Driver Phishing

by jeremy on October 20, 2009

Maybe because it’s early in the morning, but I fell for this little scam pretty easily. I’m going to call it “driver phishing” because it has all the hallmarks of a phishing attack, although it’s probably legal.

I’m looking for the latest drivers for my Logitech webcam, so I type in Logitech QuickCam driver in Google.

An ad above the results looks promising: a website called LogitechDriversCenter.com:

image

So I click on it.

It takes me to a site with a Logitech logo, lots of shareware and PC Magazine stars, Logitech product photos and three options for getting the right driver:

image

DriverRobot, the first one, sounds promising. Maybe, I think, Logitech have consolidated all their driver downloads into one program. Good idea, given I’ve got quite a few of their products hanging around the computer. So I download and install it.

Looks OK so far. A window appears prompting you to start scanning your computer. Lots of green arrows and ticks to reassure you:

image

Once the scan is done you’re told how many drivers you need, with another green arrowed button indicating what you should do to get them (“Get drivers”):

image

(I should have been forewarned at this point. Plenty of warnings, but one key one: None of the drivers it suggested were Logitech ones. Certainly nothing to help me with my webcam.)

Click on that and you’re told you’ve got to “Register” which is “quick and easy”.

Notice there’s no other option, unless you can see the little Close Window X in the top right corner of the window:

image

Try to click on the other radio button (“Allow 11 drivers to remain out of date (not recommended). Critical updates for your computer will not be installed. Your computer may be vulnerable to crashes, performance problems, freezes and “blue screens.””) and then click Continue and the window disappears, but nothing else. It’s like those supermarkets where you can’t get out unless you buy something.

Click on the Continue button and your browser fires up with page requesting your Name and Email to register:

image

Notice all the seals, locks, starts and 100% guaranteed things going on. Reassuring, eh? Except there’s no link on the page, nothing for the casual user (or a slow-witted guy who got up too early) to click on to get more information.

So the slow-witted guy enters his name and email address, thinking that’s going to get him registered. Of course not. Instead he’s asked to shell out cash–$30—for the software:

image

Once again, no links to explain who is behind this, or what other options there may be.

As far as the casual user knows, this is either a Logitech product or one approved by them.

But it’s not. The software comes from a company called Blitware. The Complaints Board website has several complaints about the company and software:

The Driver Robot software does not work and the company tricks consumers in to believing that it is freeware. Am trying to get a refund of my purchase price now.

And worse: For some of those who do buy the software and follow its driver updates, it only makes things worse:

My computer completely crashed after using driver robot when it installed a generic mouse driver every time I touched my mouse I had a blue screen crash with a driver check sum error … It has also installed an elan touch tablet driver which is now in the toolbar. I dont have this device on my machine. This software is completely useless and will be going for a refund.

Others found they had no way of getting support:

Useless garbage–no contact info given. I attempted use and could see it doing nothing. What now, am I really out $39.90?

So who is Blitware? Its website says

Blitware (or Blitware Technology Inc., to be precise) is a small Canadian software vendor from Victoria, BC, Canada. Blitware’s mission is to take great software products to market and bend over backwards for our partners who help promote them.

(Notice how the company doesn’t say it’s a developer, and stresses the marketing, rather than the consumer, in its literature. That should probably tell you all you need to know, if you hadn’t gotten up too early.)

There is an encouraging link on the home page inviting you to click for Support (“Need support for a Blitware product? Our expert technical support staff is standing by to help you”) –

 image

– but far from take you to that helpful support staff, the link takes you to a Frequently Asked Questions page, and only at the bottom to a link for contacting technical support.

That in turn takes you to a link demanding you register at Blitware first, and then, when that is done, to a page for you to file your question.

Do that and you’re told:

We will reply to this message soon! You will receive an email when we do.

OK, so, what’s wrong with all this, and why call it phishing?

Well, phishing is the art of using social engineering tricks to lull a victim into thinking s/he is interacting with a legitimate site/product and to get him/her into coughing up passwords or cash.

