Friday, September 17, 2010

Check Point's Zone Alarm Resorts to Scareware to Push Sales

::.A brief departure to the world of Windows and malware.::

There is one computer in my house that has Windows on it, and today I booted into it and was greeted by this lovely little pop-up telling me there's a new piece of malware out there that can steal banking information, and I should buy some firewall software to protect myself.



It looked like scareware, smelt like scareware, and acted like scareware, so I went into panic mode; locking down the internet connection, scanning active process, scanning files on the disk, checking the registry, et cetera. After a bit of googling on a secure Linux box (Backtrack anyone?), it looked as if this wasn't something pretending to be Zonealarm... it was Zonealarm, who has evidently decided that the 'scareware-approach' equates to higher sales, which of course is 'good-business'.

I'm going to go ahead and list all the problems I have with this:

A) People don't like scareware. Scareware pisses people off, and pissed-off people are less likely to buy a product from the company that pissed them off. This concept seems like common-sense to me, but has evidently escaped the geniuses over at Check Point's marketing department.

B) If it looks/acts like scareware, it is. According to Wikipedia:

Scareware comprises several classes of scam software with malicious payloads, or of limited or no benefit, that are sold to consumers via certain unethical marketing practices. The selling approach uses social engineering to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user.

This is pretty much to what Check Point is doing: intimidating people into buying their product under the guise that they are somehow less susceptible to a particular piece of malware because of it. What makes it ok for Check Point to resort to such schemes? It's unethical in every sense of the word. It's not 'just a friendly warning' when it links to a site claiming your product is evidently the only one in the world capable of dealing with such a threat, without providing any data on just how you arrived at that conclusion. Dropping the name of an independent organization isn't proof, it's 'pseudo-proof' and no more viable as proof than making up the data as you go along.

C) This newfangled form of marketing is identical to the classic scareware scam. This makes it difficult to explain to people "If you ever see any pop-ups claiming you have virus X, and you should purchase software from Company Y to remove it, don't do so. It's scareware, they're trying to scam you.", because now a supposedly legitimate company is doing the exact same thing. Suppose someone writes a virus in the future that pretends to be Zone Alarm warning you about a new virus, and that you should upgrade to be protected from it... How do you know what's really behind it? Is it Check Point's marketing team hard at work again, or an actual threat? We've previously relied on the idea that no respectable software company would resort to such tactics, but Check Point has blurred that line all the way from here to the bank.

D) Marketing fiascoes and licensing issues are the number one reason I tend to rely on free software (free as in freedom). I think you'd be hard-pressed to find a piece of software licensed under the GPL (or similar) whose developers would allow something like this... But I digress. When you click on the "See Threat Details" button, you are taken to this page (EDIT 10/04/2010: Page no longer contains information regarding ZeuS.Zbot.aoaq), where Check Point makes a very juvenile attempt to lead you to believe that "Only ZoneAlarm's suite protects against ZeuS.Zbot.aoaq virus." Just out of curiosity, how many firewall/AV solutions were tested by VirusTotal before concluding that Zone Alarm was the only Security program that detects ZeuS.Zbot.aoaq? Furthermore, on VirusTotal's website, under the list of companies that provide them with their respective anti-virus engines, Check Point and Zone Alarm are not even mentioned (I wonder what the significance of that is).

E) Check Point took a lengthy piss on their customers with this one. I've used Zonealarm on Windows boxes for years, and recommended it as a firewall every chance I got. Needless to say, I feel betrayed that they would ever resort to such shameful marketing techniques to push a product that could otherwise stand tall on its own merits. Check Point has soiled Zone Alarm's name, alienated their customers, and stooped to a low that can not be easily forgiven.

Check Point, You've lost a customer.