By Ted Twietmeyer
Before we talk about how AOL accounts opened without your permission and being spied upon, we must first look at one example of how your personal information can be obtained (i.e., "weaseled" out of you.) We often think web scams come from small-time back room operations. But this is not always the case as an experience by a friend has recently proven. It can all begin when someone thinks that earning money from home is a great idea.
In the past, unwary people responded to various classified ads for "stuffing envelopes at home." Many companies hired people sight-unseen to do the work. They promised to pay them after thousands of envelopes were returned to the company stuffed as instructed. Often the "employee" was required to pay a fee up front - almost for the "privilege" of working for the company. The fee became money they would never see again. Neither would a paycheck arrive in the mail. Most people caught by this scam never knew that high-speed machines have been doing this job for several decades. Therefore, they never asked why they would be hired in the first place - all they saw was a source of easy income. One doesn't need an MBA to realize that shipping charges alone incurred twice will far outstrip any economic benefits.
SURVEYS - THE DIGITAL EQUIVALENT OF ENVELOPE STUFFING
Survey forms are the digital equivalent of stuffing envelopes at home. There are countless survey websites, where the website's "member" supposedly answers endless questions forms and are compensate for doing so. One company known as "SurveyScout" charges members up front a $34.95 fee for website access to fill out market survey forms. The company claims they will "refund in full the fee for anyone not satisfied." This has been found to be another lie by a friend who put it to the test. Requests for a refund went unanswered. Google the search term "survey scout scam." As of 12/27/2005 you will receive 4,130 search results.
YOU MAY HAVE ONE OR MORE AOL ACCOUNTS WITHOUT YOUR
The Survey Scout website also claims that members are rewarded with free products, coupons, cash and other incentives for filling out an endless parade of web forms. Often the member spends up to an hour doing this exercise, only to find out the cash or incentive is the proverbial "carrot on a stick." These incentives are like the carrot held in front of a horse on an old cartoon to make him run faster. Websites do this by creating these complicated reward requirements which only appear after all the questions are answered for a survey. They create ridiculous requirements which no one can ever fulfill. When our friend attempted to reach Survey Scout and demand repayment, no phone number could be found. Their business address on their website is listed on the website as 6724 Perimeter Loop Rd., Dublin, Ohio. Neither Whitepages.com or switchboard.com can find a listing for a phone at that address. Emails to the company were also ignored.
To sell prospective members on the survey scam, they have a plethora of FAQs.
Shown below are two of the most pertinent to this article:
From Survey Scout FAQ #7 at http://surveyscout.com/faqsa.cgi?#17 :
"I'm concerned about privacy issues. Should I worry about this?
... we at SurveyScout do not, have not, and will not ever give your personal information to anyone (unless you ask us to)."
From Survey Scout FAQ# 8 at http://surveyscout.com/faqsa.cgi?#48:
" If I change my mind, can I cancel my account and get a refund?
If after reviewing the SurveyScout private members-only website and trying a few surveys you aren't thrilled with how easy we've made it to make some extra cash, just let us know within eight weeks and we'll give you a full money-back refund. You have nothing to lose."
Both of these are lies. Personal information in their possession caused an unauthorized AOL account to be opened. And the company cannot be reached to obtain a refund.
So how does all this fit in with opening an AOL account without your knowledge or permission? It began when a friend paid $34.95 to join Survey Scout. The payment resulted in the company having debit card information retained on their hard drive. This was sufficient information for Scout's automated software to send a bogus data transfer to AOL's computers, which in turn opened TWO accounts for the person without their permission. Of course, Survey Scout receives a commission for every AOL account they open. Once debit card information was passed on illegally to AOL, automated billing commenced and a debit was submitted to the bank for payment which was completed. In fact, our friend had their bank account debited not once, but TWICE in less than two weeks. It was discovered that the act of logging on to Survey Scout as a member to see what surveys were available triggered the fraudulent AOL sign-up. Our friend was able to discover this by looking at their bank account on-line. Otherwise it would not have been discovered until the next bank statement came out.
WHAT DOES AOL SAY?
When AOL was contacted, they were convinced the sign-up was legitimate and even a screen name was already assigned. Each time the AOL sign-up fraud occurred, the Survey Scout member's bank account was charged another $23.90. AOL's position is to contact their "fraud department," which resulted in a one hour wait on the phone. No real satisfaction was obtained. When our friend asked "did anyone actually log on to the account and use it?" their answer was "We don't have that information." This was another bald-faced lie, since they had all the personal information including our friend's address.
