FindLaw's Common Law

FindLaw's Common Law

Consumer protection legal news from

July 2014

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

FindLaw Blogs

FindLaw Blotter
Free Enterprise
Law & Daily Life

If you're looking for information on common law marriage, please visit the Common Law Marriage section on FindLaw.

Don’t Click on That Picture! It May Contain Malware

Most Internet users are well aware that suspicious links and fishy-sounding emails may actually be attempts to gain access to your personal information or infect your computer with a virus.

But what a lot of Internet users don't know is that even something as simple as an image on your computer screen could contain malware. These programs, when downloaded to your computer, can potentially be used to steal sensitive information, leading to identity theft or at the very least compromised computer security.

How does this image-based malware work?

Steganography Made Simple

The most recent cases of images containing malware used a process called steganography, which hides a message or file inside another file, such as an image.

In a recent string of computer infections, seemingly harmless images of cats and beautiful sunsets, usually sent via email, contained malware which was downloaded onto the users' computers as a JPEG file when the users clicked on the images. This made the file appear to be just another image, perhaps one that may have gotten saved in the wrong place.

But hidden inside this JPEG file, reports digital photography site PetaPixel, was malware. The malware in these images was programmed to bypass security systems on users' computers and steal log-in information entered online, such as the usernames and passwords for online banking websites.

Watch for Double Extensions

Another possible way for image-based malware to infect Windows computers is through the use of double extensions.

According to PCWorld, this method takes advantage of Windows' file-naming conventions by adding two extensions -- the letters that identify the format of a file -- to the end of a file, such as "picture.jpg.exe."

While most Windows computers will display the file as an image using the .jpg extension, it's actually an .exe file, which denotes an "executable program." This means that as you're viewing the image, a malware program is being downloaded onto your computer and likely attempting to mine your sensitive personal data or take control of your computer.

How to Prevent Being Infected by Image-based Malware

Luckily, there are some simple steps you can take to prevent being duped by these dangerous images:

  • Don't click on images in suspicious e-mails. Just like links, you should consider any image in a suspicious email a direct digital doorway to infection.
  • Keep your software up to date. Computer companies and software makers are constantly upgrading their products to protect against new threats. Keeping up with these updates will keep you from getting left behind and potentially exposed to dangerous malware and viruses.
  • Change your settings and pay attention to file extensions. If you are on a Windows computer, change your default setting to show you the extensions of files that are being downloaded, to protect against the double extension trick. Any time you see a file ending in .exe, be especially cautious.

Regardless what operating system you use, be aware of the types of files you should and shouldn't download. One picture could be worth a lot more than 1,000 words to an identity thief.

Related Resources:

CPSC’s Buckyballs Recall Includes $375K in Refunds

After a protracted legal battle, the maker of Buckyballs and Buckycubes have agreed to fund a recall of the controversial desk magnets.

Many major retailers previously agreed to independently recall Buckyballs after the Consumer Products Safety Commission sued Maxfield & Oberton, the company that manufactures the magnets, in 2012. However, the now-dissolved Maxfield & Oberton and its former CEO Craig Zucker had previously refused to recall the products, despite multiple reports of serious injuries to children caused by swallowing the magnets.

What led to CPSC's successful recall of the magnets, and how can those who bought Buckyballs or Buckycubes go about getting a refund?

2012 CPSC Lawsuit Against Maxfield & Oberton

The CPSC first recalled Buckyballs in 2010 because of insufficient age warnings on the product's packaging and reports that, at the time, two children had swallowed the magnets.

Maxfield & Oberton took part in the 2010 recall. But in 2012 the CPSC filed a lawsuit against the company, claiming that Buckyballs, which were still being sold by the company, continued to have insufficient warnings and design defects that could pose a risk of injury.

2014 CPSC Lawsuit Against Zucker

By 2012, reports of children suffering severe intestinal injuries by swallowing the magnets had begun to make headlines. Facing a costly recall, Zucker dissolved Maxfield & Oberton in Decemeber 2012.

In 2013, the CPSC took the unusual step of naming Zucker personally in a lawsuit seeking to cover the cost of recalling Buckyballs and similar magnet products. As part of his agreement with CPSC, Zucker has pledged $375,000 to pay for refunds of the recalled product.

How to Get a Refund

Consumers who wish to pursue a refund should go to the Buckyballs Recall Website. Consumers who submit a signed proof of claim form and ship the products back to the Recall Administrators will receive a refund of up to the price of purchase as well as reasonable shipping costs.

