Office Depot And Partner Ordered To Pay $35 Million For Tricking Consumers Into Thinking They Had Malware

from the gotcha! dept

I have worked in the B2B IT services industry for well over a decade. Much of that time was spent on the sales side of the business. As such, I have become very familiar with the tools and tactics used to convince someone that they are in need of the type of IT support you can provide. One common tactic is to use software to do an assessment of a machine to determine whether it's being properly maintained and secured. If it is not, a simple report showing the risks tends to be quite persuasive in convincing a prospective client to sign up for additional support.

Done the right way, these reports are factual and convincing. Done the Office Depot way, it seems only the latter is a requirement. The FTC announced on its site that Office Depot and its support partner,, Inc., has agreed to pay $35 million to settle a complaint in which the FTC alleged that consumers were tricked using a computer health application into thinking their machines were infected with malware when they often times were not.

Office Depot has agreed to pay $25 million while its software supplier,, Inc., has agreed to pay $10 million as part of their settlements with the FTC. The FTC intends to use these funds to provide refunds to consumers.

“Consumers have a hard enough time protecting their computers from malware, viruses, and other threats,” said FTC Chairman Joe Simons. “This case should send a strong message to companies that they will face stiff consequences if they use deception to trick consumers into buying costly services they may not need.”

The complaint itself, embedded below, is quite the read. Office Depot's scheme went like this. For a decade, Office Depot would take in customers' computers for diagnostics. Through it's partnership with, PC Health Check would be run on these machines and the owners of them would be given a short questionnaire to fill out. While that application can in fact be useful in detecting malware on machines, the FTC alleges that the "report" delivered to consumers was based entirely off of the short questionnaire instead. And what kind of questions were consumers asked to answer to indicate whether their machines were infected with malware or not?


These included questions about whether the computer ran slow, received virus warnings, crashed often, or displayed pop-up ads or other problems that prevented the user from browsing the Internet.

The complaint alleges that Office Depot and configured the PC Health Check Program to report that the scan found malware symptoms or infections whenever consumers answered yes to at least one of these four questions, despite the fact that the scan had no connection to the “malware symptoms” results. After displaying the results of the scan, the program also displayed a “view recommendation” button with a detailed description of the tech services consumers were encouraged to purchase—services that could cost hundreds of dollars—to fix the problems.

Members of the IT industry are already laughing at this. There is a universal understanding in our industry that if you ask a user if his or her machine is running slow, he or she will say yes. Full stop. To base a recommendation off of this answer, never mind to configure software to report malware symptoms based on it, is ludicrous in the extreme. Unless, of course, you're building a tech support business on the strategy of tricking consumers into thinking they have malware infections when they do not. In that case, all of this makes perfect sense.

Except that it's also a violation of laws against deceptive practices. It's also dumb in the extreme, as it's the kind of trick you can only get caught at once to torpedo your reputation and cause the public to never seek out your help for tech support again. Put another way, there is zero reason for anyone to ever seek out Office Depot's help for their computers ever again.

That's no way to run a business.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ftc
Companies: office depot,

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    ECA (profile), 3 Apr 2019 @ 12:42pm

    Running outside software..

    If yu dont know what the program is/does, and/or a friend wishes to run it ON YOUR COMPUTER...

    That program can gather Tons of info, and data and Pop it onto a disk/Flash card and All of a sudden, there is more of a problem then you think..
    Its not just the FAKe Virus/bot ID, its all your passwords, Internet visits, Bank data, as well as Backdooring into your system remotely. Your computer is important, more so then your cellphone.

    LEARN a few things, DO them yourself..MOST programs can/will run in the background or you can Manually run them IF' things get alittle strange on your computer. Find something you trust. Find SOMEONE you trust..Search the net and READ a few articles on things you might want or need.

    Do remember, nothing is perfect. Alternatives help. I have 3 programs to scan my machine, and each does it in different ways. Things cant hide very well.

    The biggest thing to remember. A CLEAN SYSTEM can Stay clean, as long as there is NO INPUT..
    Input=Disk/tape/CD/DVD/Network/internet/USB/Flash...Anything After the installation of the system...that requires you to load/install something new.
    there WAS a tracker in an MS windows program for over 8 years. it was in the Music player. It was a mistake. Not removed after programming.
    BUT, that same idea has changed. you CANT go around the net, without being tracked anymore. as soon as you have a Browser, anyone/any site can ask your system for info. AND SITES can block those that DONT give the info..(remember when sites Blocked you because you didnt use Windows Explorer?). How many sites give you POPUPS because you Block the adverts??

    My customers found out they like me, for 1 big reason...Im forgetful. I cant remember ANY of the passwords they give me.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.