Times.

McCreary and his companies, Guthrie added, are not the principal spyware offenders, but are representative of the tactics the Attorney General’s office is trying to prevent.

McCreary did not respond to requests for comment.

Scaring Up Business

Web surfers using the Windows XP operating system may be familiar with a pop-up message that sometimes appears on the screen and warns that sensors have detected a “Critical error message! — Registry damaged and corrupted.”

Users who click on the pop-up are directed to visit a Web site, which attempts to sell them software that can correct the problem, such as Registry Cleaner XP.

From start to finish, the alert and the corrective software are bogus, according to Microsoft. The Attorney General and Microsoft allege that “scareware” providers send incessant pop-ups resembling legitimate OS warnings to consumers’ computers. The PCs receive the phony messages through Windows Messenger Service, which was designed for use on a network and allows administrators to send notices to users.

Consumers are offered the free scan to check their computers, and without fail, “critical” errors are found, according to Paula Selis, senior counsel and leader of the Attorney General’s Consumer Protection High-Tech Unit. The so-called errors are sometimes enough to convince unwary users to pay US$39.95 to repair the fictitious problems.

“This has to be stopped regardless of the size of the problem. It is just wrong, and hurts both consumers and legitimate software companies,” said Michael Cherry, lead analyst at Directions on Microsoft.

Consumers who fall prey to these online scams and purchase the phony software are at greater risk from malware, especially monitoring programs, Cherry added.

Getting Legal With It

Microsoft has not been shy about filing civil actions under the Washington’s Computer Spyware Act. Since it was enacted in 2005, the software giant has filed 17 civil suits in an effort to curb the proliferation of spyware.

The Redmond-based company has used similar tactics in the past, Cherry told the E-Commerce Times.

“Microsoft has in the past — and I suspect will in the future — work with the appropriate legal and governmental officials to help reduce software piracy, spam and other fraudulent activities. Microsoft sees this as a worthy public service, which it is,” he explained.

Thirteen states now have laws that specifically address spyware, Guthrie explained.

“The need for such legislation is evidenced by staggering statistics, including industry reports that estimate spyware and other unwanted software reside on up to 80 percent of consumers’ computers. One study by software providers found an average of 25 spyware, adware or other potentially unwanted programs per PC,” she said.

For Microsoft, the spyware battle is personal and financial. Some 50 percent of its customer support calls related to computer crashes can be blamed on spyware, the company said.