Offshore Outsourcing & Scammer

The following press release shows that the Indian justice system is working together with foreign authorities for stopping Tech Support Scammers. For call centers has it coming more difficult to run such sham campaigns. On the one site they are getting scammed by buying he calls and on the other site the prosecutors are taking action against them. The case shows that victims of such a scam get at least the satisfaction that the scammers are ending up together with their landlords in jail.

Press release of the Prosecutor Osnabrück/Germany from September 5, 2016:

The Osnabrück Prosecutor's Office and the state criminal police in Hannover determine for some time against a group of online fraudsters who apparently operate from India.

The perpetrators explain in English that the user's computer is infected with a virus, the license expired, or the computer other problems having, and they provide the repair of the computer, the renewal of the license or the purchase of a security program to. Certain data from the computer are received from the callers, so that the victim believes that his PC was infected tat neuter. The perpetrators cause then the called one to download a remote control program that allows access to the computer. After allegedly made repairs, the alleged renewal of the license or the alleged uploading of a security program, the offender require a relatively small amount of money via online bank transfer. Once the called one has entered its financial data in a mask, increase the perpetrators the amount of money unnoticed. Victims are asked to pay before the repair amounts between € 180 and 250 by specifying the credit card number or bank transfer via Western Union. In a number of cases it is to get such payments.

In fact, the computer was never infected and in no case the license has been expired.

Refused the called one to pay at all or so much money, the perpetrators delete numerous data on the computer. In some cases, the computer got locked with a password.

The group opering this scam, the so-called Microsoft Technical Support calls, is a global player. In Niedersachsen, Germany, previously could 779 victims got determined. In whole of Germany at least 7647 people got scammed. This is however only to the so-called bright-field. The real figures will be much higher.

Very fast it became clear that the perpetrators are operating from call centers in India.  A international search order took place in May 2016 due to a search warrant of the District Court Osnabrück/Germany and Calcutta in India. At this search was attended by a prosecutor of the Prosecutor Osnabrück from the central office the fight against cybercrime three very experienced officers from the fields of investigation of the State Criminal Office Hannover, legal assistance and technology part. Cooperation with the police officers in India has been very successful. The Cybercrime special police in Calcutta and the Cybercrime nationality-violence in Calcutta supported the German colleagues intensively and competently through international legal assistance. In one of the searched during Operation Call Center 250 work places were found, from which the fraudulent calls got carried out.

According to the investigators fraudulent calls from all workplaces got carried out. The individual call centers were put out of service, all computers got seized. This had an impact on the number of noticeably cases: Immediately after the search, the criminal charges were very noticeably reduced and they have since not significantly risen since this time. According to the investigators, the call centers have been an important base of operations for the fraudulent calls.

7 accused are in India in prison. From these are 2 persons landlords of call centers and the other 5 are their operators. Prosecutors in Calcutta has opened a so-called mirror case and charged based on the information from the German authorities before an Indian court against the perpetrators.

If the main and only purpose of the software an illegal action then this software is illegal. In the case of the Avatar system is service legal because at the site from the Federal Trade Commission are listed a few cases where Robocalls are allowed:

Some prerecorded messages are permitted — for example, messages that are purely informational. That means you may receive calls to let you know your flight’s been cancelled, reminders about an appointment, or messages about a delayed school opening. But the business doing the calling isn’t allowed to promote the sale of any goods or services. Prerecorded messages from a business that is contacting you to collect a debt also are permitted, but messages offering to sell you services to reduce your debt are barred.

Other exceptions include political calls and calls from certain health care providers. For example, pharmacies are permitted to use prerecorded messages to provide prescription refill reminders. Prerecorded messages from banks, telephone carriers and charities also are exempt from these rules if the banks, carriers or charities make the calls themselves.

As you see in the above statement are legal and illegal purposes for Robocalls available. Illegal is this technology for making business (promoting any goods or services) in the United States of America. That the Avatar technology is a Robocall technology gets found out by reading the judgement from the United States District Court for the Southern District of Texas Houston Division, Civil Action No. H-13-2777, Case 4:13-cv-02777 from January 28, 2014 (.pdf). In this case Flowroute got sued to conspire with Avatar because: "Flowroute’s VoIP services, and employing Flowroute’s Calling Name Management Service ('CNAM-MS') to alter the caller’s identification as it appeared on Plaintiff’s cellular phone." Like expected had this case a positive end for Flowroute. The same way like Flowroute is Avatar only a service provider and is not responsible for the misusage of their products from their customers.

