Attorney General Rob McKenna said Ron Cook, owner of Messenger Solutions violated Washington's Computer Spyware Act and Consumer Protection Act while marketing programs under the names Messenger Blocker, WinAntiVirus Pro 2007, System Doctor and WinAntiSpyware.
"Our suit alleges that it wasn't enough for Ron Cooke to manipulate consumers into buying his software," McKenna said. "His program maliciously turns victims' computers into spamming machines."
The suit alleges that computers capable of receiving Windows Messenger Service pop-ups, also known as Net Send messages, were vulnerable to the attacks. Windows Messenger Service comes preinstalled with some versions of Windows and should not be confused with the instant-messaging program Windows Live Messenger.
Assistant Attorney General Katherine Tassi, who is overseeing the case, said the High-Tech Unit has seen a trend in deceptive advertising to sell software.
"We've seen individuals and companies inundate consumers with Internet pop-up ads and Net Send services that frequently resemble system alerts," Tassi said. "Their intent is to pressure consumers to buy a product that will supposedly protect a computer from pop-ups, viruses or spyware. Many consumers wind up paying for a program that is essentially worthless or may even leave the computer more vulnerable to malware."
Cooke allegedly uses Windows Messenger Service to initially bombard consumers with a continuous stream of pop-ups advertising porn and sexual-enhancement products.
Next, he uses Windows Messenger Service to send those same consumers another bout of pop-ups intended to simulate system warnings. The warnings claim that the consumer's computer is vulnerable to security attacks and direct the user to a Web site to buy software to supposedly block pop-ups.
"The pop-ups persistently appear anytime the consumer is connected to the Internet," Tassi said. "A consumer could simply be typing a letter using a word-processing program and the pop-ups crop up again and again, sometimes covering the entire computer screen."
Consumers who visit the Web site are offered the opportunity to download Messenger Blocker, a program Cooke sells. In some cases, consumers are offered a free seven-day trial. On other sites, the product is available for $19.95 without the trial.
The complaint alleges that the pop-ups stop during the trial period. But once the trial expires, the consumer's computer is bombarded with additional pop-ups that resemble those sent by Messenger Service but, in fact, are generated by Cooke's software.
The complaint further alleges that the software installed during the trial or purchase causes a consumer's computer to secretly send out more ads to other computers, disables Windows Task Manager and adds a bookmark to the defendant's Web site. The software is difficult, if not impossible, to uninstall.
The Attorney General's Office believes Cooke transmitted the messages and marketed his software from his home and that potentially hundreds of consumers in Washington state received the deceptive pop-up ads. Officials weren't sure how many people outside Washington received the ads or how many consumers actually downloaded software in response to an ad.
"Scammers have been known to bombard a PC with nuisance pop-up adverts, and then follow them up with further messages that resemble system alerts to try and fool the unwary into downloading a 'solution' to fix the problem. You don't even have to be browsing the web to have these nuisance messages appear -- just being connected to the net can be enough," said Graham Cluley, senior technology consultant for Sophos. "Scam software like this gives the real security industry a bad name. Home users and businesses need to have a legitimate solution in place to prevent these kind of underhand practices being used to sell software."
Experts note that this is not the first that time that Windows Messenger has been used to send consumers' anonymous messages that simulated security warnings.
"Several criminal gangs are in the business of persuading people to download software by misrepresenting that it is necessary to protect a computer's security or privacy," explained Cluley. "Internet users need to take great care about which programs they choose to run, and be aware that some 'solutions' may not truly have the best interests of the PC owner in mind."
