Major repair operator fined $35m for always reporting malware regardless of computer condition

News by Doug Olenick

Dodgy scam computer fix calls from backstreet con-artists are nothing new - but now a major US repair service is fined $millions for always reporting malware, regardless of the computer's true condition

In the US Office Depot and will pay US$35 million (£27 million) to settle a legal action brought by the US Federal Trade Commission (FTC) that alleged the two companies tricked customers into buying repair and technical services by saying malware was found on their computer.

Office Depot is responsible for paying US$ 25 million (£19 million) and US$ 10 million (£7.5 million) to settle allegations that both companies violated the FTC Act’s prohibition against deceptive practices. The money will be repaid to the affected consumers. Neither company had to either admit or deny the allegations

The FTC alleged in its complaint the two companies, plus OfficeMax after it merged with Office Depot in 2013, ran an almost decade-long scam that used a rigged PC utility tool to fool computer owners into believing the device was infected with malware. sold tech services in Office Depot stores and used a utility software called PC Health Check to determine whether a computer had malicious software.

However, the FTC said the software would always return a positive report for malware, regardless of the computer’s true condition, if the customer answered yes to a question on a four-item questionnaire. The victims were asked if their computer ran slow, received virus warnings, crashed often, or displayed pop-up ads or other problems that prevented the user from browsing the Internet.

"The complaint alleges that Office Depot and configured the PC Health Check Program to report that the scan found malware symptoms or infections whenever consumers answered yes to at least one of these four questions, despite the fact that the scan had no connection to the "malware symptoms" results," the FTC wrote.

Store employees and managers were also pushed to make sales off the program, which allegedly helped made tens of millions from customers.

The FTC also noted a whistleblower at OfficeMax reported the scam to supervisors in 2012, which meant management was aware of the situation for many years.

PC Health Check was removed from service in late 2016.

In addition to the payment both companies agreed not to use deceptive practices in their businesses and Office Depot must ensure any third-party vendor it contracts with does not use illegal tactics to attract customers.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop