Symantec accused of using 'scareware' tactics to sell full-version products

[Littlebits]

Summary: Anti-virus maker Symantec is charged in a lawsuit with misleading users into purchasing full versions of its software by peddling ’scareware’ tactics.

Security firm Symantec is being taken to court over claims that the company’s flagship anti-malware and performance software suites mislead consumers into buying full versions of its products.

The suit, which seeks class action status, was brought by Washington state resident James Gross. It was filed in the District Court of San Jose, California on Tuesday on behalf of his lawyers, according to Reuters.

The complaint alleges that misleading ’scare’ tactics are being used by Symantec in its Norton Utilities, PC Tools Registry Mechanic, and PC Tools Performance Toolkit products. The claims also suggest the software range always report harmful errors, privacy risks and other issues that exist, regardless of whether they actually exist.

Many ’scareware’ tactics used by online scammers intercept websites and display within the browser a simulation of an anti-virus scan, that invariably tells the user that the PC they are using is infected.

“The software is falsely informing the consumer that errors are high priority and in addition it is falsely informing the consumer that their overall system health and privacy health is low”, the complaint stated.

“The truth, however, is that the scareware does not actually perform any meaningful evaluation of the user’s computer system, or of the supposed ‘errors’ detected by the software”.

One analyst said that the claims would be difficult to prove. Andy Kellett, senior analyst at Ovum, said speaking to The Inquirer: “It’s a tricky one as there are lots of unknowns, how do you prove Symantec is in the wrong?”, adding: “It’s not something that has been done before”.

The news comes only a week after Symantec confirmed an Indian hacker group hacked a “third-party” and acquired source code relating to an enterprise anti-virus solution the company once offered.

While the lawsuit will likely go Symantec’s way, it is nevertheless been a bad month for the security firm.

A Symantec spokesperson said it was “aware” of the allegations made, but declined to offer additional comment at the time of publication.

Source

 

[Plexx]

Now this is something rather interesting.

Wasn't there another AV vendor that also used similar tactics in the past? It feels like dejavu somehow. I'll try to google it.

 

[Tom172]

Now this is something rather interesting.

Wasn't there another AV vendor that also used similar tactics in the past? It feels like dejavu somehow. I'll try to google it.

Is that VIPRE you're thinking of? Not sure.

The screenshot provided simply shows a false positive from Nortons Intrusion prevention (which is well known for false positives). I'd like to know what are the other false warnings that are being referred to.

 

[Littlebits]

Now this is something rather interesting.

Wasn't there another AV vendor that also used similar tactics in the past? It feels like dejavu somehow. I'll try to google it.

Yes it was BitDefender, McAfee, Auslogics and ZoneAlarm.
All use scareware tactics in the past, Auslogics and ZoneAlarm discontinued using scareware, however BitDefender and McAfee still uses scareware in some of their products.

I don't think VIPRE ever used scareware that I can remember.

Thanks.

 

[Tom172]

Now this is something rather interesting.

Wasn't there another AV vendor that also used similar tactics in the past? It feels like dejavu somehow. I'll try to google it.

Yes it was BitDefender, McAfee, Auslogics and ZoneAlarm.
All use scareware tactics in the past, Auslogics and ZoneAlarm discontinued using scareware, however BitDefender and McAfee still uses scareware in some of their products.

I don't think VIPRE ever used scareware that I can remember.

Thanks.

Apologies, you're correct. It was ZoneAlarm I was thinking of :shy:

 

[Plexx]

Yeah it was BD and ZA. Specially ZA since I remember all hell broke loose in their ZA free version.



VIPRE I don't think it used the tactics although I cant remember.

On a note ain't former kerio and sunbelt kerio and finally sunbelt firewall part of VIPRE now?

Along these years we saw a few good firewalls shutting down such as Sygate for example.

I actually wonder if Sygate would run on Win7. Lets give it a test run in VM.

 

[Dejan]

Hahaha, yeah.

This is why I just use ThreatFire, despite it being kind of annoying too.

 

[Jack]

The complaint alleges that misleading ’scare’ tactics are being used by Symantec in its Norton Utilities, PC Tools Registry Mechanic, and PC Tools Performance Toolkit products. The claims also suggest the software range always report harmful errors, privacy risks and other issues that exist, regardless of whether they actually exist.

I would be curious to see when were this alerts displayed? And what they were saying? I've got a feeling that she saw the alerts when running this maintenance programs or the free checking tools.

The main problem that she will have during this lawsuit is the simple fact that Symantec or better said PC Tools didn't reported false problems..... Junk files,useless registry keys and other crapware like that is present on her computer........ Yes, they aren't dangerous for her computer and it will run just fine even if they aren't removed , and yes they will be present again once she will start using the PC but still the reported 'problems' are there, the developer DIDN'T REPORT FAKE PROBLEMS like in the rogues case.

 

[Jack]

Here are more details :

Lawsuit Claims Symantec "Scareware" Warns Of Fake Threats To Sell Upgrades

[.......]

James Gross, a resident of Washington State, filed what he intends to be a class action lawsuit against Symantec in a Northern District California court Tuesday. Gross claims that Symantec defrauds consumers by running fake scans on their machines, with results designed to bully users into upgrading to a paid version of the company’s software.

“The Scareware does not conduct any actual diagnostic testing on the computer,” the complaint reads.

Instead, Symantec intentionally designed its Scareware to invariably report, in an extremely ominous manner, that harmful errors, privacy risks, and other computer problems exist on the user’s PC, regardless of the real condition of the consumer’s computer. Furthermore, the scareware does not, and cannot, provide the benefits promised by Symantec. Accordingly, consumers duped into purchasing software that does not function as advertised, and in fact, has very little (if any) utility.

In the complaint, Gross goes on to describe his experience of running a Symantec scan with the company’s Registry Mechanic software he found on Symantec’s PCTools.com. After the scan’s results showed his computer contained “high priority” errors and its “system health” was “low,” he paid $29.99 to resolve the problems. Gross says he later hired computer forensics experts who found that Symantec’s scan always produced those disturbing results, and that the errors it found were “not credible threats to a computer’s functionality.”

When I reached out to Symantec, the company responded in a statement that it “does not believe the lawsuit has merit and will vigorously defend the case.”

“The Norton and PC Tools solutions at issue are designed to improve the system performance of our customers’ devices in terms of speed, maintain the health of their machines, and protect our customers’ information,” the statement continues. “The optimization and privacy functions of these solutions fix registry errors, wipe computer usage, and shred deleted items. Some include additional functionality such as recovery tools to restore lost items. Several independent third parties have tested and reviewed these products very favorably, verifying the effectiveness of their functionality.”

Gross’s most extreme claim, that Symantec’s software has no purpose, will no doubt be difficult to defend in court. And when I tested Registry Mechanic on my machine, it didn’t ask me to pay for the full version. Despite finding many so-called “high priority” issues, the software resolved them for free.

Read more ....