The US$10 webcam that Anna Giesman bought her daughter at Office Depot over the Thanksgiving weekend sounds like one of those deals that's too good to be true. And for her, it was.
A week later, she's worried and upset because a CD that came with the camera contained a Web link that apparently infected her PC with fake antivirus software.
Her story shows how easily malware can get onto the computers of unsuspecting consumers in an era when cyber-criminals are becoming expert at hacking legitimate Web sites to prey on their visitors.
Giesman bought the camera in order to give her daughter a way to chat over the Internet with a friend who had just moved to Germany. When she put the CD that came with the Markvision Magnetic Webcam into her PC, a menu popped up offering her drivers as well as a link to Markvision's site. Wanting to learn more about the product, she clicked on the Web link, but she immediately knew something was wrong.
The Web page was blank, and her PC immediately popped up a window telling her she needed to upgrade her Windows software. When she clicked on the red "X" to dismiss the window, another popped up that made it look like her computer was being scanned. That scan was blocked by her McAfee antivirus program, but Giesman was still worried.
Panicked, she shut down the computer and called Office Depot. Their support technicians told her to try a free antivirus program -- Avast -- which then identified rogue antivirus files on her computer.
That didn't sit well with Giesman, a Web designer based in Olympia, Washington. "I was really ticked," she said. "My life is on this computer."
Rogue antivirus software typically generates pop-up warnings, telling the victim there's a security problem and pestering them to get it fixed until they hand over their credit card numbers.
Once installed on the PC, it can be used to download malicious programs such as keyloggers, making it a serious security concern, according to Roger Thompson, chief research officer with antivirus vendor AVG Technologies. "The number-one thing that we see every day is rogue antivirus," he said. "I think there are a lot of people making money out of it."
Though the webcam was billed as a "door crasher" promotion at some Office Depot locations, the company said only a small number of customers were affected. "It was our vendor that actually initially had let us know -- so they must have heard directly from their own customers," an Office Depot spokeswoman said via e-mail.
Markvision "has temporarily shut down their Web site in order to protect customers from being exposed to the virus," the spokeswoman said. "We have been advised that they will bring the [site] online once their internal testing confirms that the virus has been removed."
Customers who bought the Markvision webcam don't need to install the company's CD in order to use the product, she added.
Markvision's Web site, at www.Markvision.cc, was online Thursday, but many parts of it had been taken offline. Earlier this week, Google's search engine flagged the site as potentially harmful, saying it had spotted suspicious content there on Nov. 27 and linked the site to Trojan horse and back-door malware infections over the previous three months. Markvision did not respond to messages seeking comment for this story.
Malware has a way of slithering onto consumer desktops during the holiday season. Two years ago, Best Buy was forced to pull its house-branded Insignia digital picture frames after discovering that they contained a virus.
Though there's little a big retailer like Office Depot can do when one of its partners gets hacked, Giesman said her trust has been shaken. "I did not expect Office Depot to sell me something that would send me somewhere like this."