Usually with banks, or emails, or accounts etc.

To me this Driver Robot is no different.

From the Google search—where a website with the word Logitech in it—everything is designed to make you think you’re dealing, if not with Logitech, then at least with a company/product that Logitech has endorsed.

The website’s title—the bit that appears in the browser’s top-most bar indicates it’s a Logitech site:

image

Even the website’s favicon—the little log before the web address—is Logitech’s:

image

To me this is no different to a scammer putting “Citibank” or “Paypal” somewhere in a web address to fool the user into thinking they’re dealing with someone kosher.

Anything the tricks the user, either into thinking they’re dealing with the real thing, or thinking they have no other option, is, in my view, a scam.

That the software doesn’t seem to work—it found no Logitech drivers or updates, and seems to crash computers—only makes matters worse.

I’m going to find out what Logitech make of their logos and name being used for dodgy purposes.

(more on Driver Phishing here.)

{ 8 comments… read them below or add one }

Jon October 20, 2009 at 9:23 am

Finally I understand why you don’t use a Mac, it’s all about investigative journalism ;)

Reply

Matt Buckley-Golder October 22, 2009 at 12:32 am

My main problem here is that this is a sponsored link — a link that Google is taking money for in exchange for putting the link ABOVE their natural search results — the ones that their users presumably pick as most reliable.

As for the Mac argument… well, the essential argument is that a Mac is safer because the bad software doesn’t usually work on it. But that’s a bit like throwing the baby out with the bath water: a LOT of software doesn’t work on it.

Reply

steve January 8, 2010 at 5:47 am

You need to update this. Blitware now is phishing with a download called PC Medkit.

These guys are really good. If you google the name all you get is partisan crap, even googling news and blogs. They seem to have created a couple of “independent” blogs who claim to have tested it and go on about how great it is.

Thanks for saving me. This is the only google hit that gives a true account of these guys.

Steve

Reply

James LaClair February 26, 2010 at 10:00 pm

Dear loosewire,
One more heads up about blitware and their bogus file fixer software.I bought it and used it to scan for faulty files and software to open .mso attachments. When I attempted to download the solution software in all attempts it was 150Mb. I have dialup and it would take 43 hours to download any of Blitwares solution software.There’s no way to maintain a dialup connection for that long. I have not gotten one response from Blitware support going on 4 days now. My only recourse is through credit card resolution. Looks like I’m out $43.00. Thanks for the forum.Beware of the Google search which directed me to this criminal outfit. L8R JML

Reply

Skip March 14, 2010 at 12:05 am

Thanks,
Seeing the registration page asking name and email and no active links sent me googling the names which eventully resultted in your page. You saved me money and hassle!

Reply

Daniel July 10, 2010 at 4:04 am

Thanks for this review — I’ve been trying to find out how best to update my drivers and someone on Yahoo! Answers recommended Driver Robot. Went to the site, it was looking really good, but almost too good to bet true. It took a bit of snooping, but the more I found these vague “official-looking” sites posting rave reviews of it and nothing really critical, I became suspicious. Glad I found your blog — I appreciate knowing what a scam this thing really is, and will try to tell others.

Reply

resolute1999@yahoo.com September 3, 2010 at 10:03 am

I regret that I didn’t read the scam reviews first. Yes, I am another slow witted victim who forked over 29.99 thinking that the 60 day full refund guarantee meant something.
My experience: several ‘fatal errors’ during the download and an end result that installed an ASK home page and disrupted my Ethernet. Not really a ‘crash’ since I used system restore on this ancient Windows XP machine. Like the writers above, I haven’t found a way to contact Blitware so I guess they will just laugh all the way to the bank. Kudos to GOOGLE for featuring them so prominently in my HP driver download search. Yes I do have a Ph.D. but sometimes I trust too much. Raymond in California

Reply

LMAO February 15, 2011 at 4:22 am

necrothreading!

ok first off NEVER trust anything that has what your looking for right in the web address. this one screams out loud it wasn’t logitech’s site

Reply

Leave a Comment

Previous post:

Next post: