Driver Phishing II, Or Who Is Trentin Lagrange?

I’m fully awake now, and doing some digging on who is behind the Driver Robot “driver phish.” The digging has introduced me to a whole level to the software scam industry.

The company that sells it is Victoria, BC, Canada-based Blitware (“or Blitware Technology Inc.,  to be precise,” as its website urges us). Nothing gives on its Who Is page, nor on the driverrobot.com website the software is hosted at. But a clue to the possibility that this isn’t just some cute little software developer is back on the LogitechDriversCenter website, which carries some named testimonials, among them this:

“I got a new graphics card but the framerate was terrible, and the manufacturer’s website didn’t help at all. It turns out that the driver that came with the card was 6 months out of date! Driver Robot got me the latest driver automatically, and now my whole system is more responsive, especially the games.”

Trentin Lagrange, CA

The good thing about a name like Trentin Lagrange is that it’s not that common. Not like the other two testimonials, which come from one Tim Whiteman and one Susan Peterson (not that they aren’t helpful. But nothing like Trentin.)

Who is Trentin?

A Google search of Trentin Lagrange indicates that either he’s a huge fan of driver update software, or that it’s not just about Logitech drivers or one small Canadian company anymore.

Trentin Lagrange, it turns out, has left glowing testimonials for driver update software, not just on the dodgy Logitech website (and a sister one at logitechdriverdownloads.com) but on websites like Realtekdriver.net, which also carries the company’s logo and calls itself “Realtek Drivers Download Center”:

image

As with the Logitech website, it’s only if you scroll down to the bottom of the page and click on a link “About us”

image

do you get to the truth of whether it’s a company website:

REALTEK is registered Trademarks of Realtek Semiconductor Corp.
All other trademarks are properties of their respective owners.
This website is not owned by or related to Realtek Semiconductor Corp.
We are not associated with Realtek Semiconductor Corp. in any way.
We are just running a site to help users who have trouble to getting hardware device drivers,
This web site is not associated with Realtek Semiconductor Corp. in any way.

Trentin has also left testimonials on websites that impersonate Dell-–delldriverscenter.com—complete with Dell logo

image

and favicon

image

And SIS at sisdrivers.org:

image

and MSI at msidrivers.org

image

and Intel at inteldriverscenter.com

image

and Asus at asusdriverscenter.com

image

and Acer at acerdriverscenter.com

image

and canon at canondriverscenter.com

image

as well as HP – hpdriverscenter.com

image

and driverforhp.com, with this HP-looking banner atop:

image 

No denials of being associated with HP on their about page, so I’m guessing HP’s lawyers haven’t been in touch yet.

Another website, atidriverscenter.com, seems to have closed. It was active in July, when this person fell for the scam and complained on a forum.  At least some companies seem to be watching.

Well, maybe not. This website, atidrivercare.com, is still working:

image

You get the picture.

Google’s Role

All of these websites appeared as sponsored ads above the search results in Google when looking for that manufacturer’s drivers (hp drivers etc) which throw up links to, for example, “official HPs [sic] Drivers & Updates”:

image

(For many users these sponsored ads are either normal search results, or sponsored in the sense of vetted, so they’d be forgiven for thinking that they’re clicking on something official.)

It seems that either Trentin, Tim and Susan are just really generous with their comments and share software tips on a regular basis, or this software schmoozefest is linked to Swishsoft the company that sells Swift Optimizer, software that compresses Flash files. All three put glowing reviews on the software website, althought it seems Susan has moved from the U.S. to Australia in the meantime. Must be the taxes.

And no, I couldn’t find any reference to Trentin Lagrange apart from glowing software testimonials. Either the guy just lives to write software reviews or he is not really living.

So, we’re clear that whoever is behind DriverRobot is also behind a number of websites that basically impersonate the websites of popular hardware vendors, either within the boundaries of the law or outside the knowledge of these companies’ lawyers.

