WASHINGTON (AP) — A software program developed to track the locations of rented computers secretly collected confidential and personal information about consumers, including medical records, bank statements and even web cam pictures of couples engaged in sex, the Federal Trade Commission said in a settlement that bars eight companies from any further cyber spying.
The case involved seven rental companies and a firm called DesignerWare LLC of North East, Pa., which licensed its PC Rental Agent software to stores so they could shut off and recover computers that hadn't been returned in time or had been stolen.
But the software could do much more than that, the commission said. When an add-on program known as Detective Mode was activated, the software could capture computer screen shots, furtively take photos using the computer's webcam, log key strokes and trick consumers into providing personal contact information, the FTC said.
Detective Mode could gather data every two minutes that a computer is connected to the Internet until the program is directed to stop. The information would then be forwarded from DesignerWare's servers to the rental store that activated the program, according to the FTC.
"In numerous instances, Detective Mode webcam activations have taken pictures of children, individuals not fully clothed, and couples engaged in sexual activities," the FTC said in the complaint, released on Tuesday.
The individuals and companies named in the FTC's complaint are DesignerWare; Aspen Way Enterprises Inc. of Billings, Mont., a franchisee of Aaron's Inc.; Watershed Development Corp. of Lake Bluff, Ill., an Aaron's franchisee; Showplace Inc. of Marion, Ohio; J.A.G. Rents LLC of Tampa, Fla., a franchisee of ColorTyme Inc.; Red Zone Inc. of Dallas, a ColorTyme franchisee; B. Stamper Enterprises Inc. of Russellville, Ky., a franchisee of Premier Rental-Purchase Inc., and C.A.L.M. Ventures Inc. of Nashville, Tenn., a Premier Rental-Purchase franchisee.
The commission said the settlements prohibit the companies from further illegal spying, from activating any location-tracking software without customer consent and from deceptively collecting information about consumers.
Earlier on HuffPost:
Clickjackers on Facebook entice users to copy and paste text into their browser bar by posting too-good-to-be-true offers and eye-catching headlines. Once the user infects his own computer with the malicious code, the clickjackers can take control of his account, spam his friends and further spread their scam. For example, clickjacking schemes hit Facebook soon after bin Laden's death and spread like wildfire by purporting to offer users a glimpse at <a href="http://www.huffingtonpost.com/2011/05/04/bin-laden-death-video-hoax_n_857730.html" target="_hplink">video or photos of bin Laden's death</a>.
Fake Polls Or Questionnaires
If you click on an ad or a link that takes you to questionnaire on a site outside Facebook, it's best to close the page. When you complete a fake quiz, you help a scammer earn commission. Sometimes the quiz may ask you to enter your mobile number before you can view your results. If the scammers get your number, they could run up charges on your account.
Phishers go after your credentials (username, password and sometimes more), then take over your profile, and may attempt to gain access to your other online accounts. Phishing schemes can be difficult to spot, especially if the scammers have set up a page that resembles Facebook's login portal.
Phony Email Or Message
<a href="http://www.facebook.com/help/?page=1187" target="_hplink">Facebook warns</a> users to be on the lookout for emails or messages from scammers masquerading as "The Facebook Team" or "Facebook." These messages often suggest "urgent action" and may ask the user to update his account. They frequently contain links to malware sites or virus-ridden attachments. They may even ask for your username and password. The best advice Facebook offers is to report the sender and delete the messages without clicking anything.
Money Transfer Scam
If a friend sent you a desperate-sounding Facebook chat message or wall post asking for an emergency money transfer, you'd want to help, right? Naturally. That's what makes this scam so awful. The point is to get you to wire money to scammers via Western Union or another transfer service.
Fake Friend Request
Not all <a href="http://www.huffingtonpost.com/2011/02/10/facebook-friend-request-spam_n_821584.html?page=1" target="_hplink">friend requests</a> come from real people, despite Facebook's safeguards against bots. Some Facebook accounts exist purely to establish broad connections for spamming or extracting personal data from users, so watch out whose friend requests you accept.
Fake Page Spam
Malicious pages, groups or event invitations aim to trick the user into performing actions that Facebook considers "abusive." For instance, a fake invite might offer a prize if you forward it to all your friends or post spammy content on their walls. Sometimes a scammer will set up fake pages as a front for a clickjacking or phishing scheme.
Malicious apps are pretty common on Facebook these days. They can be a cover for phishing, malware, clickjacking or money transfer schemes. Oftentimes, the apps look convincingly real enough for users to click "Allow," as they would do with a normal Facebook app. However, rogue apps use this permission to spread spam through your network of friends. For example, the recent "<a href="http://www.huffingtonpost.com/2011/04/08/facebook-closing-accounts-scam-app_n_846737.html" target="_hplink">Facebook Shutdown</a>" scam spread by claiming that Facebook would delete all inactive accounts except those that confirmed via app installation.
The Koobface Worm
The <a href="http://en.wikipedia.org/wiki/Koobface" target="_hplink">Koobface worm</a> is getting on in years (it first appeared in late 2008) and has been mostly scrubbed from the site, but Facebook still warns users to look out for it. Koobface spreads across social networks like Facebook via posts containing a link that claims to be an Adobe Flash Player update. Really, the link downloads malware that will infect your computer, hijack your Facebook profile and spam all your friends with its malicious download link. This worm affects mostly Windows users.