At Federal Trade Commission - Consumer Information - What to do if you get a Robocall explains the FTC attorney Kati Daffan in here video and in the first paragraph of the transcription what is a Robocall:

If you have a telephone, robocalls may be ruining your day. I'm Kati Daffan, an attorney at the Federal Trade Commission. If you answer the phone and hear a recorded message instead of a live person, it's a robocall. If the recording is a sales message and you haven't given your written permission to get calls from the company on the other end, the call is illegal period.

Playing pre-recorded messages or compile manually pre-recorded messages live will remain to be a prerecorded material and is never the same like speaking to a live person. There is no way to foresee all possibilities during a call. For this reason a live speaking agent cannot get replaced.

A short description of the Avatar system is that a call center agent is playing prerecorded messages to the called ones. The messages are getting selected depending on the answers from the called ones. With other words the called one does not speak with a real agent and for some questions are even no prerecorded answers available. Only if the called one is interested in the offer he gets transferred to a real person. One agents handles normally two calls at the same time. I think everybody knows the result of mulittasking.

Avatar is promoting their services as "Lead Generation without the accent". From my own experience and from the experience of my customers is it in the German speaking area of Europe (Austria, Germany and a part of Switzerland) not important to speak without an accent to make a sale. Much more important is it to adjust your own communication within splits of a second to the same level as your presumptive customer is using. A joke during the communication at the right time can be an ice breaker. This cannot get done by using prerecorded messages. Already the first impression a sales person is making can lead to a good business or to a total loss.

Avatar Technologies Phl, Inc. is providing their services only B2B and for this reason they need not warn about the misusage of their product. From business owners is it expected that they know the law in their country and in the country they are serving. For a consumer are the offered services not from any interest. For this reason they need not warn them about the illegal use of their products.

The FTC is challenging the DEF CON community to create a tool that people can use to block and forward unwanted robocalls automatically. Forwarded calls will go to a honeypot — a data collection system that researchers and investigators can use to study the calls. See the contest descriptions and the winners of the 2015 Robocalls: Humanity Strikes Back Contest.

Look at the videos where an attorney from the FTC explains the illegal Robocalls.

Clark-et-al.-v-Avatar-Technologies-Phl-Inc.-et-al.-Decision.pdf (128.96 kb)

At my research for the roots of the Tech Support scam offers in the call center industry I have found the company Systweak India - domain systweak.com. It is one of the sources of the "Tech support calls", which are getting traded at Facebook in the call center and outsourcing groups all over the Asia and India.

The scam is working the following way:

• Once they have programmed system tools on shareware base. Maybe at this time they had some sense, but with the further development and improvement of Windows this tools have been coming obsolete. Other companies are even providing already such tools for free or including similar products into their own offers. So they have been coming greedy and added to their products scare warnings and are showing a phone number where their victims have to call for help.
  
  
• This incoming calls get sold to call centers, which have more or less a script and some provided tools for giving paid help to the caller. The call center is billing for their service directly the customer. This makes the scam dangerous for the call center, because in this case the money flow shows that the call center is the scammer. They will get prosecuted even they know it or don't know it that they are helping in scamming others. 
  
  
• If their victim calls the phone number he has to pay a high price for the help. If their victim agrees and pays the scam fee, then they are installing more fraud software on the victims computer. Even the call center agent, which should solve the problem does not know about the scareware which is included in the provided tools.

Even if the scam has not been planned from the beginning, the system "Pay Per Sale" leaded to the scam. The greediness of the call center owners has driven the agents to sell as much as they can. Each business need to try to earn from their investment. If they buy something on stock then they need to try to make profit out of this stock. Nobody can work for free because we all need some money to pay our daily needs. This leads to such a fraud behavior too. If this has been the real case then it has been the self shot for Systweak. Even if the paid help is planned for one or more years, the problem exists, that the customer is reaching another call center then this one he has paid for his subscription. This new call center likes to get money too and does not work for free - remember the service is a "pay per sale" offer.

They are selling the calls, because they are thinking that they cannot get prosecuted by doing this. The first, which is coming into the spotlight is the owner of the phone number and this one, which takes the money. Indeed it is difficult to follow all the trades, which are done between the brokers, but it is not impossible. The first one, which are getting prosecuted are the helpers of the fraud and scam. In this case are it the call center owners, their agents and the owner of the published phone numbers.