Sponsored Run

But it’s also energetically fending off accusations that it’s all a scam. Do a Google search for driver robot and you get these sponsored ads above the results:

Similarly, the ads on the side of the results:

  • DriverRobot This Is The Real Deal?
    The Truth Will Shock You! reviewblogs.info
  • “DriverRobot” Report We Bought It And Tried It.
    The Truth Will Shock You! www.todaysreview.info/DriverRobot
  • Driver Robot Exposed Buying Driver Robot?
    Get The Facts! RealityChek.net

    The top one is a straight link to the download site. The others sound like links to stories exposing the scammery, right? But they’re not: They all take you straight to driverobot.com. No reviews, or even pretence at reviews.

    Clever, huh? Outwit your detractors who accuse you of impersonating official company websites by impersonating your detractors. There’s a twist I hadn’t thought of.

    Where are the Reviewers?

    But what about those logos from respected software reviewers, like PC Magazine, Softpedia (five stars!), Geek Files ((5/5 stars, Exceptional Product!) and Chip on the LogitechDriversCenter.com website and elsewhere?

    image

    I could find no reference to Driver Robot on the PC Magazine website. On Softpedia’s website I could find no “editor’s review” but found one user review—giving it two stars out of five but saying it used “borderline means to promote its service.” GeekFiles.com contained only discussions, no reviews.

    Depressing

    All of this is faintly depressing, because all the usual checks and balances we look to on today’s web seem to have gone out of the window:

    • a website address can contain a company’s name, with no apparent action from the company itself to protect either its name or its customers;
    • Googling a product doesn’t seem to work: sponsored ads mislead with words like “official” and what look to be review sites are actually redirects owned by the product’s owner
    • Badges from third party download and software websites don’t seem to be a guide, because they are either out of date or fake.

    The fact is that many people are going to be taken in by this kind of thing. Everyone needs drivers, and everyone searches for drivers by googling the manufacturer’s name and the word driver. As many people search for hp drivers as search for kenya on Google:

    So what I want to know is:

  • What are the companies involved doing to protect their brands, their products and their customers from misleading and potentially damaging products sold in their name?

  • What are software reviews sites doing to protect their brands, and their consumers from fraudulent badges?

  • What is Google doing about sponsored ads that mislead the public? 

Driver Phishing

Maybe because it’s early in the morning, but I fell for this little scam pretty easily. I’m going to call it “driver phishing” because it has all the hallmarks of a phishing attack, although it’s probably legal.

I’m looking for the latest drivers for my Logitech webcam, so I type in Logitech QuickCam driver in Google.

An ad above the results looks promising: a website called LogitechDriversCenter.com:

image

So I click on it.

It takes me to a site with a Logitech logo, lots of shareware and PC Magazine stars, Logitech product photos and three options for getting the right driver:

image

DriverRobot, the first one, sounds promising. Maybe, I think, Logitech have consolidated all their driver downloads into one program. Good idea, given I’ve got quite a few of their products hanging around the computer. So I download and install it.

Looks OK so far. A window appears prompting you to start scanning your computer. Lots of green arrows and ticks to reassure you:

image

Once the scan is done you’re told how many drivers you need, with another green arrowed button indicating what you should do to get them (“Get drivers”):

image

(I should have been forewarned at this point. Plenty of warnings, but one key one: None of the drivers it suggested were Logitech ones. Certainly nothing to help me with my webcam.)

Click on that and you’re told you’ve got to “Register” which is “quick and easy”.

Notice there’s no other option, unless you can see the little Close Window X in the top right corner of the window:

image

Try to click on the other radio button (“Allow 11 drivers to remain out of date (not recommended). Critical updates for your computer will not be installed. Your computer may be vulnerable to crashes, performance problems, freezes and “blue screens.””) and then click Continue and the window disappears, but nothing else. It’s like those supermarkets where you can’t get out unless you buy something.

Click on the Continue button and your browser fires up with page requesting your Name and Email to register:

image

Notice all the seals, locks, starts and 100% guaranteed things going on. Reassuring, eh? Except there’s no link on the page, nothing for the casual user (or a slow-witted guy who got up too early) to click on to get more information.

So the slow-witted guy enters his name and email address, thinking that’s going to get him registered. Of course not. Instead he’s asked to shell out cash–$30—for the software:

image

Once again, no links to explain who is behind this, or what other options there may be.

As far as the casual user knows, this is either a Logitech product or one approved by them.

