Silicon Insider: Spyware

May 20, 2004 -- Hundreds of thousands of people opened their computer browser today to what they thought was their home page — and instead saw the page for iSearch, a computer "spyware" program that has hijacked their computer.

Thank you Fidelity Investments. Thank you TD Waterhouse. Thank you Business Week Online. And thank you every other company that helps pay for this extortion. [Editor's Note: Since publication of this article on May 20, Fidelity and TD Waterhouse have taken action; see explanation below].

You've probably heard of spyware, virus-like programs that are unknowingly downloaded by Web users. Spyware comes in several virulent forms. One notorious type, evil cousins of subscription sites like AOL and MSN, enable unknown predators to tap into your computer and gain access to private files.

This is the type of spyware that gets the most attention from media, and has been the source of some pending bills in Congress and various statehouses. It was also the fear of just such intrusive spyware that led to the backlash a couple weeks ago against Google's proposed GMail service.

iSearch represents another type of spyware, one that is more subtle, but ultimately no less destructive.

Trapped in Spyware Hell

iSearch works something like this: Some time during the course of surfing the Web, you unknowingly trip over the iSearch applet, which is instantly downloaded — without your knowing it — into your computer.

This program then does two things: 1) It orders your computer to permanently switch to .iSearch.com as your new home page, and 2) Covers its tracks, so that you can't simply go into your computer's utilities and replace it. You are now trapped.

The next time you go on the Web, expecting to see Google or Yahoo! or ABCNEWS.com as your home page, up pops the iSearch home page. There's also an iSearch toolbar on the top of your page. "What the H*#$*?" you mutter, figuring it's a mistake, and go on with your business — noting, with growing annoyance that suddenly you are getting a whole bunch of new pop-ups about stopping spyware, spam, etc.

About the fifth time this happens, you get furious, and try to use your computer's Internet Tools window to reset your home page. That's when you are stunned to discover that it won't work. So you go to Google and type in "iSearch toolbar removal" — and up pops 2200 results, most of them filled with angry people in the same predicament as you demanding, even pleading, for information on how to get iSearch off their computers..

So you go back to the iSearch home page. Perhaps there's something there. It's the standard search page: a column of "top searches" sites on the left, a grid of search categories (auto, finance, gambling, etc.) covering the rest of the page. You notice that on the "top searches" items list, the first four are "uninstall software", "anti-virus", "stop pop-ups" and "clean PC". There we go.

You click on "uninstall software", and get linked to Uninstaller.com, which will sell you a software program of that name for $29.95. Next you type "anti-virus" and get an eerily similar site, virushunter.com, which offers to sell you its software — for $29.95. Ditto for pop-up blocker.

Now you are desperate. Back to Google and onto one of those bulletin boards about uninstalling iSearch. There you find one recommendation after another for anti-virus programs you can use … only to learn a few messages later than the iSearch browser will not allow access to those programs.

You are trapped. iSearch holds the cards. It is the equivalent of someone giving you smallpox, then dangling an ampule of the vaccine in front of you … for only $29.95.

In Search of iSearch

I learned most of this from my television business partner Bob Grove, who, regular readers will remember, was my investigative reporter when I ran Forbes ASAP.

He's the guy who broke the big story on Internet child porn that helped lead to a lot of the arrests you've read about the last couple years.

I asked Bob to chase down iSearch. He was happy to do so — and motivated as well: iSearch has taken over his computer's browser too. Here's what Bob found.

First, you probably won't be surprised to learn that when you go looking for iSearch there seems to be no there there. The Web site carries only an e-mail address, no physical address. However, doing a little research, Bob found that iSearch is actually owned by iDownload.com, based at 701 Brazos, Suite 500, Austin, Texas 78701 (any Austin reader of this column care to go by there and see if it is more than a mail drop?). iDownload has an 800 number, but if you call it you only get stuck in a phone mail tree.

Now, would it come as any surprise to you to learn that iDownload not only owns iSearch, but also popupblocker.com, uninstaller.com and virushunter.com — and several other $29.95 specials? Probably not.

But I'll bet you'd be surprised to learn that these products can be purchased with your Visa, Diners Club, MasterCard, and American Express cards — making them accessories to this scam. Or that iDownload is a member of the Better Business Bureau Online Reliability Program (thank you BBB!)

Oh, but it doesn't end there Go back to the iSearch home page — like you have any choice — and click on some of the other "top searches," which no doubt, like the first four, are paying advertisers. Try "investing." What names pop up? Fidelity Investments, TD Waterhouse, Business Week Online. …

Rotten, But Not Illegal

What are these reputable (or so we thought) organizations doing there?

There are only three possibilities. First, iSearch is using those names without permission — in which case, who is minding the store? Second, those firms bought placement on iSearch, not knowing what it was — in which case, where is the oversight? Or third, those firms bought placement on iSearch knowing full well what they were doing — which is despicable.

The next time you want to invest your 401(k) money in Fidelity, or you buy stock through TD Waterhouse, or having any dealings with any of the other outfits listed on iSearch, you might want to remember what kind of business they are consorting with.

OK, this whole thing is rotten, but is it illegal?

As far as I can tell, not yet. At least it is not criminal. And that should make you give serious thought to contacting your state and national representatives in support of anti-spyware legislation.

In the meantime, one would think that those companies who are supporting the iSearches of the world with their advertising (or financial services), would pull out or, better yet, bring action against them.

They should be joined in that civil suit by Google, Yahoo!, ABCNEWS.com, CNN.com, Drudge and every other popular homepage site that is seeing its revenues and traffic hijacked by iSearch and its ilk.

And the thousands of poor victims of this shakedown — what is their remedy? Google back to "Uninstall iSearch toolbar" and keep reading the suggested fixes. I can't recommend any of them here — for fear that iSearch will quickly move to block them.

Editor's Note — Fidelity responds regarding efforts to have its name removed from iSearch: "Once we became aware of iSearch, we took immediate action to get our name off of their site. We were informed this morning [5/21] in writing by the Overture network that iSearch has removed our name from their site. While the Web site will still produce our name in an "organic" search, (which we cannot control), we no longer appear as a preferred link. As an additional precaution, we are exploring search engine networks with whom we work to confirm that they do not include companies like iSearch. … [W]e are very concerned about spyware and are supportive of efforts to develop effective anti-spyware laws."

Also, on May 24, a TD Waterhouse respresentative responded: "Please know I have been told that we have instructed Overture to stop running our ads immediately."

In addition, Overture itself wrote: "Overture carefully screens our distribution partners and has a formal policy in place that requires partners that offer downloadable software to adhere to high standards of notice, privacy and ease of removal for users. In addition, we require our partners to obtain the user's explicit consent to the terms of the agreement and be forthcoming in their terms of service. iSearch is not and has never been an approved partner of the company. We promptly investigated after learning of this issue and determined that iSearch wrongfully obtained access to our listings. Based on our investigation, we promptly terminated iSearch's unauthorized access and will take other steps, if necessary, to protect the experience of both our users and advertisers.

Michael S. Malone, once called “the Boswell of Silicon Valley,” most recently was editor-at-large of Forbes ASAP magazine. His work as the nation’s first daily high-tech reporter at the San Jose Mercury-News sparked the writing of his critically acclaimed The Big Score: The Billion Dollar Story of Silicon Valley, which went on to become a public TV series. He has written several other highly praised business books and a novel about Silicon Valley, where he was raised.