The Federal Trade Commission has suspended the majority of a judgment levied against two defendants accused of selling bogus security software to up to 1 million consumers.
James Reno and his Web hosting company, ByteHosting Internet Service of Ohio, now have to forfeit $116,697, just a fraction of the $1.9 million the judgment had originally required Reno and the company to pay. The settlement must still be approved by a court, the FTC said.
The rest of the penalty was suspended because the defendants wouldn't be able to pay it all, the agency said. However, if it is found that Reno and the company misrepresented their assets, they will have to pay the full amount.
More than $100,000 in assets were frozen after a federal court issued a temporary restraining order in December following the FTC complaint. Among other conditions, the court ordered six people and two companies to stop advertising so-called "scareware" security programs under the names WinFixer, WinAntivirus, DriveCleaner, ErrorSafe and XP Antivirus.
The applications are sold via deceptive pop-up ads that falsely alert people that their PCs have security problems, badgering them with warnings until they buy the software, which can cost around $40.
The FTC complaint asked hosting providers to prevent people from accessing the Web sites that host the programs. The FTC asked the court to force the defendants to forfeit money from the scam and compensate consumers.
Security experts have said that scareware programs have been a persistent nuisance and have proved to be highly profitable for scammers.
More than two years ago, attorney Joseph Bochner did an extensive investigation into Winfixer. During his research, Bochner said he stumbled across an unsecured, multigigabyte database on the Internet that contained names, addresses, credit-card numbers and transaction amounts for sales of Winfixer. On one day alone -- Jan. 20, 2006 -- the data showed 2,351 sales to users worldwide, with an average transaction amount of $40.
The FTC said the settlement with Reno and his company will not affect other defendants charged in the case. The FTC's complaint from December also named Daniel Sundin, Sam Jain, Marc D'Souza, Kristy Ross and Maurice D'Souza, as well as one other company, Innovative Marketing.
Reno, along with other co-defendants and ByteHosting, was sued by security vendor Symantec Corp. in 2004 for allegedly creating pop-up ads that told consumers their Symantec software was about to expire.
The ads then directed users to fake software that looked similar to Symantec products. Reno and Symantec reached a confidential settlement in December 2004.