If you’ve ever browsed some of the internet’s seedier nooks and crannies, you might be familiar with a particular type of scam: The pop-up warning (usually accompanied by a loud, alarm-like sound) telling you that your computer has been compromised and you must call tech support immediately. To people who know better, it’s a minor nuisance but to people who aren’t as scam-savvy, it’s a ruse that brings in millions of dollars to jerks around the world, including a Missouri-based operation that has been shut down by the Federal Trade Commission.
The FTC announced today that it has filed suit against the owners of four companies that allegedly used fake pop-up warnings to scam victims into paying for tech support they didn’t need.
According to the complaint [PDF] filed in a federal court in Missouri, the St. Louis-area defendants — doing business under a number of names like Global S Connect, Yubdata Tech, OneSource Tech Support, and Technolive — would use third-party affiliate marketers to place pop-up ads online.
However, the FTC says these ads were made not just to pop up and be an annoyance to the user, but to deceive the recipient into believing their computer had been compromised.
The pop-up windows, often complete with warning siren sounds, were designed to look like they were coming from the computer’s operating system, as opposed to the user’s web browser. They sometimes implied that the warning was coming from Apple, Microsoft, or the user’s internet service provider.
Users were told through these pop-ups that their computer was at risk and that they needed to call a special toll-free number now. Additionally, some alerts made it impossible or very difficult to browse away from the pop-up, further giving the impression that the computer was infected and impressing on the user a sense of urgency.
The FTC says that when you called the number on the screen, you were connected to another defendant in this case: a call center based in India.
There, an operator would instruct the victim on how to give the “tech support” staff remote access to the computer. After being connected, both the user and the operator could see what was going on on-screen.
According to the FTC’s undercover investigation of this scam, the operator would show the victim the supposed evidence of a virus or malware on the device, but in reality this “evidence” was no indication that the computer had been breached.
Using a Windows-based computer that the investigator knew was free from malware and viruses, the FTC investigator contacted the tech support number. According to the complaint, the operator brought up the Event Viewer, where a number of things were listed as “Error,” “Warning,” or “Critical.”
In actuality, the events listed on that screen are in no way an indication of a viral infection.
Similarly, the scammy operator opened the System Configuration window and allegedly pointed out all the important processes that had been “stopped” because they were not in “running condition.”
Again, nothing to do with a virus or malware.
If the victim is still on the hook at this point, this is when, according to the complaint, the scammers would hit them up for a $200 “one-time fix” charge, or for those who really wanted to spend money in exchange for nothing, a $400 year-long protection plan.
Once the operator had the victim’s credit card info, that could have been the end of the call, but these alleged scammers apparently believe in some degree of verisimilitude, as the operator would remain connected to the victim’s computer for some time, doing “repairs” that the FTC claims may have actually left users’ computers in worst condition than before.
The court has granted the FTC’s request for a temporary restraining order [PDF] against the defendants, and has frozen their assets for the time-being.
by Chris Morran via Consumerist