Click here to go directly to the release on the FTC website (recommended).

FTC Obtains Court Order Halting Deceptive Mortgage Relief Internet Ads; Marketers Falsely Claimed to Operate MakingHomeAffordable.gov

At the Federal Trade Commission’s request, a federal district court issued an order to stop an Internet-based operation that pretends to operate “MakingHomeAffordable.gov,” the official Web site of the federal Making Home Affordable program for free mortgage loan assistance. The FTC alleged that the defendants deceptively diverted consumers who searched online for the free government assistance program to commercial Web sites that offer loan modification services for a fee.

“Homeowners who are down on their luck need help, not misdirection by Internet impostors,” FTC Chairman Jon Leibowitz said. “The Commission will continue to work with the Treasury Department to move quickly against scammers who prey upon financially distressed consumers.”

Earlier this year, in an effort to stabilize the housing market and ensure that responsible homeowners can afford to stay in their homes, President Obama announced the Making Home Affordable program to help eligible homeowners refinance or modify their mortgages. The plan will help millions of families restructure or refinance their mortgages to lower their monthly payments and make their mortgages affordable now and in the future. Using the resources on MakingHomeAffordable.gov, consumers in trouble with their mortgages can get help – at no cost – from trained housing counselors.

In a statement, Treasury Secretary Tim Geithner said, “On April 6th, FTC Chairman Jon Leibowitz, Attorney General Eric Holder, HUD Secretary Donovan and I announced a multi-agency effort to crack down on foreclosure rescue scams and loan modification fraud. Today’s swift enforcement action by the FTC demonstrates our strong commitment to protecting the integrity of the program by going after actors attempting to defraud or scam homeowners trying to use the makinghomeaffordable.gov site.”

Neil Barofsky, the Special Inspector General for the Troubled Asset Relief Program (TARP), which provided valuable assistance in the FTC’s investigation, said, “Frauds that target struggling homeowners will not go unanswered. Today’s action by the FTC, supported by the investigators of our office, demonstrates our joint resolve to stop in its tracks any individual or organization that attempts to fraudulently profit off of a national crisis.” Anyone who has been victimized in this matter should contact the FTC at 1-800-FTC-HELP. To report possible fraud in this or any other TARP-related program, complaints can also be filed at www.sigtarp.gov or 877-SIG-2009.

According to the FTC’s complaint, the defendants purchased “sponsored links” for their advertising on the results pages of Internet search engines, including yahoo.com, msn.com, altavista.com and alltheweb.com. When consumers searched for “making home affordable” or similar search terms, the defendants’ ads prominently and conspicuously displayed the Web site address “makinghomeaffordable.gov.” Consumers who clicked on this advertised hyperlink were not directed to the official Web site for the Making Home Affordable program, but were diverted to Web sites that solicit applicants for paid loan modification services. These commercial Web sites, which are not part of or affiliated with the U.S. government, require consumers to enter personally identifying and confidential financial information. The operators of these Web sites either purport to offer loan modification services themselves or sell consumers’ personally identifying information to persons who sell such services.

The FTC filed an emergency request for a temporary restraining order on Friday, May 15, 2009, in the U.S. District Court for the District of Columbia. Later that day, Judge Colleen Kollar-Kotelly entered a temporary restraining order, barring the defendants from using the MakingHomeAffordable.gov hyperlink or representing that they are affiliated with the United States government. The order also requires the four search engine providers to identify those who paid them to place the ads, and to refuse to place paid ads that contain active hyperlinks that are labeled MakingHomeAffordable.gov or any other domain name containing “.gov.” The FTC’s complaint is against one or more persons who are unknown to the agency at this time because the defendants have cloaked their practices in the anonymity of the Internet.

The Commission vote to authorize staff to file the complaint was 4-0.

NOTE: The Commission files a complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. A complaint is not a finding or ruling that the defendants have actually violated the law.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,500 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s Web site provides free information on a variety of consumer topics.

Media Contact:

Frank Dorman
Office of Public Affairs
202-326-2674

Staff Contact:

Lawrence Hodapp,
Bureau of Consumer Protection
202-326-3105

(FTC File No. 0923147)
(Making Home Affordable)

Click here for full FTC Release, supporting documentation and consumer information on how to avoid mortgage scams and foreclosure rescue scams.

US-CERT is aware of public reports of malware spreading via popular social networking sites. The reports indicate that this malware is spreading through spam email messages appearing to come from Myspace.com, Facebook.com, and Classmates.com. The email contains a message indicating that there is a YouTube video available and instructs the user to follow the link to view the video. If users click on this link, they will be prompted to update Adobe Flash Player. This update is not a legitimate Adobe Flash Player update–it is malicious code.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

• Install antivirus software and keep the virus signatures up to date.
• Do not follow unsolicited links.
• Use caution when downloading and installing applications.
• Obtain software applications and updates directly from the vendor's website.
• Configure your web browser as described in the Securing Your Web Browser document.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.ma

Symantec has released a security advisory to address multiple vulnerabilities for Symantec Backup Exec. These vulnerabilities may allow an attacker to gain access to or modify information, cause a denial of service, or potentially execute arbitrary code.

US-CERT encourages users and administrators to review Symantec Security Advisory SYM08-021 and apply any necessary updates to help mitigate the risks.

US-CERT is aware of public reports of an increase in malicious code propagating via USB flash drive devices. Currently, there are two popular methods by which USB flash drives are being infected with malicious code. Please note that these are not the only two methods available.

The first of these methods is referred to as simple file copy. This means that the malicious code initially resides on an infected computer and copies itself to all the storage devices connected to the affected computer. This method requires the user to access the USB flash drive and execute the malicious code.

The second method is referred to as AutoRun.inf modification. This means that the malicious code alters or creates an autorun.inf file on targeted storage devices connected to the affected computer. When an infected USB flash drive is connected to another computer, the malicious code can be automatically executed with no additional user interaction.

US-CERT encourages users to do the following to help mitigate the risks:

• Install antivirus software and keep the virus signatures up to date.
• Do not connect an unknown or untrusted USB drive to your computer.
• Disable AutoRun or AutoPlay features for removable media.
• Review the Using Caution with USB Drives Cyber Security Tip for more information on protecting your USB flash drive.
• Review The Dangers of Windows AutoRun Vulnerability Analysis Blog entry for more information regarding AutoRun.

dded November 13, 2008 at 07:04 pm

US-CERT is aware of public reports of a fraudulent email scam circulating via messages that falsely appear to be from the U.S. Federal Reserve. These email messages contain information about a phishing scam and links for users to follow to obtain additional information about the scam. If a user follows the links, they will be redirected to a malicious website where a PDF exploit is used to install malicious code on the affected system.

US-CERT encourages users to do the following to help mitigate the risks:

• Do not follow unsolicited links.
• Use caution when visiting untrusted websites.
• Install antivirus software and keep the virus signatures up to date.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.