The press buzzed with stories about spyware scams in late 2004 and 2005, and the Federal Trade Commission was concerned that disreputable companies might take advantage of consumers and dupe them into buying ineffective anti-spyware programs. Stroz Friedberg was retained to assist the FTC in this area to provide objective, technical testing of the subject software. In two separate federal court cases, Stroz Friedberg analyzed the software code and functions of purported “anti-spyware” programs called SpyKiller and Spyware Assassin. In both cases, Stroz Friedberg provided expert reports that were instrumental in helping the government obtain significant monetary judgments and injunctions against the defendants.
SpyKiller and Spyware Assassin used pop-up ads to warn consumers about spyware files on their computers and to entice consumers to download free scanning software. Then, for a fee, sellers offered fuller versions of their programs that could purportedly clean and protect personal computers from newly found spyware. Stroz Friedberg created forensically clean machines, downloaded various versions of the software programs and known spyware files, and tested the functionality of SpyKiller and Spyware Assassin. Stroz Friedberg found that the programs claimed to detect spyware even when it didn’t exist and that the programs used primitive and ineffective scanning techniques. Examiners also found that the software misidentified some benign files as “spyware” and failed to remove all the necessary components of real spyware or pernicious adware, causing examiners’ test screens to repopulate with annoying purple monkeys.
Stroz Friedberg submitted expert reports on both “anti-spyware” programs. These reports were used effectively by government attorneys to obtain emergency temporary restraining orders against both SpyKiller and Spyware Assassin. The companies who marketed these programs eventually settled in federal court and agreed to disgorge nearly $2 million in ill-gotten gains. The companies are permanently banned from selling any anti-spyware products or services in the future.