Receipts are not necessary, but the recall website notes that the recall is only available to consumers, not retailers of the recalled products.

Related Resources:

Safest Used Cars for Teens: IIHS Issues Top Picks

The Insurance Institute for Highway Safety, an independent safety group, has released its top picks for the safest used cars for teens.

The group is known for its yearly Top Safety Pick list, ranking the safety of new cars. But after a phone survey revealed that 83 percent of parents who bought a car for their teen bought a used vehicle, the group decided to compile a list of the safest, most affordable used vehicles for teens.

Recommendations Follow 4 Principles

According to the group's report, the list of recommendations follow four general principles:

  • Young drivers should steer clear of high horsepower vehicles;
  • Bigger vehicles are generally safer than smaller vehicles;
  • Electronic Stability Control (ESC) is a must-have feature; and
  • Teens' vehicles should have high safety ratings from both IIHS and the National Highway Traffic Safety Administration.

In general, the IIHS says parents should seek out midsize or larger cars, SUVs and minivans that offer ESC, side airbags, and low horsepower. The group also notes that SUV's not equipped with ESC are more prone to rollovers and may be more dangerous.

Top Picks Broken Into 2 Price Tiers

The IIHS's top picks were broken into two tiers: cars under $20,000 and cars under $10,000, based on 2014 Kelly Blue Book value. In each, the results were separated into separate categories for large cars, midsize cars, small SUVs, midsize SUVs, large SUVS (under $20,000 only), and minivans.

Here are the IIHS' Top 3 vehicles in each of those categories under $20,000:

  • Large cars: Saab 9-5 sedan (2010 and later), Lincoln MKS (2009 and later), Buick Regal (2011 and later).
  • Midsize cars: Toyota Prius (2012 and later), Mercedes-Benz C-Class sedan (2009 and later), Honda Accord sedan (2012 and later).
  • Small SUVs: Honda CR-V (2012 and later), Kia Sportage (2011 and later), Hyundai Tucson (2010 and later).
  • Midsize SUVs: Volvo XC60 (2010 and later), Saab 9-4X (2011-12), Toyota Highlander (2008 and later).
  • Large SUVs: Buick Enclave (2011 and later), GMC Acadia (2011 and later), Chevrolet Traverse (2011 and later).
  • Minivans: Chrysler Town & Country (2012 and later), Honda Odyssey (2011 and later), Toyota Sienna (2011 and later).

And here are the IIHS' Top 3 vehicles in each category under $10,000:

  • Large cars: Acura RL (2005 and later), Mercury Sable (2009), Kia Amanti (2009).
  • Midsize cars: Subaru Legacy (2009), BMW 3-Series sedan (2006 and later), Mazda 6 (2009 and later).
  • Small SUVs: Nissan Rogue (2008 and later), Ford Escape (2009 and later), Mazda Tribute (2009 and later).
  • Midsize SUVs: Mazda CX-9 (2007 and later), Ford Edge (2007-2010), Hyundai Veracruz (2007 and later).
  • Minivans: Volkswagen Routan (2009-2011), Dodge Grand Caravan (2008-2011), Chrysler Town & Country (2008-2011).

The full list of the IIHS' safest used cars for teens can be seen at the IIHS website.

Related Resources:

Beware ‘Check Overpayment’ Scams When Selling Online

It's a classic online scam: A buyer who lives far away sends a check for more than the asking price, usually followed by a request for some of the money back.

When unsuspecting sellers play along, they almost always end up getting burned when it's discovered that the check is fake and the money is long gone.

Craigslist has become especially fertile ground for scammers employing this method. In one recent case, a Colorado woman selling her car Craigslist was contacted by an out-of-town buyer who sent her a check for more than the asking price, purportedly to "hold the car." The woman figured out she was getting scammed when she tried to cash the check and found out it was fake, Colorado Springs' KKTV reports.

A Fake-Check Checklist

According to the Federal Trade Commission, the woman in this case was lucky. Often it's not until several days or weeks after the check is deposited that a victim discovers the check is no good. By then, any money the victim has "refunded" or any items that have been shipped or sold to the scammer are long gone.

What can you do to prevent being victimized by these check scams? Here are a few tips:

  • Never accept checks for more than the asking price. This should be a red flag. Scammers are great at crafting legitimate-sounding stories, but you should be firm in only accepting checks for the proper amount.
  • If you're going to accept checks, ask for a check from a local bank. Dealing with a local bank will allow you to visit the branch in person to find out if the check is real.
  • Never wire bank funds, for any reason. If a buyer asks you to wire back any portion of the sale price, you are almost certainly being scammed. Stop the transaction immediately.

What to Do If You've Been Scammed?

If you believe you've been or are being scammed, you should immediately contact your state's attorney general's office. You can also file a complaint with the FTC using the agency's online complaint assistant.

Related Resources:

Chrysler Recalls: Mirror-Light Fires, Ignition-Switch Problems

In case you missed it, Chrysler has announced two recalls affecting more than 1.5 million of the company's Dodge, Jeep, and Chrysler vehicles.

The latest recall affects almost 900,000 of the company's sport utility vehicles, while the earlier recall involves nearly 700,000 additional vehicles. Here's what you need to know:

Mirror-Light Recall: More Than 60 Fires Reported

The SUV mirror-light recall was issued Friday, after an investigation found faulty wiring in SUV vanity mirror lights posed a fire risk. Shorts in the mirror's wiring have so far led to three injuries and more than 60 fires, reports The Detroit News.

The SUV recall covers some 2011-2014 model year Jeep Grand Cherokees and Dodge Durangos. The fires reported so far have all occured in vehicles that have had their vanity mirrors serviced; wiring for the mirror light may be short-circuited during reassembly due to positioning of wires.

Chrysler will install a wire guide for the mirror wiring to prevent the wiring from falling out of position and being pierced by screws during the reassembly process.

Ignition-Switch Recall

The other recall, issued last week, expands the company's previous recall of vehicles that may have a faulty ignition switch by an additional 695,000 vehicles, reports Reuters.

The Chrysler ignition-switch recall now covers almost 900,000 vehicles including: 2008-2010 Dodge Grand Caravans, 2008-2010 Chrysler Town & Country minivans, and 2009-2010 Dodge Journey crossover vehicles.

Similar to the wide-ranging current recall of General Motors vehicles, the Chrysler recall involves ignition switches that may inadvertently turn the engine off while the vehicle is being driven, disabling airbags. Chrysler said that two crashes have so far been reported in the affected models, but that no injuries were caused in the crashes.

Consumers with questions can call Chrysler at (800) 853-1403. If you have a vehicle that is part of the recall or have been involved in a crash that may have potentially been linked to a recalled vehicle, an experienced motor vehicle defects lawyer can help explain your legal options.

Related Resources:

FTC Sues Amazon Over Kids’ Unauthorized In-App Purchases

On the heels of its recent lawsuit against T-Mobile for unauthorized charges on customers' bills, the Federal Trade Commission is now going after Amazon for millions of dollars in allegedly unauthorized in-app charges made by children.

According to the FTC, the agency has filed suit against Amazon seeking refunds for unauthorized charges made by children on Amazon mobile devices without a parent's consent. The lawsuit also seeks a permanent injunction on Amazon's practice of billing parents for these allegedly unauthorized in-app charges.

Password Not Required for In-App Purchases

Amazon began allowing in-app charges with no password requirement for apps in the Amazon Appstore in November 2011, including many games that appeal to children, according to the FTC's complaint. Many of these apps were games that allegedly encouraged children to acquire virtual items, but often did not clearly distinguish between items that cost virtual money and those that cost real money.

Internal communications at Amazon, obtained by the FTC, showed that as early as 2011, Amazon employees noted that unauthorized in-app purchases were "clearly causing problems for a large percentage of our customers." However, the FTC alleges Amazon continued to allow the in-app charges with no password requirement. An update in March 2012 required a password only for charges of $20 or more, but still allowed unauthorized in-app purchases in some situations, the FTC claims.

In June of this year, Amazon changed its system to require authorization for all in-app purchases. But according to the FTC's complaint, Amazon refused to refund a majority of the millions of dollars' worth of unauthorized charges, even for the thousands of parents who have complained to the company about charges incurred by children -- some of whom did so by clicking "a lot of buttons at random."

'Expanding Mobile Area' Is Focus of FTC Efforts

The allegations in this complaint are also similar to allegations made by the FTC against Apple earlier this year. In that case, following an FTC complaint being filed, Apple agreed to refund more than $30 million in purchases made by children without authorization.

Under the terms of that settlement, Apple was also required to change its billing process to inform consumers any time they were being charged for an item sold in an app.

In announcing a settlement in the Apple case in January, the FTC noted that "the rapidly expanding mobile arena has been a focus of the Commission's consumer protection efforts."

If you have a consumer complaint or any unfair or fraudulent business practice, you can call the FTC complaint hotline at (877) FTC-HELP (877-382-4357) or file a complaint online.

