According to ethical hacking training experts from the International Institute of Cyber Security (IICS), Office Depot and its software provider, Support.com, had to pay $35M USD to the U.S. Federal Trade Commission (FTC) due to a scam which consisted of sending fake ransomware infection alerts to their customers aiming to make them spend on computer equipment software solutions and repairs.
According to the FTC
report, Office Depot, and its partner company, Office Max, used a program
called PC Health Check Software, advertising it as a free tool to perform PC
security diagnostics and malware detection.
However, the ethical hacking training experts
claim that, instead of conducting malware scanning, this tool sent users a fake
malware infection alert. After reading this alert, users were redirected to the
Office Depot support site, where they were offered solutions for the alleged
ransomware infections with costs of hundreds of dollars.
According to what was reported by the
Commission, Office Depot, Office Max and their software supplier had already
been denounced for using this tool since the year 2012. However, those companies
still kept using it, even encouraging its staff and customers to use it until
the end of the year 2016.
This case must set a precedent, companies must
dimension the consequences of using this kind of deceptive tactics to force
customers to spend more in software they don’t really need”, said a FTC
manager.
Office Depot
agreed to pay $25M USD as a penalty, while Support.com will pay another $10M USD. The FTC will use the fines money
to reimburse the affected customers. The FTC has also banned both companies
from issuing false statements about the status of the security or operation of
any device operated by their customers, mentioned the ethical hacking training
experts.
