Rogue Anti-Virus Victims Rarely Fight Back 173
krebsonsecurity writes "One big reason why rogue anti-virus continues to make major bucks for scam artists: relatively few victims ever ask their credit card company or bank to reverse the charges for the phony security software — even when the victims don't even receive the worthless software they were promised. I recently found several caches of data for affiliates of a rogue anti-virus distribution program, and the data showed that in one set of attacks only 367 out of more than 2,000 scammed disputed the charge. A second rogue anti-virus campaign scammed more than 1,600 people, and yet fewer than 10 percent fought the charges."
Re:Too busy (Score:4, Insightful)
Actually some claimed that tried but got the run around.
What I would like to see is the CC companies pro actively shut down these people. After one person makes a claim on them it should be easy to check and see who else did and then start reversing charges.
Re:potential reason to not dispute a charge (Score:5, Insightful)
Re:Too busy (Score:2, Insightful)
After one person makes a claim on them it should be easy to check and see who else did and then start reversing charges.
Ah, there's just no way to abuse this!
Re:They Authorised The Charge (Score:3, Insightful)
Who can tell? (Score:5, Insightful)
The article barely touches on the notion of people who didn't realize it was a scam at all. It's obvious to us technical types, but I doubt it's obvious to non-technical people.
Most retail Windows PCs are loaded up with obnoxious adware that nags at every login. I got a brand new PC from Staples last year which had a MacAfee nagger installed in the startup sequence, and while I was eventually able to disable it, it took more than one try and considerably more effort than just one or two clicks. If it was nontrivial for me to banish, I have to believe non-technical users would just give up.
On top of that, anti-virus is pretty low-level, as software goes, so how many non-technical people will even know that it's not doing anything after they pay for it?
Re:potential reason to not dispute a charge (Score:5, Insightful)
Of course, I'd want to change my number. Someone unauthorized clearly has your CC information and can successfully charge money to it. Keeping the same number makes NO FUCKING SENSE. It's like refusing to change your locks after you know that a thief has a copy of your key because last time he broke in he only took $10. HE'LL BE BACK LATER WITH A VAN AND TAKE EVERYTHING IN YOUR FUCKING HOUSE. You're going to end up with some $5000 charge to your card and that's going to be a hell of a lot more difficult to deal with then ten fucking dollars.
Dispute the charge, change your number, and SPEND TEN FUCKING MINUTES UPDATING YOUR AUTO-BILL INFORMATION.
Re:"Buyer Beware" (Score:1, Insightful)
For GOD's sake, accept that your way of using cards is the problem.
Start using what Europe does - the card has a chip and the chip has to be into a POS/ATM for any transaction to occur. Someone just knowing you card number cannot do anything, even if they try to run it via a payment processor. (That is right - the payments over the net go over payment processors, not between the requesting side and the bank). Oh, yes, and start demanding live real-time SMS for any transaction on the cards. Yes I did have this in Europe - some money are taken, blocked, etc.. an SMS will be on my cell in less than 10 seconds telling me exactly when and where and how much money were taken away. Why do the banks in US oppose it - well, they have interest for you to overdraw, have your money stollen, etc.
It is your own, American way of living that is causing the issue.
Re:Why scam? (Score:5, Insightful)
Cause the free antivirus might close the backdoors that the original infection put into place.
Re:Too busy (Score:3, Insightful)
They can't "just" reverse it because the customers' cards weren't stolen, the customers initiated the transaction, and they received the "merchandise"
Apparently you have a shitty credit card provider. If you have a good provider, it works like this:
-You complain about the charge
-CC company takes the charge off your bill
-CC company does the legwork resolving the issue with the merchant
-CC company apologizes to you for your inconvenience
If your credit provider isn't willing to fight for you, why are you doing business with them?
Viagra for cheap... (Score:5, Insightful)
Re:Too busy (Score:1, Insightful)
This is why when there is "free" anything online and it asks for your CC#, the red flag should be raised right there. My guesstimate is that over 90% of those things are only there to introduce people to a recurring randomly named "service" fee. To obtain the "free" whatever, the small print says you're also being enrolled in some associate program. The only service I've seen provided by such things other than providing the "free" whatever is the service of separating people from their money in an unethical and somewhat fraudulent manner via recurring fees. (Although by putting things in small print and obfuscating it by not saying it in plain English, usually they can get away with that B.S. legally in the U.S.)
When you see recurring charges on your credit card bill and you don't know WTF they're for, it's a good idea to do some research and if it's not something you recognize - first try to cancel the services, and then later tell the CC company to deny payments to those companies. In the worst case scenario, you've got to clean every single cookie and bit of cached data that could leak from your browser and then get a new CC number.
The biggest offender with heavy advertising campaigns both on cable TV and via banners at various internet services can be found here:
http://www.ripoffreport.com/Search/Company/AP9-Adaptive-Marketing.aspx
Re:Too busy (Score:3, Insightful)
Not to mention that letting survival of the fittest fleece the fools from their money has a nasty side effect of enriching the bad guys in the process.
If it was really a Stupid "Tax" then it should go into the hands of the government, preferably to invest in cyber education.
Re:potential reason to not dispute a charge (Score:3, Insightful)
Re:I work at a computer repair shop (Score:3, Insightful)
Now, that may not appear good for business, but I think that what's good for the customer is usually good for business in the long run.
Well, when it comes up in conversation that he's had to get his PC fixed several times in the past year until you put a piece of software on to his friends, they'll come to you instead of GeekSquad who will just rinse and repeat the same tactic to get more money out of him.
Getting quick money off of a client is a horrible decision compared to the references they can bring when you do the job right.