I recently designed, ran and wrote a review for PC Magazine of desktop antispam tools. I get a lot of spam and most of it is offensive in one way or another, but perhaps the most dangerous spam Ive seen over the last year is a wave of messages selling deep-discounted copies of Symantec utility software, such as Norton SystemWorks.
The first time I saw one of these immediately I knew something was wrong. First, the message was obviously unsolicited and real companies like Symantec dont do stuff like that. Second, the product was discounted far below normal prices, on the order of $30 for a $100 product. (There were no notes in the email about the software falling off a truck.)
Ive gotten a lot of spam like this over the last year and almost all of it is for Symantec utilities. This is not an accident: When Microsoft instituted Windows Product Activation in Windows XP it began to shut the door on piracy. There are other reasons Windows isnt sold in this way; most people get their Windows with their computer for one. But Symantec has the second most popular line of retail software on the market, which is why they are the main target for these sorts of scams.
The inevitable result is that Symantec will be introducing DRM (Digital Rights Management) in their 2004 line of products to come out much later this year, and its already instituted in ESD (Electronic Software Distribution, the copies you buy and download) versions. DRM to Symantec is not the same thing as copy protection; the main point of it is to confirm that you have a legitimate copy sold by Symantec. It stinks that money should be wasted on stuff like this, but I dont blame them. They have to protect their property rights.
(The next obvious question, once Symantec seriously impedes this piracy with DRM, is whos next? Intuit is already using DRM, at least in TurboTax, to some nasty reviews, but perhaps games vendors are next.)
I spoke to Symantec about the problem and they confirmed that these messages are almost inevitably sales of pirated software. If you actually try and buy the software (which they have people do in order to collect evidence with which to pursue the perps) youll usually get just a disk, or perhaps even just a download.
But it gets worse. According to William Plante, Symantecs Director, Worldwide Security and Brand Protection, many of these counterfeit software scams are also credit card scams. Buy the software and you can get yourself in more trouble than you imagined.
Symantec says that they go after these people, especially when they find ancillary scams. The most important thing to do is to shut off the web site through which business is done, and usually the ISP will cooperate when presented with evidence. Actually busting the people involved is more difficult, since they could be anywhere in the world, but they say that law enforcement is usually anxious to pursue these matters and there have been many arrests.
Of course, Symantecs customer support people get to take the guff from the unfortunate customers who bought the software. Plante says that they have had reports of failures to install and even hard drive corruption; theoretically its possible for software pirates to add things like spyware to the software, but I assume its usually easier for them just to copy the software.
Probably some consumers realize theres something wrong with the deal because of the great price, but perhaps they think its an OEM version thats not legally for sale separately; old OEM copies of DOS and Windows are frequently resold like this. But beware, because most Symantec products, including SystemWorks, are never sold through OEMs.
In a way its no different from any other sales situation – if something looks too good to be true, it probably is. And getting it in spam is like being called at from an alley with a "psst – hey buddy, wanna buy a watch?" What do you expect?
Larry Seltzer has been in the computer industry and writing about it since 1983.