At easycounter.com can get seen how much traffic is generated by the site systweak,com, With this counters can get calculated how many computer user are falling into their trap. You can see a screenshot from April 21, 2015:

In the following screenshot are the top countries listed where the traffic comes from:

It was a coincidence that I found the right domain. As the domain has been suspicious for me, because nobody can give up to 70% commission on his products if the product is competitive priced. I made my standard search procedure as following:

A short reputation research at scamadviser.com brought the result:

ALERT: Low Trust Rating. This Site May Not Be Safe to Use.

I found the following comments at scamadviser:

• 

  Susan Swanson Speulda · Contractor at Apollo Education Group

  Totally got screwed. Owes me a $400 refund but said I had to pay $200 to get it
  Put a startup password on my computer but told me I had to pay to get the password. Told them I wouldn't and the said f you. Computer being worked on but may need a new motherboard. Don't do business with them!

  Reply · Like · Follow Post · January 19 at 5:29am

   

   
• 

  Joanne Jan Naujokas · RITI

  I paid 198 for one year service and they have cleaned up my computer at least 6 times so far. I think they are from India but have always been great and polite and yes try to sell more but I don't accept.

  Reply · Like · Follow Post · December 7, 2013 at 1:31am

   

   
• openid (signed in using AOL)

  I'll tell you the truth. Systweak are an absolute nightmare, son't get involved, don't download shit from these parasites. They are all about scamming. Their "regcleanpro" software is just a hijacked app that they then use to extort more money from you. They are based in Jaipur and they will steal your money and ruin your pc. DON'T DO IT.

  Reply · Like · 2 · Follow Post · October 15, 2013 at 5:55pm

By taking a look at http://systweak.com/ I have found the Microsoft PartnerGold Application Development Logo and the Norton SECURED powered by Symantec logo.

The Norton secured logo means only that they are using a security certificate from Symantec. This only confirms only that the correct server is communicating with you and certificate can get reviewed by clicking on the Norton logo. The result is shown in the following screenshot:

More interesting is the Microsoft Partner Gold Application Development, which really leads to the site https://pinpoint.microsoft.com/en-IN/Companies/4295548206 (see the site at the pdf attachment) and confirms the partnership of Systweak India.

As Systweak is offering a Premium Support at their website and the customer complains about "Owes me a $400 refund but said I had to pay $200 to get it Put a startup password on my computer but told me I had to pay to get the password." makes all the surroundings of this company a little bit suspect. So I decided to search a little bit at Google and other sites.

WOT (Web Of Trust) is rating them based on user comments are from 100 ratings 92 complaints about scam, malware and scareware.

Scambook.com reports:

Information about Systweak Inc. was first submitted to Scambook on Sep 10, 2011. Since then the page has accumulated 4 consumer complaints. On average users reported $106.80 of damages. Scambook's investigation team reached out to this company a total of 1 times, Scambook Investigators last contacted them on Apr 23, 2013.

In a comment at downloads.cnet.com we find:

"STOP!!!! DO NOT USE THIS PRODUCT!!!!"

Pros

Initially it seemed to be a great system to search my entire computer, find errors and fix them, but....

Cons

I installed the program after what I now know were fake "HP Help" guys from India recommended it. First off, it would install older versions of drivers that would end up causing more problems. My computer ran fine prior to the program and continued to slow down more and more over time. Eventually it got to the point where my computer would freeze after 5 minutes of use. I bought a new hard drive and loaded ASO first, and immediately my computer began to run extremely slow, using 100% of CPU space. I called the tech support number and got another guy from India who again tried to sell me the same "maintenance plan" as before that cost $350. It is an absolute scam to try to get people to pay for more unneeded service.

Summary

DO NOT USE THIS PRODUCT. If you have any version of it on your computer, get it off, it will cause you nothing but problems. It is a Trojan Horse that actually introduces more problems to your computer, which Systweak will "fix" for hundreds more dollars. STAY AWAY!!!

Similar complaints are getting found at the site RipoffReport.

At Postseek,com is documented, that the software is not easy to get uninstalled and it is very hard to get rid of all the pop ups.

