|Beware of Software Knockoffs and Scumware|
By Ira Wilsker
http://www.safer-networking.org (safer hyphen networking dot org) the REAL Spybot
http://www.spywarewarrior.com/rogue_anti-spyware.htm (list of knockoff spyware)
http://www.spywarewarrior.com/family_resemblances.htm (knockoff comparisons; see item #13)
http://www.ftc.gov/opa/2005/06/trustsoft.htm (FTC prosecution of Spybot website knockoff with ?dot com? address)
Recently the Examiner published my column ?Spybot: Useful free utilities plus spyware protection?. The information in the column and the websites listed in the box ?This Week?s Websites? were correct. Unfortunately many computer users, including some readers of that column, fell victim to a type of software referred by some pundits as ?scumware?. In this context, scumware is websites with almost, but not quite identical internet addresses, that tricks the visitors into downloading knockoff software, often charging a price greater than the real software. This knockoff software is either an unauthorized copy of the original software, or bogus software of dubious value that typically does not offer the quality and features of the original, and may also harbor its own viruses or spyware. Sadly, many innocent users of this scumware get into deep trouble because of the false impression that the knockoff software is providing the protection of the real McCoy, but in reality leaves the computer vulnerable to attack.
Two readers of my column separately emailed me in the days following the publication of my Spybot column questioning how I could say that Spybot Search & Destroy was free when they were charged either $19.99 or $29.99 to download it. One of the readers sent me the link he used to download the bogus software, and it was mostly correct, except it left out the ?hyphen? in the real address, which is www.safer-networking.org (safer hyphen networking dot org is the genuine address). On my home computer, I went to the address that he used (without the hyphen), and my Trend Micro Internet Security Suite 2007 blocked access to the site, both by displaying a webpage stating that it was a known bogus website and also displaying a popup warning that the knockoff website was dangerous. With informed consent, I used someone else?s computer and went to the knockoff website without the hyphen. Several bogus anti-spyware programs were listed, many with names that were slight variations of legitimate program names, including ?Spyware Search & Destroy?, a clear knockoff of the authentic ?Spybot Search & Destroy?.
Recent statistics have documented that spyware is a greater threat to computing safety and security than viruses. While there are many totally legitimate anti-spyware products available to the computer user, there are at least as many bogus knockoffs that unethically, and in some cases illegally, snare the innocent user into purchasing and installing a potentially dangerous product. One of several websites that tracks the bogus software is Spyware Warrior (www.spywarewarrior.com). One section on the Spyware Warrior website is ?Rogue/Suspect Anti-Spyware & Websites?. This section documents the many rogue antivirus and anti-spyware software products (over 200) that capitalize on the name, work, and appearance of the legitimate products. The legitimate Spybot is one of the products most widely targeted by the illicit purveyors of scumware. Other reputable products similarly purloined are Microsoft?s Defender (formerly called Microsoft AntiSpyware) and Lavasoft?s Ad Aware.
While most of the illicit software continues to be deceptively sold and downloaded without much oversight, some sellers of scumware have been targeted by federal or state consumer protection agencies. In one well publicized investigation by the Federal Trade Commission (FTC), one of the websites using a variation of the real Spybot website and address, except the bogus site is a ?dot com? rather than the authentic ?dot org?, was actively prosecuted by the FTC for ?aggressive, deceptive advertising? (www.ftc.gov/opa/2005/06/trustsoft.htm). The original Spybot is free software, while the knockoff software charged for the download.
Some of the knockoff software is blatantly counterfeit using the program code and malware databases of the authentic software, but changing only the name on the software. One such program that is a copy of Spybot, according to Spyware Warrior, is ?Terminexor?. This rogue program is identical to the real Spybot, but is not free. Spyware Warrior states, ?Terminexor is the most brazen rip-off of a legitimate anti-spyware program that we know of. Most who have pilfered material from Patrick Kolla (the author of Spybot Search & Destroy) have chosen to lift only the definitions database (which is bad enough). Terminexor, however, swiped the whole program, replacing every reference to "Spybot Search & Destroy" with "Terminexor," including copyright notices. More recent versions of Spybot S&D detect Terminexor and offer to remove it.? (look at item # 13 at www.spywarewarrior.com/family_resemblances.htm). When I attempted to go to the Terminexor website to gather information, my Trend Micro again blocked access to the website warning that it was a dangerous website which promotes spyware. Some sources (www.2-spyware.com/review-terminexor.html) indicate that Terminexor is no longer available, but when it was available it was not just an illicit clone of Spybot, but it also infected the computer with its own spyware and malware.
If any lesson can be learned, it should be that if something does not seem quite right on a website, then do not download questionable software from that site. Success breeds imitators, and many of the imitators may be harmful and dangerous.
LISTEN to my "My Computer Show" on NEWS TALK AM560 KLVI
NOW STREAMING ON THE NET, Saturdays, 1-3pm Central Time, KLVI.COM
READ my weekly computer and technology column in the EXAMINER
http://www.theexaminer.com Click on Page Guide - Personal Technology
Copyright © 1999 - 2012