Scammers pretending to be Microsoft had help from US executives

A pop-up appears on your computer, warning of a virus. You call the “Microsoft technician” in the pop-up message, and they explain that they need remote access to fix it. Most of us know this script by now. It’s a scam, operated by people intent on siphoning money from your account.

A court case last week gave us more insight into how these operations work. Two former executives of call tracking and analytics company C.A. Cloud Attribution Ltd pleaded guilty to selling phone numbers and call infrastructure to tech support scammers. Prosecutors say they even coached their illegitimate customers on how to avoid getting caught.

Adam Young, former CEO, and Harrison Gevirtz, former CSO, ran the company between early 2017 and April 2022. According to the Department of Justice (DOJ), they sold telephone numbers, call recordings, and call-forwarding services to companies in India they knew were running tech support fraud operations. The two are US residents, but C.A. Cloud Attribution was registered in Cyprus.

The scams themselves followed a familiar pattern, using fake pop-ups warning of imaginary infections. Victims were persuaded to call the numbers, where agents impersonated Microsoft and Apple and charged hundreds of dollars for fictitious technical work. In some cases, scam agents would gain access to victims’ systems and obtain personal financial information through remote access.