PROTECTING REMOTE ACCESS TO YOUR COMPUTER AND WHAT YOU CAN
DO RIGHT NOW
Many think that laws like HIPPA and other privacy laws protect people - but they do not. Often privacy laws actual end up creating a lack of privacy. Spy-ware and other programs silently and invisibly install on your computer, then load and run in the background. They programs self-load whenever you start up your system. These programs scan your computer for valuable marketing information. This can happen even with a firewall in place on the highest levels of security. These programs load through your web browser which already has firewall permission. Once a firewall gives access to any program, it will not closely scrutinize what that program does or files it transfers. Active X should be DISABLED or set to PROMPT in your browser option or security settings. Any software engineer will tell you Active X is like a "barn door" into your computer. Very few webpages will not load correctly without Active X running. Ads and banners are what usually require Active X to run. Also, be sure file sharing is turned OFF in your control panel. This is another barn door for remote access.
Rense.com does not use Active X for their webpage, and they are to be commended for this. Jeff's rense.com website proves that Active X is not required to create a great website. Plug-in programs like Adobe Reader, Windows Media and others may not launch unless Active X is allowed to run. If one needs to run these periodically for videos or to read documents, one can set Active X to "prompt" and allow it to run only when needed. It might make your surfing a little inconvenient when the "Run Active X Controls?" dialog appears, but this simple action will keep most spy-ware from ever loading into your computer. Spy-ware scanning and removal programs are available on the web, and there are websites that rate various programs. If your computer has been slowing down or freezing up, there is an excellent likelihood you have spy-ware running.
MORE ABOUT AOL
For years special AOL software has been a mandatory requirement on the user's computer for AOL internet access. But their bloated, over complicated software does far more than provide internet access. For example, a few years ago this author tested AOL to see just what it actually does at log-on. AOL software is without doubt, SPY-WARE of the worst kind. Whenever you surf the web, it records EVERY website URL you visit (and probably other web surfing data) into a file on your HD. When you log-on, AOL software displayed the message "Updating database..." (Today's software may display nothing at all.) But updating who's database? What it updates is AOL's database with YOUR DATA. A simple search of the HD using Windows file search function found a text file which used the AOL screen name for the filename. I immediately deleted AOL, and I will never use it again.
At the time of the test I was using dial-up access. The size of this spy-ware file directly relates to how long the "Updating database..." message was on the screen, as the file was being sent to AOL. For the test, I let the file grow in size from considerable surfing. After logging off and back on again, I timed how long the message was on the screen. It took about 4 seconds. I then deleted all the file's contents and logged on again. This time, the message was on the screen less than a second. The test was repeated several times with the same results. This proved the spy-ware theory that AOL is monitoring website surfing by sending back to AOL at log-on a list of all websites visited.
Other earlier versions of the AOL software were also found by the author to also have this URL file, and these also used the screen name as the filename. It is almost a certainty that current versions of AOL still have spy-ware in some form. This is a clear invasion of privacy - by stealing your surfing and other information, they can re-sell it as marketing information. AOL is most likely also performing front end data processing for big brother on their customers. The biggest insult of all is that they are charging users each month for the privilege of allowing AOL to spy on them. Any internet service provider that forces you to load "their software" will almost certainly do the same thing.
Two years ago, one of AOL's software engineers accessed their computers and sold more than 90 million email addresses for $100,000. But what about personal information - has that every been stolen and sold? If so, you'll never hear about it because AOL (like Yahoo) is now basically a civilian intelligence collection arm of Homeland Security. This is not conjecture, as they have already announced email scanning more than a year ago. Anyone who has ever worked with information systems already knows there are countless undetectable methods for employees to steal sensitive data.
We can summarize AOL problems in this way:
1. An AOL account can be opened without your permission. If they debit your checking account without your authorization, the burden of proof for both AOL and the bank falls upon YOU, not them. It isn't fair, but that's how life is in the information age. Banks don't question checking account debits - their computers approve them automatically unless you have a block in place first. You must go into your bank and sign a form to put a block on your account to prevent these automated transfers. But such a block if not specific, may prevent you from making legitimate electronic payments in the future.
2. If their automatic debits bounce your checking account, AOL has stated they will NOT reimburse you for bank charges. Even if their direct debit was UNAUTHORIZED. This was company policy according to an AOL telephone "agent" calling herself "Pam" who spoke almost unintelligible English, at 800 827 6364 on 12/27/2005.
3. AOL spies on you overtly. They don't encrypt their software's data collection files on your computer. It is also possible that the unencrypted URL data collection text file is also a "throw-away" - that is, a file put there for people to find and to distract the curious away from finding out what else they are really stealing. What we do not know at this time, is what other files in user's computers their proprietary software is copying and sending to H.S. A packet sniffer software tool is required to find out what other data they are STEALING.
4. AOL does NOTHING to monitor companies THEY AUTHORIZE to automatically open AOL accounts. This in itself encourages fraudulent accounts to be opened and unsuspecting people everywhere to be charged.
