Internetfifflaren Daniel Sundin

Del 14 av 22 i serien Bedragare och fifflare

Daniel Sundin och Shaileshkumar P Jain drev internetbedrägeri-företaget Innovative Marketing (IMI), som bara under år 2008 misstänks ha dragit in 1,4 miljarder kronor. Bolaget hade över 600 anställda, huvudkontor i Ukraina och filialer i Argentina och Japan. Personer i över 60 länder har lurats att köpa värdelösa virusskydd av Sundin och Jain.

IMI skapade program som via annonser från 7 olika falska reklamföretag på etablerade hemsidor infekterade flera miljoner datorer varje år. Annonserna spred enligt uppgift också skadlig kod till datorer. I de drabbade datorerna dök varningsmeddelanden upp om att datorn var utsatt för en attack, som ägaren bara kunde undvika genom att köpa virusskydd. Via en popup-ruta lurades internetanvändare tro att de fått ett virus eller drabbats av allvarliga datorproblem. Därefter erbjöds användaren att köpa programvaror med namn som Errorsafe och Drivecleaner för att lösa problemen. Dessa programvarar ska ha sålts till internetanvändare främst i USA, Sverige och Ukraina.

Enligt åtalet lyckades de tre åtalade sälja över en miljon falska antivirusprogram runt om i världen under perioden 2006-2008. Daniel Sundin är internationellt efterlyst och skriven i Sverige, hos sin föräldrar i Ängelholmstrakten. Han är åtalad av en domstol i Chicago. Innovative Marketing (IMI) i Ukraina ska vara stängt sen ett par år efter att U.S. Federal Trade Commission stämt bolaget för bedrägeri. Sundin uppges av svensk media vara en av FBI:s mest eftersökta internetbrottslingar vilket säkert kan stämma. Om han befinner sig i Sverige kan han dock känna sig relativt säker om att slippa bli utlämnad till USA. Istället kan han då ställas inför rätta i Sverige så några extrem strafflängder kan det nog inte handla om för Sundins del.

Det två kumpanerna fick kontak med varandra omkring åer 2001. Jain hade då en karrär med diverse mindre bedrägerier bakom sig:

By the time the dotcom bubble started to burst, Jain had staked out a career for himself on the shady boundary between Internet marketing and outright fraud. In 2000, apparently with money he won in Las Vegas by betting on football games, Jain cofounded a company called eFront, which purchased dozens of niche content sites and sold ads across the network. The concept was ahead of its time, and the Costa Mesa, California, company was quickly listed among the highfliers of the fading boom; analytics firm Media Metrix declared it one of the web’s 20 most trafficked networks. Less than a year later, eFront imploded after it was revealed that someone had submitted bogus data to Media Metrix. (Several coworkers say that Jain was the culprit, though he denied this at the time.) By spring 2001, eFront had shut its doors and Jain had moved to Hawaii to regroup.

It was around this time that Ross introduced Jain to Daniel Sundin, and the two quickly joined forces. Sundin had dropped out of school at 16 and then left his native Sweden for Arizona, where he made a living developing traffic-tracking software for porn websites.

IMI växte fort, genom experiment, påhittade antivirusprogam och mjukvarupaket plus uppköp av sajter för att komma åt kunddatabaser:

Over time, IMI transformed itself into an engine of innovation. The team was constantly experimenting, tweaking its security software packages — which ranged from antivirus programs to registry cleaners to firewall software — and marketing them under new names, like WinFixer, ErrorSafe, and DriveCleaner. The company tirelessly refined its marketing, sending customers ads for a variety of products and then conducting sophisticated statistical analyses to see which approach was most effective. One huge leap forward was the so-called scanner method, which IMI started using in mid-2005. A pop-up ad would offer a “free scan” of a user’s supposedly infected drive. Once the phony scanner announced its results — always bad — it provided a link to IMI’s software. It was an effective bit of social hacking: Because potential customers had already invested time in the “scan” and been duly frightened by it, they were much more likely to purchase the software.

IMI also used a series of tactics to make sure its advertisements were displayed on as many screens as possible. Soon after the Blaster worm made IMI a fortune, a former company executive says, Sundin paid roughly $3 million to buy a Costa Rica-based adult dating site, granting Sundin access to its millions of users worldwide.


Starting around 2007, the company cranked up both its aggression and its ingenuity. Leading advertising networks had banned IMI, so the company set up a series of fake online ad agencies that placed banners on popular websites, including those of The Economist, eHarmony, and Major League Baseball. IMI embedded the ads with hidden code, so if someone from inside the hosting site’s offices looked at them, they saw appeals from mainstream companies like Travelocity, Priceline, and Weight Watchers. But if regular users viewed the ads, they saw quickie come-ons for used cars or diet pills. When consumers clicked on an ad, it would redirect their browser to a site selling antivirus software or, worse, trigger an auto-download. All the while, IMI was engaged in an arms race against established antivirus companies, continually tweaking its software to make it unrecognizable to the databases of known threats.

To turbocharge sales, IMI made its scareware scarier. Now, instead of just being told that there were system errors, a user might see the message “A remote computer has gained access to your computer.” Worse, pop-up ads would announce that “Illegal porn content” had been “found on your PC” and display a gallery of thumbnail images purportedly discovered on the hard drive, a list of sites (, Asianteens .net) supposedly visited and detected on the computer, or a warning of “high risk to your career and marriage” — unless, of course, you coughed up money for drive-cleaning software.

Läs mer om internetbrottslighet: DN1, 2, 3, IDG1, 2, 3, 4, 5, NyTeknik, SVT1, 2,
Läs även andra bloggares åsikter om , , , , , , , , , , , , , , , , ,

Series Navigation<< Taxififfel, Martin Bynger, Sardar AlbarzindjiFifflarna – Värmlands Finans och Hells Angels >>