If you’ve seen our previous coverage of spyware, you already know how untrustworthy the purveyors of this nefarious software can be — and how much of a danger malicious programs can pose to your PC. But waking up to the threats and resolving to protect yourself against them isn’t enough. You still have to keep your guard up, because even when it comes to anti-spyware software, there are companies that will try to take advantage of you. All over the Web you can find phony and ineffective anti-spyware products, suspect anti-spyware review sites, and misleading advertisements — including ads for suspect products that show up on sites you might otherwise trust.
Forewarned is forearmed, so let’s take a closer look at just how bad the situation is and how you can avoid being duped.
Phony and Ineffectual Anti-Spyware Software
If you fear your system has been infested by spyware or you want to ward off future infections, you’re likely to invest in an anti-spyware package for your PC. But if you’re not careful about how you make your choice, you could easily be misled into picking a product that provides no real benefit and gives you a false sense of security. Or, more horrifically, you could make a bad situation even worse by using a bogus anti-spyware product that installs adware or spyware of its own.
Even the first case is unsettling. Surely you don’t want to shell out money in the hopes of cleansing your system of spyware, only to find that the software you purchased is ineffective and doesn’t deliver on its promise to clean up your system. Bogus anti-spyware programs may detect and remove only limited variants of spyware, or insignificant threats such as tracking cookies, leaving more difficult problems unfixed. They may mislead you with false positives that make the problem seem worse than it really is, and ignore the real problems. Since many adware packages actually download more adware over time, an unresolved infestation can cause ever-increasing harm to your computer. Incompetent repairs may even leave your computer in a more unstable or unworkable state than it was before the supposed fix. And because most consumers are not in a position to judge the effectiveness of a product, these anti-spyware products can claim victory even when they’ve done virtually no valuable work.
Now, we’ll be the first to admit that programs that try to identify and disable malicious software face a daunting task. Adware and spyware change their forms regularly, making it difficult to detect them reliably. Adware vendors have become so clever that even the best anti-spyware packages may be unable to clean heavily infected systems — and these are companies that devote significant resources and ongoing efforts to solving the problems. So a certain amount of imperfection is to be expected in any anti-spyware product today. But the difficulty of the problem isn’t an excuse for providing a solution that doesn’t make a bona-fide effort.
And plenty of software out there doesn’t. One anti-spyware product, SpywareAssasin, has proved so ineffectual that it’s the subject of a United States Federal Trade Commission (FTC) action. We can only hope this is the first of many such cases that will help protect consumers’ interests.
Paying for a “solution” that leaves scads of spyware on your computer is bad enough, but the truly horrifying scenario to consider is paying for anti-spyware software that actually places new adware or spyware infestations on your computer. That’s like buying an alleged insecticide only to discover that it actually attracts further pests. Unfortunately, as informative sites like spywarewarrior.com illustrate, some anti-spyware tools do indeed include adware, parasites, browser hijackers, and other forms of the very kinds of software they claim to remove.
Questionable Anti-Spyware Reviews
Another way you can be fooled about the effectiveness of anti-spyware products is through bogus review sites — sites that claim to provide objective, independent analysis of anti-spyware products but that don’t give you an accurate picture of their capabilities.
The worst of these sites are little more than cleverly-disguised shills for unscrupulous anti-spyware vendors. More borderline sites may include authoritative-sounding judgments and opinions that in fact are based on laughably poor testing techniques — whether bad judgments in these cases derive from ignorance malice, we can’t say for sure. But the bottom line is that you can’t simply trust what you read, even from an allegedly independent source. We suspect that many of these sites rig the winner without disclosing their incentives or conflicts of interest. It’s sort of a “one-two punch” where disreputable companies employ two techniques in tandem to gain your trust – first a high-level Google placement followed by a seemingly objective review.
In fact, if we look at our Google results below, we see one there: the “Which Spyware Remover?” link leading to the SpywareRemoversReview.com site. Go to the site, and all five of the products in this supposedly independent review are suspect.
Beware of Ads — No Matter Where They Appear
Never trust sponsored links when doing spyware research in Google and Yahoo.
