IDG News Service - The $10 Webcam that Anna Giesman bought her daughter at Office Depot over the Thanksgiving weekend sounds like one of those deals that's too good to be true. And for her, it was.
A week later, she's worried and upset because a CD that came with the camera contained a Web link that apparently infected her PC with fake antivirus software.
Her story shows how easily malware can get onto the computers of unsuspecting consumers in an era when cyber-criminals are becoming expert at hacking legitimate Web sites to prey on their visitors.
Giesman bought the camera in order to give her daughter a way to chat over the Internet with a friend who had just moved to Germany. When she put the CD that came with the Markvision Magnetic Webcam into her PC, a menu popped up offering her drivers as well as a link to Markvision's site. Wanting to learn more about the product, she clicked on the Web link, but she immediately knew something was wrong.
The Web page was blank, and her PC immediately popped up a window telling her she needed to upgrade her Windows software. When she clicked on the red "X" to dismiss the window, another popped up that made it look like her computer was being scanned. That scan was blocked by her McAfee antivirus program, but Giesman was still worried.
Panicked, she shut down the computer and called Office Depot. Their support technicians told her to try a free antivirus program -- Avast -- which then identified rogue antivirus files on her computer.
That didn't sit well with Giesman, a Web designer based in Olympia, Washington. "I was really ticked," she said. "My life is on this computer."
Rogue antivirus software typically generates pop-up warnings, telling the victim there's a security problem and pestering them to get it fixed until they hand over their credit card numbers.
Once installed on the PC, it can be used to download malicious programs such as keyloggers, making it a serious security concern, according to Roger Thompson, chief research officer with antivirus vendor AVG Technologies. "The number-one thing that we see every day is rogue antivirus," he said. "I think there are a lot of people making money out of it."
Though the Webcam was billed as a "door crasher" promotion at some Office Depot locations, the company said only a small number of customers were affected. "It was our vendor that actually initially had let us know -- so they must have heard directly from their own customers," an Office Depot spokeswoman said via e-mail.
Markvision "has temporarily shut down their Web site in order to protect customers from being exposed to the virus," the spokeswoman said. "We have been advised that they will bring the [site] online once their internal testing confirms that the virus has been removed."
Customers who bought the Markvision Webcam don't need to install the company's CD in order to use the product, she added.
Markvision's Web site, at www.Markvision.cc, was online Thursday, but many parts of it had been taken offline. Earlier this week, Google's search engine flagged the site as potentially harmful, saying it had spotted suspicious content there on Nov. 27 and linked the site to Trojan horse and back-door malware infections over the previous three months. Markvision did not respond to messages seeking comment for this story.
Malware has a way of slithering onto consumer desktops during the holiday season. Two years ago, Best Buy was forced to pull its house-branded Insignia digital picture frames after discovering that they contained a virus.
Though there's little a big retailer like Office Depot can do when one of its partners gets hacked, Giesman said her trust has been shaken. "I did not expect Office Depot to sell me something that would send me somewhere like this."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Privacy White Papers | Webcasts