But it’s not. The software comes from a company called Blitware. The Complaints Board website has several complaints about the company and software:

The Driver Robot software does not work and the company tricks consumers in to believing that it is freeware. Am trying to get a refund of my purchase price now.

And worse: For some of those who do buy the software and follow its driver updates, it only makes things worse:

My computer completely crashed after using driver robot when it installed a generic mouse driver every time I touched my mouse I had a blue screen crash with a driver check sum error … It has also installed an elan touch tablet driver which is now in the toolbar. I dont have this device on my machine. This software is completely useless and will be going for a refund.

Others found they had no way of getting support:

Useless garbage–no contact info given. I attempted use and could see it doing nothing. What now, am I really out $39.90?

So who is Blitware? Its website says

Blitware (or Blitware Technology Inc., to be precise) is a small Canadian software vendor from Victoria, BC, Canada. Blitware’s mission is to take great software products to market and bend over backwards for our partners who help promote them.

(Notice how the company doesn’t say it’s a developer, and stresses the marketing, rather than the consumer, in its literature. That should probably tell you all you need to know, if you hadn’t gotten up too early.)

There is an encouraging link on the home page inviting you to click for Support (“Need support for a Blitware product? Our expert technical support staff is standing by to help you”) —

 image

— but far from take you to that helpful support staff, the link takes you to a Frequently Asked Questions page, and only at the bottom to a link for contacting technical support.

That in turn takes you to a link demanding you register at Blitware first, and then, when that is done, to a page for you to file your question.

Do that and you’re told:

We will reply to this message soon! You will receive an email when we do.

OK, so, what’s wrong with all this, and why call it phishing?

Well, phishing is the art of using social engineering tricks to lull a victim into thinking s/he is interacting with a legitimate site/product and to get him/her into coughing up passwords or cash.

Usually with banks, or emails, or accounts etc.

To me this Driver Robot is no different.

From the Google search—where a website with the word Logitech in it—everything is designed to make you think you’re dealing, if not with Logitech, then at least with a company/product that Logitech has endorsed.

The website’s title—the bit that appears in the browser’s top-most bar indicates it’s a Logitech site:

image

Even the website’s favicon—the little log before the web address—is Logitech’s:

image

To me this is no different to a scammer putting “Citibank” or “Paypal” somewhere in a web address to fool the user into thinking they’re dealing with someone kosher.

Anything the tricks the user, either into thinking they’re dealing with the real thing, or thinking they have no other option, is, in my view, a scam.

That the software doesn’t seem to work—it found no Logitech drivers or updates, and seems to crash computers—only makes matters worse.

I’m going to find out what Logitech make of their logos and name being used for dodgy purposes.

(more on Driver Phishing here.)

How to Abuse Social Media and Lose Friends

I’m sure they’re not the first to do this, but I really hate it: referral marketing.

SingTel, Singapore’s main phone operator, is encouraging Singaporeans to spam their friends via email, twitter, Facebook and SMS.

The sad thing is they’ll have to do this a lot to get anywhere. You get 1 point for every tweet post a day, and 1 point for every post on Facebook a day. If you get a friend to sign up for the program you get 10 points.

Get in the top five and you get to win a Macbook or an iPhone.

Given the top guy already has 742 referrals, I’m pretty sure that means someone is going to have to send out 7,420 tweets to get close. (The rules aren’t clear on this.)

As you can see, however, it’s appallingly popular. Ten in the past minute:

image

Ugh. Any of my Facebook or twitter friends do it and they’re off my Christmas card list. 

And companies that don’t understand social media, who think it’s just another spamming channel, need to get a wake-up call. That’s you, Singtel.

Win an iPhone with SingTel Youth Buddies

Podcast: Live crime, Photoshock, Twaiters

This week’s podcast is from my weekly slot on Radio Australia Today with Phil Kafcaloudes and Adelaine Ng:

  • UK firm launches game where people spot real crimes on CCTV
  • The rise of the Photoshop Disaster: Ralph Lauren gets upset when it’s caught shrinking a model’s waist to zero
  • Waiter tweets, gets fired. Why twitter is not what it seems

Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here. You also need to have JavaScript enabled in your browser.