Risk
10/4/2012
11:21 AM
50%
50%

FTC Disconnects Tech Support Telemarketing Scams

Federal Trade Commission complaint names six businesses with operations in U.S. and India that tricked consumers into spending hundreds of dollars on bogus technical support.

11 Security Sights Seen Only At Black Hat
11 Security Sights Seen Only At Black Hat
(click image for larger view and for slideshow)
Hang up on unsolicited phone callers bearing tech-support advice, and beware any search engine advertisement purporting to offer such services.

Those are two takeaways from a Wednesday announcement by the Federal Trade Commission that it has filed complaints against 14 corporate defendants and 17 individual defendants, in six different legal filings. At the request of the FTC, a federal judge has also frozen the businesses' assets, and instructed the defendants to immediately cease all of their related activities.

"The FTC has been aggressive--and successful--in its pursuit of tech support scams," said FTC chairman Jon Leibowitz in a statement. "The tech support scam artists we are talking about today have taken scareware to a whole other level of virtual mayhem."

According to the FTC, tens of thousands of English-speaking consumers in the United States, as well as Australia, Canada, Ireland, New Zealand, and the United Kingdom, were conned by bogus technical support operations--largely based in India--into paying between $49 and $450 for fake services.

"When consumers agreed to pay the fee for fixing the 'problems,' the telemarketers directed them to a website to enter a code or download a software program that allowed the scammers remote access to the consumers' computers," according to the FTC. "Once the telemarketers took control of the consumers' computers, they 'removed' the non-existent malware and downloaded otherwise free programs."

[ Read Microsoft Windows Support Call Scams: 7 Facts. ]

Five of the six scam operations named in the FTC's court filings used telephone boiler room operations, according to court documents, while the sixth operation commissioned sponsored Google search results to add credibility to its operations.

According to the FTC complaint, filed in the U.S. District Court for the Southern District of New York, the defendants violated both the FTC Act, which prohibits unfair or deceptive commerce, as well as the Telemarketing and Consumer Fraud and Abuse Prevention Act, which prohibits abusive or deceptive telemarketing. According to court documents, the scammers helped disguise their identities and true locations by using virtual offices that were essentially mail-forwarding operations, together with 80 different domain names for the websites they used to market their activities, as well as 130 different phone numbers.

In the case of the sixth operation--involving PC Care247 and Connexxions--court documents alleged that the defendants "operate a massive scheme that tricks consumers into spending approximately $139 to $360 to fix non-existent problems with their computers," in part by preying on people's fears that their PC might be infected by spyware or malware. "The defendants scare consumers into believing that their computers are in imminent danger of crashing to sell consumers otherwise free software protection products and unnecessary computer security or technical support services," according to the FTC complaint.

According to court documents, PC Care247 and Connexxions also paid Google over $1 million in sponsored advertising fees to make their advertisements appear when consumers searched for technical support services, including "virus removal" and "how to get rid of a computer virus," as well as for searches involving well-known security products, such as "Avast phone number," "McAfee Customer Support," and "Norton Support." But the FTC's complaint said that the search advertisements were often worded to appear as if they were really the tech-support operations of "McAfee, Symantec, Dell, or Microsoft" themselves, returning results such as "Contact McAfee Support" which instead led directly to the scammers' website.

The FTC's wide-ranging investigation saw the agency work with the Australian Communications and Media Authority and the Canadian Radio-television and Telecommunications Commission, both of which filed administrative actions against some of the defendants for having violated the countries' Do Not Call laws. The FTC also worked with the U.K. Serious Organized Crime Agency, and Microsoft.

Some of the defendants named in the complaint reside in the United States, while others reside in India but have transacted related business "throughout the United States," using businesses based in both countries that have "commingle funds," said the FTC.

The full list of U.S. businesses named in the FTC's complaints are Connexxions Infotech (a.k.a. Connexxions USA) in California, Finmaestros (a.k.a. technogennie, 24x7pchelp, 24x7pctech, Transfront Solutions) in Florida, Megabites Solutions in South Carolina, New World Services in Wyoming, New York-based PCCare247 USA, and Virtual PC Solutions (a.k.a. Virtual PC Solutions, First PC Solution, Direct PC Solution, Virtual IT Supports, Global Innovative Services).

Businesses named in the complaints that are based in India are Connexxions InfoTech Services (a.k.a. Connexxions India), Greybytes Cybertech (a.k.a. Bluesystemcare, BSC, 24x7 PCHelp), Lakshmi Infosoul Services, PC Care247 Solutions (a.k.a. PC Care247 India), Pecon Software, and Zeal IT Solutions. One complaint also named Pecon Software UK, based in Great Britain.

Despite the FTC's crackdown, tech-support telephone scams remain alive and well, no doubt because the barrier to entry--scammers need only a telephone and credit-card processing capabilities--remains so low. "Some people tried to hit me with the same trick a few days ago," emailed one InformationWeek reader Wednesday. "They said they were representatives of HP."

The FTC's tech support crackdown follows a Tuesday announcement that a federal court agreed with the agency's proposed judgment of $163 million against three ringleaders of a scareware operation that tricked over one million consumers into purchasing fake security software.

Cybersecurity, continuity planning, and data records management top the list in our latest Federal IT Priorities Survey. Also in the new, all-digital Focus On The Foundation issue of InformationWeek Government: The FBI's next-gen digital case management system, Sentinel, is finally up and running.. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
indianeo
50%
50%
indianeo,
User Rank: Apprentice
7/29/2014 | 3:07:27 PM
Scam Tech Supports Changes Name Quickly
Like PC Care24by7 becomes VSupport llc and Started scamming again. Same guys same companies all operations similar!
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-1793
Published: 2014-12-25
rendering/svg/RenderSVGResourceFilter.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted SVG document that leads to a "stale pointer."

CVE-2011-1794
Published: 2014-12-25
Integer overflow in the FilterEffect::copyImageBytes function in platform/graphics/filters/FilterEffect.cpp in the SVG filter implementation in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified ...

CVE-2011-1795
Published: 2014-12-25
Integer underflow in the HTMLFormElement::removeFormElement function in html/HTMLFormElement.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document con...

CVE-2011-1796
Published: 2014-12-25
Use-after-free vulnerability in the FrameView::calculateScrollbarModesForLayout function in page/FrameView.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaS...

CVE-2011-1798
Published: 2014-12-25
rendering/svg/RenderSVGText.cpp in WebCore in WebKit in Google Chrome before 11.0.696.65 does not properly perform a cast of an unspecified variable during an attempt to handle a block child, which allows remote attackers to cause a denial of service (application crash) or possibly have unknown othe...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.