26 June 2015

Singapore raid uncovers fake software sold as the genuine article in Asia Pacific

A fake COA featuring the product name printed on the label with no anti-copy security features.

Microsoft has revealed that the case of a reseller in Australia caught for possessing counterfeit Certificates of Authenticity (COAs) and other counterfeit software and components has been traced back to a supplier in Singapore. 

COAs are stickers or labels that are usually attached to the retail packaging of products such as Windows, Office or Windows Server to certify the software’s authenticity. While COAs have no commercial value and cannot be sold independently, they give the impression that the pirated software is licensed and legitimate when it is not.

A genuine COA features the product name printed on the label and also contains anti-copy security features such as: an interwoven security thread – this is built into the paper and random paper fibres are visible when the thread appears at the surface – and colour shifting ink, which changes from green to magenta when viewed from different angles. 

Earlier this month, the Intellectual Property Rights Branch (IPRB) of the Singapore Police Force raided the reseller’s retail premises at Sim Lim Square, where over 1,000 pieces of counterfeit Windows 8.1 COAs and another 1,000 counterfeit software and counterfeit components, worth an estimated S$167,000, were seized. This marked the largest counterfeit COA seizure in Southeast Asia to date, and the biggest cross-border counterfeit COA case involving Singapore.

Detailed investigations over the past few months has yielded evidence that the reseller has been distributing large quantities of counterfeit COAs to new and refurbished computer resellers located in Singapore and overseas. These resellers would then mislead consumers into believing that the pirated software installed in their devices are genuine. 

In this case, Microsoft was alerted by its team in Australia who had been investigating the case of a reseller selling over 500 pieces of fake COAs. The team subsequently traced this back to the the perpetuator in Sim Lim Square in Singapore.

Following the raid, Microsoft has issued an advisory to remind consumers and small businesses to be wary of hugely-discounted software offered by resellers, and to purchase software only from authorised retailers to avoid the unintentional purchase and use of counterfeit software. This advisory is also especially timely for consumers as Windows 10 will be available as a free consumer upgrade to qualified new and existing devices running genuine Windows 7, Windows 8.1 and Windows Phone 8.1.

Genuine software typically carry COAs featuring the product name printed on the label and containing anti-copy security features such as interwoven security thread and colour-shifting ink edge. 

"COAs deploy numerous security features that are usually hard to replicate but if the consumer does not pay attention, they may not realise what they had purchased is counterfeit and would have paid good money for fake software. As such, consumers must be extra vigilant when making their computer purchases. We strongly encourage consumers to make their purchases from a reputable computer dealer and insist on only genuine software in order to avoid any potential issues in the future,” said Jonathan Selvasegaram, Corporate Attorney, Digital Crimes Unit, Microsoft Asia.

“Software piracy has evolved and we are now seeing cross-border cases such as this where the fake COAs were found in Australia before tracing it back to the source in Singapore. While the motivation factor for purchasing counterfeit software in emerging markets boils down to cost, the situation in developed markets such as Singapore are different as we are seeing consumers being duped in believing that the software they are purchasing are genuine. Software piracy remains a major concern for everyone, because of the damage it could cause for unsuspecting users. Such software could expose computers to spyware, malware and viruses that can lead to identity theft, loss of personal data, and unexpected system failures. The risk is also very real for businesses as operational disruptions caused by malware and viruses could potentially lead to heavy financial losses for them.” 

According to data collated by the Microsoft Cybercrime Satellite Centre in Singapore, which serves as the Asia Pacific hub for Microsoft’s Digital Crimes Unit to undertake cybercrime and cybersecurity initiatives in the region, more than 4.1 million malware pings have already been detected from 8,400 Singapore IP addresses in this week alone. These pings indicate attempts by malicious botnets installed in these computers to contact the cybercriminals that are controlling them, presenting imminent threats to consumers and businesses located here. 

Additional analysis of the data revealed that the current top threat in Singapore and Southeast Asia is posed by the Bladabindi/Jenxcus (B106) botnet – a malware family that has the ability to steal sensitive information from users. If the malware is not being actively disrupted, unsuspecting consumers and businesses could face the potential loss of important information that might fall into the hands of malicious cybercriminals.

Separately, a joint study conducted by International Data Corporation (IDC) and the National University of Singapore (NUS), titled 
The Link Between Pirated Software and Cybersecurity Breaches, released in March last year, found that enterprises in Asia Pacific (APAC) are expected to spend nearly US$230 billion to deal with issues caused by malware deliberately loaded onto pirated software. The majority of the cost (US$170 billion) will go into dealing with data breaches, while the remainder will be utilised to deal with security issues. In addition, the study revealed that 65% of APAC consumers survey said their greatest fear from infected software is the loss of data, files or personal information, followed by unauthorised Internet transactions (48%) and potential identity theft (47%).

”The majority of businesses in the Asia-Pacific region do not have a full understanding about the security and malware risks that counterfeit and unlicensed software brings, and that needs to change with urgency. According to our BSA Global Software Survey conducted last year, a striking 62% of software installed on computers in this region in 2013 were not properly licensed – this represents a 2% increase over the same figure in 2011. While Singapore has one of the lowest rates of unlicensed software use in the Asia-Pacific region, it is still important for both consumers and businesses to be vigilant in face of the rising security threats and increasing sophistication of cybercrime across the world,” said Tarun Sawney, Senior Director – Asia-Pacific, BSA | The Software Alliance.

Singapore has one of the most stringent copyright laws where offenders, if found guilty in the court of law for the manufacture for sale, sale of infringing copies and possession or importation of infringing copies, are liable to a fine not exceeding S$10,000 for each infringing copy, up to a total of S$100,000 per charge, or imprisonment for up to five years. Offenders may also be liable to both a fine and imprisonment if found guilty.


Verify the origin of Microsoft products at the Microsoft website.

Read the WorkSmart Asia blog post about a Microsoft raid in 2014.

Read the TechTrade Asia blog post on IDC-NUS study about the cost of malware in pirated software.