At the Microsoft community is the scam well documented too. There are 11 pages full of this topic

At the complaintsboard.com you'll also find their fraud described,

2-spyware.com: Lists an uninstall solution and a lot of user comments about the Systweak product RegClean Pro:

As you can see from our review, RegClean Pro is legitimate application, but we do not recommend using it. After testing it, we found that it fails to detect all registry errors and also displays exaggerated scan results that are filled with doubtful issues. If you have already purchased it, its owners offer a money guarantee. We would recommend you to use it. If you want to remove RegClean Pro from the system, you can do that by using  SpyHunter or STOPzilla, or by following these manual removal steps:

Bleeping Computer.com has a removal instruction for the people, which cannot get rid of the Systweak product regclean pro. It shows how difficult it is to uninstall the malware from India.

Spybot has published a removal instruction for this kind of malware too,

This list can get endless continued. A Google search of "systweak scam" returns around 285 000 results, a search about "systweak malware" returns around 343 000 results and a search about "systweak scareware" 74 100 resuilts.

Even a court order for a similar scam gets found at onguardonline.gov:

A U.S. District Court recently ordered the operators of several international tech support scams to pay more than $5.1 million for convincing people that their computers were riddled with viruses and then charging for bogus support services.

We’ve (onguardonline.gov) written before about tech support scammers. They call and claim to work for well-known companies like Microsoft, Norton or McAfee. They say your computer is infected with malware and then ask for remote access so they can “fix” it. Or they place ads in online search results to trick you into calling them.

So don't use their software. You'll get scammed. The calls for the provided numbers are getting traded in the call center industry in Asia. There will be even some others get found, which try to copy the system.

Products from systweak:

• Advanced Disk Recovery
• Advanced Driver Updater
• Advanced Email Backup
• Advanced Email Printer
• Advanced Email Utilities
• Advanced Privacy Protector
• Advanced System Optimizer
• Advanced System Protector
• Anvanced Vista Optimizer
• Boost XP
• CacheBoost Professional
• Cacheboost Server Edition
• Disk Speedup
• Memory Zipper Plus
• Mobile Junk Cleaner
• Mobile Registry Cleaner
• Mobile Startup Cleaner
• Netbook Optimizer
• RegClean Pro
• Right Backup
• System Speedup
• Systweak Photo Album
• Systweak Photo Studio
• TuneupMyMac
• WinClean Pro

systweak.com whois:

Domain Name: SYSTWEAK.COM
Registry Domain ID: 77920662_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.enom.com
Registrar URL: www.enom.com
Updated Date: 2013-07-29T07:59:02.00Z
Creation Date: 2001-09-28T11:40:21.00Z
Registrar Registration Expiration Date: 2022-09-28T11:40:00.00Z
Registrar: ENOM, INC.
Registrar IANA ID: 48
Registrar Abuse Contact Phone: +1.4252982646
Domain Status: clientTransferProhibited
Registry Registrant ID:
Registrant Name: SHRISHAIL RANA
Registrant Organization: SYSTWEAK INC
Registrant Street: E-73,CHITRANJAN MARG,
Registrant Street: C-SCHEME
Registrant City: JAIPUR
Registrant State/Province: RAJASTHAN
Registrant Postal Code: 302001
Registrant Country: IN
Registrant Phone: +91.1412367857
Registrant Phone Ext:
Registrant Fax: +91.911412562982
Registrant Fax Ext:
Registry Admin ID:
Admin Name: GO4HOSTING HOSTMASTER
Admin Organization: CYBER FUTURISTICS-GO4HOSTING
Admin Street: D-61,SHIV HEERA PATH,C-SCHEME,
Admin City: JAIPUR
Admin State/Province: IN
Admin Postal Code: 302001
Admin Country: IN
Admin Phone: +1.911412770440
Admin Phone Ext:
Admin Fax: +91.911412363604
Admin Fax Ext:
Registry Tech ID:
Tech Name: SHRISHAIL RANA
Tech Organization: SYSTWEAK INC
Tech Street: E-73,CHITRANJAN MARG,C-SCHEME
Tech City: JAIPUR
Tech State/Province: RAJASTHAN
Tech Postal Code: 302001
Tech Country: IN
Tech Phone: +91.1412367857
Tech Phone Ext:
Tech Fax: .911412562982
Tech Fax Ext:
Name Server: DNS1.STABLETRANSIT.COM
Name Server: DNS2.STABLETRANSIT.COM
DNSSEC: unSigned

Systweak India _ JAIPUR,...an _ Microsoft Pinpoint.pdf (308.08 kb)

Update Jan. 18, 2017:
Link to the Facebook profile Susan Swanson Speulda (https://www.facebook.com/susan.speulda) removed as it returns error 404 - not found.