Optimum Global Services” Tech Support Scam / “0800 098 8413”

Posted on January 17, 2017 by thecomputerperson

Another day and while browsing the internet I clicked on an advert that promised 30% discounts on Amazon’s prices… Then got this. (And uncovered a huge scam using about 40 different “it company” domains).

0800-098-8413-scam

The messages read as follows:

Critical Error! Some suspicious activities has been detected from your network and your system has been blocked. Call immediately on 0-800-098-8413 to prevent further data loss.

Critical Error! Your system has been blocked because suspicious activities has been detected from your IP address. Call 0-800-098-8413 immediately.

ERROR! Call for support: 0-800-098-8413

Warning!
** YOUR COMPUTER HAS BEEN BLOCKED **
Your computer has alerted us that it has been infected with a virus and spyware.  The following information is being stolen…

> Facebook Login
> Credit Card Details
> Email Account Login
> Photos stored on this computer
You must contact us immediately so that our engineers can walk you through the removal process over the phone. Please call us within the next 5 minutes to prevent your computer from being disabled.
Toll Free: 0-800-098-8413

The number victims are asked to call is a UK freephone number. “0-800-098-8413” (aka.. 08000988413 or “0800 098 8413”).

The page, hosted at GoDaddy, that showed the fake warning was:

http://jaunt-googleroutesgo.xyz/uk/microsoftnetsecurity_8413/0-800-098-8413/chrm/

It directs people to call the tech support scammers “Optimum Global Services” who seem to be operating out of the site http://www.rateditteam.com to take payments.

Unusually for these kinds of things – the address given is a UK address (not USA or India) and the postal address given on the website matches the whois:

Registrant Name: Samuel Verghese
Registrant Street: Flat 5, 25 Brunswick Terrace,
Registrant City: Hove
Registrant State/Province: East Sussex
Registrant Postal Code: BN3 1HJ
Registrant Country: UK
Registrant Phone: +44.7342047912
Registrant Email: done4ultd@gmail.com

When that initial payment failed they then tried to take payment via “www.directcontracta.com” which initially looks like an unrelated “find a contractor” website but after a bit of investigation is actually registered by the same email address as rateditteam.

Associated are the Google Analytics accounts: UA-90478716 and UA-67147650

Also related to the rateditteam.com domain is:

sammy@thearch.club (matches the Samuel Verghese name used in the original tech support scam domain and is also near Hove in the UK?)

His local computer fixing business “www.expertpcbook.com”

The shared(?) youtube channel of Samuel Verghese?: Shows three young Indian men in Mumbai and several product reviews or videos attempting to go viral and domain “3wise.men”

The company of someone who lives at the address, supposedly an “Entreprenneur”.

All the following are shady looking web design and tech support companies with similar pricing structure to rateditteam:

www.itshowwedoit.com
 www.wecansortitforyou.com
 www.firstitforyou.com
 www.yourplaceforit.com
 www.pickusforit.com
 www.jewelitsolutions.com
 www.workingwithitteam.com
 www.itexteam.com
 www.thetotalitteam.com
 www.wesortitall.com
 www.timetotalkit.com
 www.digitalsconnections.com
 www.firstinit.com
 www.timetoaskit.com
 www.ititcltd.com
 www.getandgopro.com
 www.weloveinfotech.com
 www.itdecided.com
 www.topmantech.com
 www.eyeteco.com
 www.bringhomeit.com
 www.theitcrib.com
 www.itstheitcrew.com
 www.itstheitguys.com
 www.wegotitguru.com
 www.quickresponsesolutions.com
 www.fastexpertsolutions.com
 www.totalsolutionsexpert.com
 www.expertproteam.com

Related but probably a “customer” of the scammer:
http://www.amteachings.com – A meditation class around Hove, Sussex, UK.
If you are the owner of the above meditation business above – please contact your web developer and tell them off for being involved in scams.
http://www.everybizsolution.com

 

http://www.directcontracta.com

optimumglobalservices.com

Another URL used during the scam was http://onlinescanner.somee.com/ which appears to be a fake virus warning site that even has a one time password / unique value that needs to be entered before the fake scan will start! A working code is 84651 if you fancy testing it out.

Advertisement
This entry was posted in Uncategorized. Bookmark the permalink.

3 Responses to Optimum Global Services” Tech Support Scam / “0800 098 8413”

  1. wpaura says:
    January 22, 2017 at 04:18

    optimumglobalservices.com, 6321 W Dempster St, Suite #255
    Morton Grove IL 60053, USA 1-888-216-0891
    This is a UPS store. Scammer is using this location for the USA scam

  2. wpaura says:
    January 22, 2017 at 09:00

    A colleague of mine called Optimum Global Services at 1-888-216-0891 and asked if she has reached directconracta.com. The scammer on the other end responded to her “yes” and mentioned directcontracta.com is their software division.

  3. Smith Adam says:
    March 5, 2017 at 11:15

    This is another fake technical support company based in India. http://www.free-help-number.com/.

Comment on this topic

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s