Office Depot, OfficeMax, Support.com cough up $35m after charging folks millions in 'fake' malware cleanup fees
Tech support outfits settle out of court after allegations of bogus infection symptoms to extract repair charges
Office Depot and Support.com have coughed up $35m after they were accused of lying to people that their PCs were infected with malware in order to charge them cleanup fees.
On Wednesday, the pair of businesses settled a lawsuit brought against them by the US Federal Trade Commission, which alleged staff at the tech duo falsely claimed software nasties were lingering on customers' computers to make a fast buck.
The lawsuit, filed in southern Florida, claimed the two companies, including Office Depot subsidiary OfficeMax, from 2009 until November 2016 misrepresented the state of consumers' computers by using a sales tool designed to convince people to pay for diagnostic and repair services.
"In numerous instances throughout this time period, Defendants used the PC Health Check Program to report to Office Depot Companies customers that the scan had found or identified 'Malware Symptoms' when it had not done so," the complaint stated. "Additionally, in numerous instances, the PC Health Check Program falsely reported to consumers that the program had found 'infections' on the consumer’s computer. "
According to the watchdog's complaint, the PC Health Check Program was incapable of finding malware. Support.com allegedly programmed the software so that whenever an Office Depot Company employee checked any one of four checkboxes describing a generic concern, like slowness, before the scan started, the scan would automatically report the detection of malware symptoms, and for a time, infections.
But the results, it's alleged, were predetermined. "Despite the statements in the PC Health Check Program’s Detailed Report that the scan 'found infections' or 'found' or 'identified' malware symptoms, the PC Health Check Program’s detection of malware symptoms was entirely dependent on whether any of the Initial Checkbox Statements was checked and not on the actual state of the computer," the FTC court filing explained.
The cost for PC Health Check could exceed $300, the complaint stated. The defendants, according to the FTC, bilked customers out of tens of millions of dollars. To settle the charges, Office Depot has agreed to pay $25m and Support.com will pay $10m. The money will be refunded to affected customers, the FTC says.
The alleged fraud appears to have been first reported in 2016 by Seattle TV station KIRO-TV, tipped off by a whistleblower.
Support.com did not immediately responded to requests for comment.
In a statement emailed to The Register, a spokesperson for Office Depot said, "Office Depot’s settlement with the Federal Trade Commission (FTC) resolves an investigation relating to a computer diagnostic service that was offered to Office Depot and OfficeMax customers prior to December 2016....While Office Depot does not admit to any wrongdoing regarding the FTC’s allegations, the company believes that the settlement is in its best interest in order to avoid protracted litigation."
The FTC claims both companies "have been aware of concerns and complaints about the PC Health Check program since at least 2012" but Office Depot, it's claimed, nonetheless continued to push the service until 2016.
So, no wrongdoing. But $35m in penalties. ®
- AdBlock Plus
- Advanced persistent threat
- Black Hat
- Bug Bounty
- Common Vulnerability Scoring System
- Cybersecurity and Infrastructure Security Agency
- Cybersecurity Information Sharing Act
- Data Breach
- Data Protection
- Data Theft
- Digital certificate
- Federal government of the United States
- Government of the United Kingdom
- Identity Theft
- Insider Trading
- Kenna Security
- Microsoft 365
- Microsoft Office
- Microsoft Teams
- Palo Alto Networks
- Programming Language
- Quantum key distribution
- Remote Access Trojan
- Retro computing
- RSA Conference
- Search Engine
- Software bug
- Software License
- Trusted Platform Module
- Visual Studio
- Visual Studio Code
- Web Browser
- Zero trust