[Reading Time - 2 minutes 32 seconds]
Let's face it: most computer users are stumped when it comes to security (and, with the rapid increase of new attacks that occur on a daily basis, many security professionals find it hard to keep up, too). So, if a user suspects that their computer may be infected with malware, where do they turn? Many users head for a local computer or electronics store for help. That seems like a reasonable place to have your computer checked out and, if necessary, cleaned up.
Well, think again.
On Wednesday (Mar 27 2019) the Federal Trade Commission (FTC) charged Office Depot and a partner company, Support.com, with tricking customers into buying unneeded technical services. Many of these services were advertised as identifying and fixing a computer that had some type of malware infection. In some instances, customers were charged up to $300.
While that is bad enough, how and why they did it shows just how low they stooped.
First, the how.
A customer would go to a local Office Depot store with their computer that they suspected something was not right. The Office Depot "tech experts" would install and run the software "PC Health Check" on the computer. Although the customers were told the "value" of the scans were $20-$60, the tech experts would run the scan for free just to help out this poor customer. The first screen asked four questions and the customer was asked to check all that apply:
But here's the kicker: PC Health Check was configured to tell consumers their computers were infected regardless of what any scan showed. If a customer checked any of the boxes of the questions, then the software would automatically--and falsely--claim that "malware symptoms" or "infections" on their computer had been uncovered.
The PC Health Check software also displayed a "view recommendation" button with a detailed description of the services that customers needed to then purchase in order to fix the problems. But the services did absolutely nothing (some later versions of the software did some limited optimizations like removing junk files and reconfiguring certain settings). And of course, the services cost hundreds of dollars to fix non-existent problems. One Seattle TV station that was investigating this scam back in 2016 brought a brand-new just-out-of-the-box computer that had never been used--and PC Health Check said it needed work!
And why did Office Depot do this?
You guessed it: money.
The Office Depot corporate office instructed its store employees to convert half or more of all PC Health Check runs into tech-support service sales. Employees who pushed the scans got "positive performance reviews" and "extra commissions" if they "met their weekly PC Health Check runs and tech-support service sales goals. Store managers and store employees who continually failed to meet these company-wide targets were reprimanded and were said to be "underperforming." In the words of the FTC, Office Depot "instructed its stores collectively to raise millions of dollars in profit by increasing the number of PC Health Check services performed and the rate of converting the PC Health Check services into tech-service sales."
The FTC announced that Office Depot and Support.com have agreed to pay a total of $35 million in settlements. The FTC said it intends to use the money to provide refunds to customers. However, neither company admitted or denied the FTC's allegations (but they're going to pay up anyway).
What an awful security scan scam. So, think twice about taking your computer in for a "free" checkup.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.