G Data warns of subscription trap in Microsoft design!

Scamsters are selling free software in a 3-year service subscription

Bochum, 15. January 2010

The experts at G Data Security Labs are currently warning of a large subscription trap campaign, which is designed to separate naive users from their money. The criminals' scam is to offer Microsoft's free antivirus software for download from the website www.security-essentials.info. The website is strongly based on Microsoft's Corporate Design and at first glance it is difficult to identify it as a counterfeit site. If a user is taken in by the camouflage and registers, then he has fallen into the trap and signed up for a three-year subscription at €35.94. G Data advises the victims of subscription traps not to make the payments and if the credit card has been successfully used, to block it immediately in order to prevent further misuse.

"If money is requested for free software, then the alarm bells should start to ring. This case confirms the golden rule which is, "Wherever possible always download software directly from the home page of the provider or from trustworthy portals of PC magazines," as advised by Ralf Benzmüller, the manager of G Data Security Labs.

The hustlers' scam
The home page of the self-proclaimed software distributor offers, alongside MSE, other popular, free software products. In the site FAQs, an explanation is given to the user about where the costs for the actually free software arise from. The costs are based on the availability of the software and the "around the clock" customer service provided for the duration of the subscription. However it is doubtful that all visitors to the website read these FAQs.

Screenshot: An extract from the FAQs of www.security-essentials.info

By clicking on "Download now", the user is transferred to a login form of FreeDownloadZone.com, where personal data and credit card data are requested. Once the data are entered, then the user has fallen into the subscription trap and is contractually obliged to pay € 19.50 for a 1 year subscription or even € 35.94 for a 3 year subscription and further costs are also likely as the page also contains small instructions with additional costs, which have already been automatically selected with confirmation ticks. Hence € 35.94 quickly becomes € 81.58 if these checkboxes are overseen.

Screenshot: The final payment page with a statement of the overall price

Internet subscription traps are no new phenomenon, however this current attack is, thanks to the authentically operating web address, particularly devious. Unobservant users could quickly find themselves in difficulty.

This web address is not the only one which makes use of this scam. Similar tricks are used to place other freeware products at the service of the scamsters. Amongst these are Open Office, Firefox, music downloads, iTunes, graphics programs (Gimp, Quicktime), peer-to-peer clients (LimeWire, eDonkey), torrents (BitTorrent) and now even free virus-protection programs.

Anonymous, but apparently caring scamsters
The identity of the website operator remains secret. Clear legal conditions are not present and WHOIS queries for the participating services lead to an anonymisation service in the Netherlands and further cover-ups. Apart from the cunningly selected web address, the "Advice" from the scamster at the bottom of the page, demonstrates a new quality in deceptive scams:

Screenshot: Well intentioned advice from the scamster

Put in plain English, this means they are taking money out of the pockets of inexperienced computer users. This clause should save the scamsters from legal consequences.

What happens, if I have fallen into the trap?

Firstly you should remain calm and not rush into anything. You do not have to pay the money, if your have fallen victim to a subscription trap! Also, do not go crazy worrying about debt collection threats or entries in credit reference agencies.

"If a supplier advertises using the words "for free", "no costs" and "no download fees" then a consumer should be able to rely on these terms. Hidden prices in the small print are not permitted," explains Nico Reiner, lawyer at the Institute for Legal Informatics at the Leibniz University Hanover. "The industry is based on consumer anxiety." It is important to remain calm. The "last demand" in the case of a subscription trap, is not a serious, threat, rather an indication that the demands are about to cease," explains Reiner.

Contact your credit card provider
If you have entered your credit card data on this or another similar form with deceitful intentions, then contact your credit card provider as soon as possible to have your credit card stopped. Only by doing so can you protect yourself against further misuse of your card data and with it possible financial damage.

Further information and help about the topic of subscription traps can be found on the web pages of the German vzbv (Verbraucherzentrale Bundesverband): www.vzbv.de/go/

<- Back to: News