U.S. Fraudster Earned Millions of Dollars Pretending to be Microsoft Tech Support

Recently, a fraudster from the USA (North Carolina) pleaded guilty in court, who was able to fraudulently earn more than $ 3 million in four years . He received money from owners of PCs and laptops, to whom the fraudster appeared to be a Microsoft tech support employee. His name is Scam Bishap Mittal, now he is 24 years old.

They arrested him on March 12, a few days later Mittal pleaded guilty. He did not work on his own, but in tandem with an accomplice (the accomplice’s name is still unknown). Attackers created sites that belonged to the real company Capstone Technologies LLC.

The resources mentioned above contained special scripts that showed visitors information about viruses infected their PCs and laptops. In order to get more traffic to sites, attackers bought contextual advertising from Google and Bing. In addition, pop-ups placed on various resources that showed ads to visitors were also launched.

Most of the alerts were designed to look like Microsoft's style — namely, service alerts. As far as we know, all this worked only in relation to US citizens.

In addition to the message, the number was shown to the victimMicrosoft's supposedly technical support phone to solve a virus problem. When a person called this number, he got to a call center located in India. Well, the center’s employees were notified of the need to inform the victim about technical problems on her computer. The main legend is the conflict of two antiviruses.

The caller was offered to solve the problem by purchasing the technical support services of specialists. At the same time, the cost of such services is considerable - from $ 200 to $ 2.4 thousand. As you can already guess, in fact there were no conflicts of viruses or other problems on the client’s PC - the attackers simply took money and did not provide any support.

The scheme lasted from 2014 to August 2018. Fraudsters also used company names such as Authenza Solutions LLC, MS-Squad Technologies, MS-Squad.com, MS Infotech, United Technologies and Reventus Technologies. Everything was done in order to somehow make it clear to "customers" about the involvement of these companies in Microsoft Corporation.

The attacker was found guilty on March 20 of this year.



Mittal's case is far from an isolated one - it just became known about him. Many more fraudsters remain at liberty, and they continue to deceive PC users. And this is a problem not only for users, but also for technology companies like the same Microsoft, whose names are hiding scammers. According to representatives of the Redmond company, only in 2017 she received 153 thousand complaints from victims of fraud fraud. Every year the number of complaints increases. And this is only the United States, the total number of countries from which reports of fraudsters came - 183 .


Source: Microsoft

True, not all users who are trying to deceive believe in intruders. Affected people - about 15% of the total number of those who reported the problem. Typically, the amounts that are scammed by fraudsters are $ 200- $ 400. Although there are exceptions. For example, two years ago, "Microsoft technical support" withdrew more than $ 89 thousand from the account of a resident of the Netherlands.

Cybercriminals do not always launch websites and found companies. In many cases, phishing is used, which has remained effective for many years. In addition, attackers even use the method of calling subscribers, for example, by numbers from the city directory. In some cases, a “large company” is trusted and paid for technical assistance.

Indian call centers are used to prevent the victim from contacting the call company directly. But Microsoft has already turned to the Indian police. After a series of complaints from the corporation, law enforcement officers carried out several raids, visiting 26 call centers. 63 people were arrested.

But all this is just the tip of the iceberg. In addition, they involve not only the name Microsoft, but also many other technology companies. There are still a lot of trusting users, so cold calling, phishing, and other methods used by cybercriminals also apply to them.