The ways that vendors use advertisements can be particularly confusing, too. Many totally legitimate Web sites contain a variety of paid advertisements — but you have be aware that those advertisements often don’t reflect the views of the company behind the Web site. For example, if you use a popular search engine like Google or Yahoo!, in addition to search results, you’ll see a number of “sponsored links” that vendors have paid for on the right. It’s crucial to remember that these are paid advertisements, and do not imply any endorsement by the search-engine operator.
The vendors advertising here may not be scrupulous; in fact, in the accompanying screen shot, we found five of the sponsored links led to questionable results. In our opinion, many of these companies are capitalizing both on the volume and the reputation of sites like Yahoo! and Google to mislead consumers who may believe that high placement in Google or Yahoo search results implies some level of credibility.
The situation gets even more complicated when you visit sites scattered around the Web. Many sites use a service like Google’s AdSense to embed advertisements in their pages. If you look at the right side of many PC Pitstop pages, for example, you’ll see a bar of ads titled “Ads by Goooooogle”. The ads that appear here are supplied by a third party and aren’t under control of the site’s operator. This can lead to serious confusion — you could be browsing a totally legitimate site and end up seeing an ad for a product that the site’s operator would never endorse, simply because the vendor
has paid a third party like Google to appear on pages that cover a particular topic. Site operators have few ways to control what appears in these ad bars — so once again, it’s up to you as a consumer to be alert to the danger. (For more information on this problem, see “Google’s Dirty Little Secret” in Rob Cheng’s Pit BLOG column.)
Other Sleazy Ads and Tactics
This looks rather authentic, but is really a phony ad to a less than ethical antispyware company.
You can also find many bogus companies using sleazy banner advertisements. Any advertisement that seems to over promise should be ignored; remember the adage “if it seems too good to be true, it probably is”. Many of these advertisements go so far as to pretend to scan your computer and detect spyware. They use animated graphics that show a progress bar and then display results — which aren’t real, but are just a simulation of how the software might work. To the uninitiated consumer, though, such visuals could look convincing. And conveniently enough, they provide links to purchase a tool that can allegedly help fix the problem.
These ads aren’t exclusive to the Web. They can show up in your e-mail inbox, too. Take a look at some of the ads we’ve received lately (see Screen 2 and Screen 3). Note how they include what appear to be dialog boxes for a running program, but are actually just images embedded in the e-mail message.
Another misleading tactic employed by bogus anti-spyware vendors is the use of names that sound similar to well-known and trusted brand names. For example, be careful not to confuse the suspect products Adware Agent or Adware Filter with the legitimate product Ad-aware. To complicate matters further, new fake products and new aliases pop up all the time.
Who Can You Trust?
Here’s another cleverly masked anti spwyare scam sent via email.
We’ve just said that you can’t necessarily trust advertisements, search engine results, and “independent” reviews sites. What does that leave you with for advice? Really, it boils down to the information provided by a handful of reputable sites. Turn to trusted publishers like PC Magazine, PC World, CNet, PC Pitstop, Spyware Warrior and others. Note that sites like these may well have relationships with anti-spyware vendors based on advertising or referral fees, but they still make honest efforts to provide accurate information. In the interest of disclosure, we should point out the PC Pitstop itself receives fees for linking to PC Tools’ Spyware Doctor and Pest Patrol, which of course are reputable and functional products, not bogus anti-spyware software of the type we’ve been cautioning against.
Also, before you buy a product, type its name into a search engine and search for other consumers’ comments on and experiences with the product. While there’s no guarantee that you’ll get a complete or accurate picture, this simple step can at least bring forward any obvious red flags.
One more thing. The best way to deal with spyware is to avoid it in the first place — so please do read our “Safe Surfing” article or purchase our Safe Surfing DVD to learn the behaviors that can prevent future infections.
Spyware is now an entrenched reality on the Internet. But if you keep in mind how anti-spyware pushers try to mislead you with ineffective products, bogus “review” sites, and misleading advertising that can appear on sites you trust, you can make smarter decisions to prevent and remove it.
Robert P. Lipschutz is president of Thing 7 and the father of three children.
John Clyman is president of technology consulting firm Narrative Logic, LLC, and a leading expert on anti-spyware software.
