Two California women have sued security company McAfee, accusing it of duping customers into subscribing to third-party services and passing consumers' credit or debit card information to the service supplier without their permission.
The lawsuit, which was filed by Melissa Ferrington and Cheryl Schmidt, asked a San Francisco federal court to grant the case class-action status, and demanded that McAfee be barred from continuing the practice. The pair also asked for compensatory and punitive damages, which would be decided at trial.
When customers purchase McAfee security software online, but before the download begins, a pop-up with a large "Try It Now" button appears.
"The pop-up, mimicking the look of the other pages on the McAfee site, thanks the customer for purchasing McAfee software, and prompts McAfee's customers to click a red button to 'Try it Now'," the lawsuit alleged. "The pop-up contains no obvious visual cues or conspicuous text indicating that it is an advertisement for another product, or that clicking on 'Try it Now' will lead not to the delivery of the McAfee product but rather to the purchase of a completely different product. Instead, all the visual cues suggest that 'Try It Now' is a necessary step in downloading the McAfee software."
By clicking on the pop-up, users agree to a $4.95 per month fee charged by Arpu, a company that creates web ads "enabling an advertised product or service to be obtained with a single click," according to the Washington DC firm's website .
Arpu's site lists McAfee as one of its partners. "Whenever a McAfee customer completes a purchase on McAfee.com, an ad will appear for a related product or service. Interested customers can choose to subscribe to the product or service using the billing method just entered in their recent McAfee.com purchase," reads Arpu's site . "This convenience to the customer streamlines the purchase flow and increases the overall conversion rate."
Ferrington and Schmidt said that they were billed $4.95 per month for a service described on their credit card statements as "PERFECTSPD," a reference to the PerfectDisk Live online disk defragmentation service sold by Raxco Software.
"A single click on the deceptive pop-up causes the purchase of an unwanted product from Arpu, a sale made without the knowledge or authorisation of customers, using credit/debit card billing information that they have entrusted solely to McAfee," said the lawsuit.
Schmidt alleged that when she called McAfee to complain, she was told "they could not do anything about the charge," the lawsuit stated.
The lawsuit claimed that McAfee violated several state and federal business practice and consumer protection laws.
McAfee did not respond to a request for comment.