Related Resources:

Foster Farms Recalls Chicken Amid Outbreak: What Took So Long?

California chicken producer Foster Farms has issued a recall for 170 different chicken products originating from the company's Fresno facilities in March for possible salmonella contamination.

The products affected by the recall include drumsticks, thighs, chicken tenders, and livers under various labels including Foster Farms, FoodMaxx, Kroger, Safeway, Savemart, Valbest and Sunland. According to The Associated Press, the products were distributed to California, Nevada, Idaho, Utah, Oregon, Washington, Alaska, Arizona, and Hawaii; they all have "use or freeze by" dates from March 21 to March 29 of this year.

Why is this recall just happening now? And how does it relate to the ongoing salmonella outbreak that's sickened nearly 600 people in 27 states?

Direct Link to Salmonella Case

The recall was issued after USDA lab tests confirmed that Foster Farms chicken was the source of salmonella that sickened a 10-year-old girl. According to LA Weekly, the girl's family bought the chicken on March 16, the girl ate it April 29, and began to show symptoms of food borne illness on May 5. The USDA recovered the remainder of the chicken for testing on June 23 and found a molecular match between the bacteria on the chicken and the bacteria infecting the girl.

Although the USDA shut down three Foster Farms plants last year for unsanitary conditions, the most recent case is the first direct link to Foster Farms from the widespread salmonella outbreak. A similar strain of Salmonella Heidelberg, an antibiotic-resistant strain of the bacteria, is implicated in the broader outbreak, but this is the first recall to be issued by the company.

Why Did It Take So Long?

A quirk in food safety law allows raw chicken to contain salmonella as a "naturally occurring substance." Thus, the FDA has no power to compel a mandatory recall for salmonella found in chicken and must instead rely on manufacturers to issue voluntary recalls, as happened with the most recent Foster Farms recall.

To address this perceived shortfall, a bill has been introduced into the U.S. House that would allow the USDA to recall meat, poultry, or eggs contaminated by any bacteria that's resistant to two or more "critically important antibiotics," reports LA Weekly.

A full list of products affected by the Foster Farms recall is posted on the USDA's Food Safety and Inspection Service website.

Related Resources:

Facebook Slapped With FTC Complaint Over Emotion Study

Facebook has been hit with an FTC complaint over its controversial study conducted on the emotions of users, allegedly without their consent.

The Electronic Privacy Information Center (EPIC) filed a complaint with the Federal Trade Commission alleging that Facebook secretly misused user data to conduct psychological experiments, which was not covered at all by the site's Data Use Policy. As Facebook settled with the FTC less than three years ago over its privacy policy, this new experiment on users may violate that settlement agreement.

What do Facebook users need to know about this FTC complaint?

Unauthorized Experiment or Innovation?

Facebook took a bit of a PR hit last week when media outlets publicized an experimental study secretly conducted on 689,003 Facebook users by researchers at Cornell University and the University of California San Francisco. Researchers studied how Facebook users were affected by slightly more depressing posts in their News Feeds.

A company purposely trying to depress hundreds of thousands of people? Strange. But critics were more steamed that this experiment wasn't part of Facebook's privacy or data policies. In response, Facebook mostly stood its ground, with Facebook COO Sheryl Sandberg explaining that the experiment was simply "poorly communicated," reports TechCrunch.

USA Today reports that Facebook doesn't believe this experimental use of user data was done without permission, regardless of "whether their privacy policy uses the word 'research' or not." Since it's now been more than 10 years of having Facebook in users' lives, one might expect the company to be more transparent about this kind of data use, or at least more repentant.

Violation of FTC Settlement Order?

This isn't the first time that Facebook has come under the FTC's scrutiny for privacy violations. The social media giant settled with the FTC over claims of deceptive use of personal data in late 2011, giving the impression that it had learned its lesson. As part of the settlement, Facebook doled out $20 million in settlement funds and agreed to revamp its privacy policy under FTC supervision.

But as the EPIC complaint alleges, this earlier FTC settlement "prohibits Facebook from misrepresenting the extent to which it maintains the privacy or security of covered information," especially when it is being given to third parties.

Sounds like Facebook may have some explaining to do before the FTC brings down the hammer.

Related Resources:

FTC: T-Mobile ‘Cramming’ Bills With Bogus Charges

The Federal Trade Commission is accusing T-Mobile of placing bogus charges on its users' bills, adding up to hundreds of millions of dollars.

In a complaint filed Tuesday in federal court, the FTC claims T-Mobile allowed its customers to be victimized by third-party billing schemes known as "cramming." According to the FTC's complaint, T-Mobile retained up to 40% of the amount charged to customers by these third-party companies.