5. They openly admit they spy on user's emails, and without any doubt the company is sending copies of pre-filtered information to the government. And the ultimate insult is that people are PAYING to be spied upon, as though invading your privacy is an exclusive privilege you should pay for.
The question is - what other files in your computer are they copying when you log on? Does any user who pays AOL service fees every month, ever see a penny from this illegal invasion of privacy and selling your personal information? Of course not.
SOME OTHER AOL LAWSUITS
"AOL class action lawsuits piled up" according to one CNN headline. This lawsuit was about AOL blocking users from using other internet providers. The suit was quickly settled for $15.5 million in June 2005 according to consumeraffairs.com. This author asks: Did this settlement result in less than a dollar for each AOL user part of the suit?
"AOL failed to inform customers that installing the AOL 5.0 upgrade would make "dramatic changes" to their operating systems and would interfere with their ability to connect to competing ISP networks, according to a statement issued today by Hagens Berman, a law firm handling four of the lawsuits, including the two most recent filings.
AOL 5.0 promised users 500 free hours of faster, better Internet access," attorney Steve Berman said in Thursday's statement. "But in reality, many novice users found that once they installed AOL 5.0, removing the software was nearly impossible." 
A Florida judge approved a class action suit against AOL. The company was blocking web access while pop-ups were being loaded on the user's computer, and making the user pay for the time it required. 
"New York class action attorneys are accusing America Online Inc.'s Netscape subsidiary of eavesdropping on consumers who download software through its network. The law firm of Abbey, Gardy & Squitieri has sued AOL in federal court in New York, claiming that Netscape Communications Inc.'s SmartDownload software illegally monitors downloads of .exe and .zip files." 
February 25, 2002
A lawsuit accuses America Online with charging thousands of its customers for merchandise they did not order. The suit claims that AOL Shop Direct shipped products to customers even when they clicked the "no thanks" button on their screens. 
September 29, 2003
A consumer class action lawsuit accuses AOL of deliberately double-billing hundreds of thousands of customers through a deceptive scheme involving multiple screen names. The suit also names ICT Group, which operates customer service centers for AOL, a division of Time Warner. The lawsuit alleges that over the past two years, AOL has regularly double-billed many of its subscribers by creating what it refers to as "spin-off sub accounts." 
December 2, 2005
A lawsuit seeking to potentially cover hundreds of thousands of America Online subscribers accuses the Time Warner (TWX) unit of illegally billing customers by creating secondary accounts for them without their consent.
The lawsuit, filed last month in St. Clair County Circuit Court on behalf of 10 AOL customers in six states says the company confused and deceived customers about the charges, stalled them from canceling unauthorized accounts and refused to return questioned fees.
"AOL exploits its subscribers' confidential billing information to unlawfully generate additional revenue by charging subscribers for additional membership accounts that they neither order nor request," the lawsuit alleges, calling the scheme "common, uniform and continuing." 
AOL ARROGANTLY CLEARLY BELIEVES THEY ARE ABOVE THE LAW
All the above lawsuits (and I'm sure there are many more) show intentional actions against users. But this author has already shown that AOL invasion of privacy and monitoring is far deeper than just monitoring for .EXE and .ZIP files. It includes tracking web surfing, too. The question is - why wasn't this kind of spying included in the July 2000 lawsuit? Why was it hidden? It appears a compromise was reached, limiting the subject of the suit to two files types, instead of all file types. Perhaps this was to get them to settle out of court. It reeks of another "back room deal." After all, files ending in .DOC and .TXT contain far more information on what users are interested in than .ZIP or .EXE files, which are generally used mostly for programs.
What's needed is a criminal fraud and spyware suit against AOL executives that encompasses EVERY dirty little invasion of privacy and computer trick that violates the Bill of Rights. The suit should cover AOL's negligence to monitor those third party marketers who setup illegitimate accounts. As the expression goes, "hit em' in the wallet, right where it hurts." With the BILLIONS of dollars of revenue the company has, the few million that monitoring might cost them won't even be missed. And just eliminating one lawsuit would pay for the department's overhead. Are AOL company executives dollar wise and pound foolish?
Everyone, everywhere, MUST be vigilant to watch out for those that will steal your privacy. Privacy theft translates into stealing your money. And what about those surveys like Survey Scout that promise you'll make thousands of dollars? Don't get near any of them. The risk isn't worth it. Losing your privacy is like being stabbed in the stomach - taking out the knife won't take the pain away.
If someone walked up to you on the street and offered you $34.95 for your credit card number, would you give it to them? Going on-line and typing in your card number and having it stored on a file server somewhere is the same as doing just that.
Mr. Twietmeyer is founder of www.data4science.net and a frequent contributor to rense.com. He is also author of the controversial photograph-packed book "What NASA Isn't Telling You About Mars."
[Principles & Doctrines - Index]