Lately, we have witnessed a large outbreak of pirated software spam from a company called “Whirl Wind Software”. In fact, SPAMfighter has stopped approximately four million related spam mails in the past few days. We’re not completely sure why we’re seeing the influx but believe it could be related to the pre-launch of Microsoft Windows 8. With the recent release of the Windows 8 Developer Preview, all eyes are on Microsoft as they offer a first-hand sneak peak at the features of their latest OS. As a headlining topic with heavy coverage on many technology sites it’s an obvious topic of choice for spammers to take advantage of in order to ultimately sell pirated software. As you will read later, spam mail is not the only baiting method being used.
We previously covered the Google Earth Scam and in this post we will attempt to unveil how scammers are tricking people into paying for illegal software. Hold your breath, grab a cup of coffee, and let’s get started.
First and foremost, the most common baiting method employed by scammers is by email which typically promotes heavy discounts on commonly used business and professional software. It’s certainly a tempting offer to get 80% off software titles or bundles that have a retail price upwards of $300-400. Here’s an example of the content contained in one particular “Whirl Wind Software” email:
Another method is spamming legitimate websites with ads or even the creation of splogs, blogs with fake content that are created for the purpose of spamming search engines. We have also noticed a lot of entries in yahoo answers, which is a common way of spreading malicious messages. Here is an example of a Google search results page so you know what the ads might look like if you happen to stumble on it.
Although the aforementioned site has disappeared we have found other incarnations of it that are up and running at the time of this writing but may have already moved locations as you read this. We wont list them here but they aren’t exactly difficult to find. Enter at your own risk though.
At first sight the Whirl Wind Software shop looks professional with a clear and functional navigation, a long list of software, and great offers. However, diving a little deeper uncovers signs of illegitimacy. Browsing to a “Whirl Wind Software” payment page shows that it is not encrypted!
Credit card information should never be entered on sites that are not encrypted and we hope you’re already familiar with that bit of advice. In a sly move, “Whirl Wind Software” claims that they are recognized as an encrypted site by badging their page with familiar security logos. Notice how the date in the GeoTrust logo is not current!
What happens if you decide to go through with a purchase? Will you get your favorite software at a very reasonoble price? We’re not sure what you’ll get but there is no doubt what you’re getting is not legitimate software. We haven’t tried making a purchase ourselves since most of us here are rather fond of our money and do not condone software piracy.We briefly checked their support pages and found a document with serial numbers and non-standard instructions for activating software. If this document is an indicator of the type of goods “Whirl Wind Software” is selling, they are assuredly cracked and / or illegally modified software packages. Read our previous coverage on the risks of using software cracks for more information.
It’s also worth noting that their “Contact Us” page is devoid of a direct method of contact via email or phone. While a publicly displayed email address or phone number should not be considered as suitable alternative for the lack of site encryption, it can serve as an indication that the site or service is not a fly-by-night operation.
So what have we learned here? For one thing, be cautious with promotional emails if you do not recall signing up to receive them. With the increasing popularity of online sales, there simply is no excuse for a legitimate service or vendor to not offer encryption on their purchase pages. Always make sure that the shopping cart contains an encrypted and connection, and when in doubt, it may be worth your while to make the purchase at your local retail store even if it’s not as convenient. Remember, if it looks too good to be true, it probably is.
Have you been the victim of making a purchase from what you thought to be a legitimate online store? Is there a site that you’re unsure of and would like us to take a look at? Share your story or let us know in the comments!