Hooray!! Scareware Frauds Indicted By Feds!

Reply Tue 1 Jun, 2010 10:58 am
About damned time!


Ohio Man and Two Foreign Residents Indicted in Alleged Ukraine-Based 'Scareware' Fraud Scheme

Caused $100 Million in Losses to Internet Victims Worldwide

CHICAGO, May 27 /PRNewswire-USNewswire/ -- An international cybercrime scheme caused Internet users in more than 60 countries to purchase more than one million bogus software products, causing victims to lose more than $100 million, according to a federal indictment returned here against a Cincinnati area man and two other men believed to be living abroad. The charges allege that the defendants, through fake advertisements placed on various legitimate companies' websites, deceived Internet users into falsely believing that their computers were infected with "malware" or had other critical errors to induce them to purchase "scareware" software products that had limited or no ability to remedy the purported, but nonexistent, defects. The alleged scheme is widely regarded as one of the fastest-growing and most prevalent types of Internet fraud.


Sundin and Jain were each charged with 24 counts of wire fraud, and Reno with 12 counts of wire fraud, and all three were charged with one count each of conspiracy to commit computer fraud and computer fraud in a 26-count indictment returned yesterday by a federal grand jury in Chicago. The indictment also seeks forfeiture of approximately $100 million and any and all funds held in a bank account in Kiev.


According to the indictment, after causing a series of false error messages, Sundin, Jain and others caused Internet users worldwide, including throughout the United States, Sweden and Ukraine, to purchase software products bearing such names as "DriveCleaner" and "ErrorSafe," ranging in price from approximately $30 to $70, which they falsely represented would rid the victims' computers of purported defects, but actually did little or nothing to improve or repair computer performance, resulting in financial losses exceeding $100 million.

Sundin, Jain and others allegedly created at least seven fictitious advertising agencies that contacted multiple victim companies purporting to act as advertising brokers on behalf of known legitimate entities that wanted to place internet ads on the unnamed victim companies' websites, when in fact the ads were unauthorized. The victim companies allegedly were defrauded of at least $85,000 in unpaid fees promised by the fictitious ad agencies.

Unknown to the victim companies, the Internet ads that were placed on their websites by these fictitious agencies contained hidden computer code that "hijacked" the Internet browsers of individual victims, redirecting their computers without their consent to websites controlled by Sundin, Jain and others, the indictment alleges. The individual victims were then prompted with a series of error messages claiming that the user's computer was experiencing a critical error and the victim needed to purchase an IM-distributed software product to remedy the problem.


After the defendants caused a victim to be directed to an IM scareware website they controlled, the indictment alleges that the following events typically occurred:

* the IM scareware site appeared not to be a website at all, but rather a warning message from the computer user's operating system, falsely informing the user of an error and prompting the user to click on a box to address the purported error. Further error message prompts occurred regardless of whether the user clicked the box agreeing to or declining to proceed or attempted to close the error message window;
* the IM scareware displayed an animated graphic image that gave the fake appearance that the computer was being scanned for various errors or viruses. Bogus results falsely showed that critical errors were detected by the fake scan; and
* the IM scareware website then prompted the victim user to download a free trial version of an IM product, falsely promising that the software could repair the nonexistent critical errors.

As a result of the browser hijacking, multiple fraudulent scans, and false error messages the defendants and others allegedly deceived victims into purchasing the full paid versions of IM software products, such as "Malware Alarm," "Antivirus 2008" and "VirusRemover 2008." At times, the defendants defrauded victims into purchasing multiple products through a deceptive order screen that kept hidden certain pre-checked option boxes which, when checked, increased the total number of products being purchased, the indictment alleges.


Individuals who believe they are victims and want to receive information about the criminal prosecution may call a toll-free hotline, 866-364-2621, ext. 1, for periodic updates.

The government is being represented by Assistant U.S. Attorneys Michael Ferrara and William Ridgway.
  • Topic Stats
  • Top Replies
  • Link to this Topic
Type: Discussion • Score: 3 • Views: 1,634 • Replies: 5
No top replies

Reply Tue 1 Jun, 2010 12:56 pm
I have no love for these guys or for this type of scam-marketing, but what ever happened to Caveat Emptor ("let the buyer beware")?
Reply Tue 1 Jun, 2010 02:05 pm
I've seen their browser traps. For anyone who is a casual computer user, they look very ominous and authentic. They're set up like the old persistent porn sites used to be where it just doesn't let you leave the trap and continually returns to the page. The only way to leave it is to do a forced shutdown using the task manager.

I'm not a casual computer user, in fact, I used to do help desk tech support and system admin work back in the early days of the internet. The first couple of times my browser was hijacked by the ads, I quickly shutdown my PC and went through the whole drawn out procedure for removing trojans, etc.

Once the internet community had enough history with it to know they were harmless, we learned to just force a shutdown and ignore the warnings in the ads.
Reply Tue 1 Jun, 2010 02:28 pm
They're certainly annoying. No argument there.
Reply Tue 1 Jun, 2010 03:17 pm
I tend to laugh and then shut down the sandbox I had my browser running in.

Anyone who wish to greatly increase their browsing security should download and run a program call Sandboxie.

Nothing can get out of the sandbox to effect your computer system.
0 Replies
Reply Thu 3 Jun, 2010 10:54 am
rosborne979 wrote:
I have no love for these guys or for this type of scam-marketing, but what ever happened to Caveat Emptor ("let the buyer beware")?
That does not justify fraud.
0 Replies

Related Topics

YouTube Is Doomed - Discussion by Shapeless
So I just joined Facebook.... - Discussion by DrewDad
Internet disinformation overload - Discussion by rosborne979
Participatory Democracy Online - Discussion by wandeljw
OpenDNS and net neutrality - Question by Butrflynet
Internet Explorer 8? - Question by Pitter
  1. Forums
  2. » Hooray!! Scareware Frauds Indicted By Feds!
Copyright © 2023 MadLab, LLC :: Terms of Service :: Privacy Policy :: Page generated in 0.04 seconds on 11/29/2023 at 05:46:34