Federal authorities say a group of scammers that "bilked millions" from US consumers with pop-up ads and hijacked Web browsers has been sued by the Federal Trade Commission.
The scheme, which operates under the name Global Access Tech Support, used pop-up ads that told consumers their computers were "hacked, infected, or otherwise compromised," according to the FTC complaint (PDF)published yesterday. Consumers are then instructed to call a toll-free number in the message. The pop-ups "are typically designed so that consumers are unable to close or navigate around them, rendering consumers' web browser unusable."
Anyone who calls the toll-free number is connected to telemarketers in India, who then roll out a sales pitch explaining that the caller's computer is "in urgent need of repair." The telemarketers claim they're affiliated with either Microsoft or Apple or are "certified" by those companies.
If they're still along for the ride at this point, users are directed to a website that prompts them to begin a remote access session. The telemarketers gain access to the computer and "run a series of purported diagnostic tests, which, in reality, are nothing more than a high-pressured sales pitch designed to scare consumers into believing that their computers are corrupted, hacked, otherwise compromised, or generally performing badly."
On Windows-based machines, those tests involved displaying the computer's Event Viewer and Microsoft's Configuration Utility ("msconfig"). The telemarketers find messages in Event Viewer that say "Error" and "Warning," then convince the consumer it's evidence of a problem that they can fix. FTC investigators used an FTC computer that was verified to be free of viruses and malware to interact with at least one "tech support" telemarketer.
Messages reading "error," "warning," or "stopped" in Microsoft's Event Viewer are often produced in the normal course of operations, but they're scary enough words that they can be used to trick users into believing that their computers are broken and in need of repair.
At that point, the scammers ask for a credit card number or bank account number to process an electronic check. After charging, the "tech support" team spend an hour or two logged in to consumer computers to perform "repairs" that the FTC says are "unnecessary or even harmful."
The FTC's complaint was filed earlier this month in the Eastern District of Missouri, where two of the men behind the scheme, Rajiv Singh Chhatwal and Rupinder Kaur, are alleged to reside. A third named defendant, Neeraj Dubey, doesn't have his location identified, but he presented himself as a "co-owner" of "Helios Digital," a St. Louis-based LLC that allegedly worked together with Global Access to execute the fraud.
A federal court has already issued a temporary restraining order (PDF)freezing the assets of the three named defendants, as well as related companies controlled by them, called Global sMind, Source Pundit LLC, Helios Digital Media LLC, and VGlobal Ites Private Limited, an Indian corporation.
Chhatwal is alleged to have created Global Access and contracted with its call center in New Delhi. He was the domain registrant for several websites associated with the telemarketing scheme, and he responded to consumer complaints at the Better Business Bureau that were brought against the company. In its press release on the matter, the FTC thanked the Better Business Bureau of Eastern Missouri and Southern Illinois for its collaboration and contribution to the case.
The accusations against Global Access are just the latest chapter in a variety of tech support scams that have flourished in recent years. Many of them have similar characteristics, such as using Microsoft Event Viewer and remote-access tools before requesting a credit card payment.