If you've been around computers for any length of time you've probably encountered scareware -- malware that infects your computer, pops up a warning saying your machine has a virus, then directs you to a Web site where for just $49.95 you can download an anti-virus program that will fix all your problems. Fall for this ruse and you will have entered one of computing's minor hells. The best case in this scenario is that you will have dropped 50 bucks on software that does nothing; the worst case is it could infect your computer with something worse -- and oh, by the way, the scammers now have your credit card number.
iYogi isn't scareware. But the support firm uses the tactics of scareware to aggressively grow its customer base. I know this because they tried to do it to me.
Yesterday I called iYogi to see if they could revitalize an increasingly sluggish Windows XP-based netbook I've been schlepping around with me for the last two years. I learned a lot from the call, but not so much about my machine.
A support tech name Sanjib answered almost immediately. Sanjib told me to visit an iYogi Web site and download software that would let him operate my PC remotely. When I asked if I could just let him work on his own and call me back when he was done, he insisted I stay on the line. I found out why later.
Things seemed to go well at first. He ran through the usual checks of temp files and disk partitions. But I started to get suspicious when he told me I didn't have any security software on my PC. No, I said, I use Kaspersky Pure. See that red K with the arrow in my Windows Tray? I said. That's Kaspersky. Sanjib seemed unconvinced.
Things really started to get funky when he launched Windows Task Manager, showed me the applications I had running (5), then the processes currently active (52), and tried to convince me that I had somehow "picked up" the extra processes by going out onto the Internet unprotected.
Are you trying to tell me I've got 47 pieces of malware running on my system at the moment? I asked, trying to restrain my incredulity. No, he said, not malware. But he continued to insist I had picked them up somewhere on the Internet, despite my attempts to point out that Windows would stop running if I halted most of these services.
Sanjib spent another 10 minutes trying to convince me how very sick my computer was, then ran a "diagnostic program" that was supposed to detect all the problems I had been blissfully unaware of. The program discovered that I did not have anti-spyware software installed (untrue) and then crashed. He ran the program again. It crashed again at the exact same place. There, he said. The bad files on my computer were keeping his diagnostic software from working. I really needed help.
That's when he laid the sales pitch on me, 40 minutes into the call: $429 for three years of protection, $320 for two years, $170 for one. If I wanted to clean up my PC, I had to buy in for at least a year. I had no other options.
I said no thanks. He said, wait a minute, let me talk to my supervisor. Then he came back with a cheaper deal: Two incidents per year, $100 flat fee. No thanks, I said, I'll pass. That's when Sanjib abruptly ended the call.
I felt like I had just fought off a time share sales pitch -- and I didn't even get a free toaster out of it.
For contrast, I then called McAfee's TechMaster support service about the same computer. Granted, I had a comp account, so there was no need for a sales pitch. But support tech Philip was competent and efficient, cleaned up my temp files and other problems within a few minutes, ran a virus scan (no malware detected, thank you very much Sanjib), and gave me some good advice on what programs to uninstall and how to squeeze more performance out of my system.
To be fair, my sister in law went through this same process with iYogi after her laptop got infected with a Trojan Horse last year. She got the same hard sell, only she said yes. And she says she's been happy with the service ever since. So maybe iYogi actually is competent, once you get past the BS sales pitch. But I kinda doubt it: The Better Business Bureau gives iYogi a solid F, citing 123 complaints over the last three years -- most of them about poor service, and the rest about aggressive sales tactics or billing issues.
Naturally I couldn't let this go, so I did some Googling. That's when I ran across an account by
the Washington Post's KrebsOnSecurity blogger Brian Krebs that was eerily similar to mine. iYogi was providing support for Avast anti-virus software, only it was putting the same kind of high-pressure squeeze on Avast's customers. Krebs did his own call with iYogi and ended up exactly where I did -- fending off fake claims of virus infections on his system, accompanied by an aggressive sales pitch.
After Krebs' story posted, Avast suspended its use of iYogi. The India-based support company apologized and blamed "an overzealous salesperson" for "miss-selling" its product. My personal opinion: This was hardly a mistake, this was a tactic. Ten minutes into my call it was obvious to me that my "support tech" was following a script.
The most chilling thing to me about this is not that iYogi was using scareware tactics to sell its products, it's how iYogi practically owns Google. Nearly every result on the first three pages of searches for iYogi are sites owned by iYogi. Searches for "iYogi complaints," "iYogi reviews," and "iYogi scams" lead nearly always to URLs controlled by iYogi, or anonymous blogs that appear to be little more than shills for the company. The company even owns iYogicomplaints.com, a message board where people can bitch about iYogi (and which collects your name and email address). Why would iYogi do this? Well, owning the people who complain about you is one way to contain the damage, as well as keep folks with actual authority from doing anything about it.
I am not a lawyer but it sure sounds to me like iYogi's sales tactics fall under the FTC's charter to "prevent business practices that are anticompetitive or deceptive or unfair to consumers." They're certainly unethical, and they've been going on for quite some time. The question is, now that iYogi has been caught in the act, will it stop trying to take advantage of novice users by trying to scare the bejesus out of them? Or will it wait til the hubbub dies down and then quietly resume its "overzealous" tactics?
Before publishing this post, I asked iYogi's president of global channel sales, Larry Gordon, to respond. His response is too long to publish in full, but here are the most relevant bits:
In a new service category of selling vendor independent remote tech support services, we provide consumers with free diagnostics for their problem and use this service experience to upsell our subscriptions. The intent is to make the customer aware of the cause and resolution to the problem. Scaring people is certainly not an acceptable practice....
iYogi complaints is a website where people who are unhappy with our service can complain about their service issue. It helps us improve and catch flaws. We monitor this and other websites 24 hours a day, and then reach out and resolve any grievances. This also helps us verify the authenticity of the posts since the customer in most third-party sites is not identifiable and many complaints are motivated....
Every interaction is important in creating our brand, especially with people who do not purchase our service, in the hope that they would contact us again. I acknowledge that every experience may not live up to the promise. We are busy trying to fix that and would request you to give us another try in a couple of weeks.
Got a question about social media? TY4NS blogger Dan Tynan may have the answer (and if not, he’ll make something up). Visit his snarky, occasionally NSFW blog eSarcasm or follow him on Twitter: @tynanwrites. For the latest IT news, analysis and how-to’s, follow ITworld on Twitter and Facebook.