What is 'Cramming'?

"Cramming" is the name given to unauthorized subscription services added to phone bills such as horoscopes, ringtones, trivia, celebrity gossip, and dating tips. The charges for these services are typically for a small amount -- $9.99, for example -- an often go unnoticed on users' bills.

In the case of T-Mobile, the charges were further hidden in users' bills, the FTC asserts. On mobile bills, these third-party billing services were classified as "use charges":

  • For T-Mobile users who receive bills online, clicking on the "use charges" field in their online bill would show a charge for "premium services" with no further explanation.
  • Those receiving paper bills -- often 50 pages or more in length -- were charged for these services under the similarly vague "usage charges," with what the FTC characterized as inadequate captions that failed to explain the origin of the charges.
  • Prepaid phone users were billed from their prepaid amounts for with no notification.

How to Avoid Being 'Crammed'

The FTC advises consumers to take some simple precautions to avoid being victimized by third-party subscription services. For example:

  • Don't provide your mobile number to suspicious websites. Entering your mobile number on an unsecured website could allow it to be compromised.
  • Watch for strange/unsolicited text messages. A strange text message can be a red flag that your number has been compromised. If you receive unsolicited texts from unknown numbers, be sure to check your next phone bill for possible fraudulent charges.
  • Tell your carrier to block third-party charges. Many mobile phone carriers allow you to block third-party services from your phone bill for free.

If You Suspect 'Cramming' On Your Bill...

Mobile phone users who find suspicious charges on their bill should first ask their carrier to explain the charges and provide information on how to dispute them.

If that doesn't solve the problem, consumers can file a complaint with the FTC online or by calling (877) FTC-HELP (877-382-4357).

Related Resources:

6 New GM Recalls: 7.6M U.S. Vehicles Affected

General Motors has announced six new recalls affecting about 7.6 million U.S. vehicles after reports of crashes, injuries, and deaths.

Most of the vehicles are being recalled over the same ignition-switch problem linked to at least 13 deaths in some compact models made by GM, the Detroit Free Press reports. Other vehicles are being recalled to fix separate potential safety issues.

The new GM recalls follow reports of seven crashes, eight injuries, and three fatalities, but a GM press release emphasizes "[t]here is no conclusive evidence that the defect condition caused those crashes."

Many Makes, Models Affected

The recalls cover:

  • About 6.8 million vehicles for the ignition-switch issue, including Chevy Malibu, Oldsmobile Intrigue, Oldsmobile Alero, Pontiac Grand Am, Chevy Impala, Chevy Monte Carlo, and Pontiac Grand Prix models from 1997 to 2008;
  • More than 554,000 Cadillac CTS (from model years 2003 to 2014) and Cadillac SRX models (model years 2004 to 2006), also for the ignition-switch issue;
  • Nearly 182,000 Buick Rainier, Chevy TrailBlazer, GMC Envoy, Isuzu Ascender, and Saab 9-7x vehicles (from model years 2005 to 2007), along with Chevy TrailBlazer EXTs and GMC Envoy XLs (from 2006), for a possible electrical issue that may affect power lock and window switches;
  • More than 9,000 Chevy Silverado HD and GMC Sierra HD models from 2007 to 2011, for a potential electrical issue that could result in smoke or fire;
  • Nearly 3,000 Chevy Cruze, Chevy Sonic, Chevy Trax, Buick Encore, and Buick Verano vehicles from 2011 to 2014, for a possible engine block problem; and
  • About 100 Chevy Camaro, Chevy Impala, Buick Regal, and Cadillac XTS models from 2014, for a potential joint-fastener issue.

Details on these six GM recalls can be found alongside GM's recall announcement.

What Can Consumers Do?

For owners of vehicles recalled over the ignition-switch issue, GM advises that "customers remove all items from their key ring, leaving only the vehicle key ... the key fob, if present, should also be removed from the key ring." Owners of all recalled vehicles will receive information about repairs in the coming weeks.

If you're affected by this recall, you may also want to reach out to an experienced motor vehicle defects lawyer to see if you have a case. Anyone injured or killed in a crash linked to a defective vehicle can potentially receive compensation for damages such as medical bills and lost wages; even those who suffered only "economic harm" (such as a loss of resale value) may also be entitled to compensation.

Related Resources:



Common Law Vanguard Panel

The following firms have assisted the FindLaw editorial team in identifying emerging trends in consumer protection law and topics of importance to readers of this blog: