Sophos Cloud Optix
One of Microsoft’s Gold Partners has had its relationship with the software giant unceremoniously terminated, after being revealed to be orchestrating a telephone support scam.
Comantra, based in India, are said to have cold-called computer users in the UK, Australia, Canada and elsewhere, claiming to offer assistance in cleaning up virus infections.
The bogus support calls came from Comantra employees who claimed to be representing Microsoft, and used scare tactics to talk users into opening the Event Viewer on Windows, where a seemingly dangerous list of errors would be seen.
Once terrified by what appears to be a worrying collection of warning messages, and believing this was evidence of a malware infection, users would be tricked into allowing Comantra technicians to gain remote access to their computer, and hand over their credit card details to fix any “problems”.
In the past, vulnerable elderly people have even been told by scammers that heavy rain may have caused a computer virus infection.
What makes the scam particularly audacious is that during the scam campaign, Comantra were a certified Gold partner of Microsoft, and when quizzed by skeptical computer owners would use their status to trick potential victims into believing the call was legitimate.
A search for “Comantra” on the internet finds a large number of posts and complaints about the scam telephone calls, stretching back over 18 months. Some users have even asked on Microsoft’s own message forums how it is possible for the firm to have “Gold Partner” status.
As PC Pro reports, a Microsoft spokesperson has now confirmed that Comantra has at long last been struck off their Gold Partner list:
"We were made aware of a matter involving one of the members of the Microsoft Partner Network acting in a manner that caused us to raise concerns about this member's business practices. Following an investigation, the allegations were confirmed and we took action to terminate our relationship with the partner in question and revoke their Gold status."
"There are no circumstances under which we would ever allow partners or any other organisations to pose as Microsoft. We view matters such as these extremely seriously and take immediate action if such behaviour is brought to our attention and found to be the case."
Hmm.. Maybe someone should tell Comantra to update their website and remove that Gold Partner logo?
Listen to this great podcast by Sophos experts Paul Ducklin and Sean Richmond where they discuss the problem of fake tech support calls, and the ways in which you can avoid falling for scams like this yourself:
(Duration 6:15 minutes, size 4.5MBytes)
Also, make sure that your family and friends are on their guard against suspicious tech support calls telling them about infections on their computer – even if the callers do claim to be from Microsoft. It only takes a lapse of common sense for you to hand your credit card details straight down the line to a criminal.
More details on the Comantra case can be found in Nicole Kobie’s article at PC Pro.
"One of Microsoft's Gold Partners …"
Wasn't the "Gold Partner" label retired last October? https://partner.microsoft.com/40141173
"On October 31, 2010 we launched new memberships as outlined below and retired the previous three levels of membership (Gold Certified, Certified, and Registered)"
Existing Gold Partners can continue to describe themselves as such until the end of October 2011.
From the document that you yourself linked to (did you even read it?!):
Microsoft recognizes that partners with a legacy Gold Certified or Certified membership continue to meet requirements of the partner program that were in effect prior to October 2010. Therefore, partners are able to use Gold Certified and Certified logos in their marketing materials until October 2011
About time they worked out who was making those calls!
Hope the police forces from various countries prosecute them for the troubles that they have caused!
It IS! about time. We are in Brisbane, and got a call from these Indians, claiming same scam. We pretended to be following instructions but were actually noting down every instruction. They asked us to open Run command, put in a key, then save, open again, (now they have access) and enter their access codes, then they thought we had Event Viewer. They asked us to tell them options. That stopped us “playing with them” as we did not really do what they asked. BUT we did get the codes they used. We are today handing all the site and codes over to police.
I have had lots of fun with these people. When they ask me to do ,start ,control panel, i ask where the start button is in ubuntu, bottom left hand corner is the reply, sorry dont have one there, you must have, they say. I dont think they have heard of linux,,,, my wife would just tell them to go away, well thats the general gist of what she actualy says
Asked me if i had windows, I replied, they were cleaned last week
I just had a similar call 2 nights ago, only caller said they represented my service provider…… so this , or something very similar is still going on.
I listened for awhile, asked them to call me back in the am, they did not call back
A lot of these calls are voip in which case the voip providers are also at fault
last ime They called I said I was rally interested and Im reaching for my credit card
my number is 3 … 4 ccccchhhhhhhhhc 7 ccchhhcchhchhhhh 1 cccc 0 then hang up jeez they rang back staight away Oh you missed my number its 3 ….. 4………ccccccchhhhhcchh 7 ccccchhhhh 1 cchhh chhh 0 must be a bad line then hang up . Great fun 🙂
There is not much point reporting it to the ACCC or ACMA or the police because their only interest is in warning other consumers. They have no intention to investigate or prosecute.
I once called a legit Microsoft number for virus issues (called PCsafety) about my computer slowing down and crashing to the BSOD, thinking it could be due to viruses or malware. I was at one point during this issue put on a callback list. Everytime they called me back, the caller ID said “Microsoft”. However, one time, still waiting for a call, I got a call that said on my caller ID “Unknown”, implying the number did not have caller ID. Picking it up, it was from Microsoft, or so I thought at the time, and they had me install a remote access software from Microsoft.com. They had me look at msconfig to see what startup things I could and could not disable, and cleared the temp and prefetch folder. Hanging up, thinking the problem was “solved”, I rebooted my computer. However, it wouldn’t load to the glowing orab from Vista. It’s startup repair option couldn’t find anything wrong, and it still wouldn’t boot. I had no choice but to re-install Windows. So, was this a phone call scam, or was it all bad timing? Sophos, can you help me figure this out? Thanks in advanced!!
This happend to me . They telephoned and were so plausible that I let them talk me through the programmes and I saw`that the licence had expired screen. However, it was only when they directed me to a www.GITSOLUTIONS.net I realised that there was something wrong. I told the technicial that I am a pensioner and did not have any money to pay, the then pressed me to ask my husband or members of my family for some 'plastic'. I told him that they were all unemployed and there was no money. He then said well I can't help you and slammed the phone down.
It was only when I looke up phone scams I saw this was quite common. My only worry is that he has hacked my pc.
I had a phone call from someone claiming to be Global IT Services just this week. Apparently, Microsoft themselves had phoned them and asked them to get in touch with me about some serious problems with my computer. I just wish I'd had more time to find out what they were actually up to as I was on my way out so I just told them to get a life and put the phone down. It's worrying that there are so many of these scams going on though.
They phoned me when I was trying to fix my computer. I put up an argument but after a lot of hastle I let them into my computer and do not know how much harm this can do
to me. My credit card would not pay them and it was canceled. I will receive a new card
but do not know how much they can do with what they saw on my computer. Do I have to change all my passwords in computer ? I have changed my access to computer password.
I just had an almost identical scam today and recorded the whole thing. Interesting if you want to hear how the scam goes down: http://www.troyhunt.com/2011/10/anatomy-of-virus-…
that was awesome!
When scamming idiots like this call just feign interest and try to get as much info about their company as possible. The report the suckers to the authorities. I do this every time and always get a kick out of informing them that not only is their call illegal but I'm also a qualified computer engineer with over 25 years experience. What never fails to amaze me is their completele arrogance and even when it's clear that you know that they are scammers they STILL try to assume that they know more about the subject than you! I've tied these guys up in knots when we've got on to technical speak and they still won't back down!
I have also been subjected to this company and their tactics. I was called one week by Comantra and was told by them how they could work wonders on my computer, I politely declined their services.
Anyway, I was called this week and the same company gave me the same blurb about protecting my computer from viruses etc. I asked them why they thought that I needed their help. The operative replied that they had completed a survey and that my name appeared on their list- yeah right!! Once again I declined and hung up. I was called back litererally 10mins later, again i declined. These people called me AGAIN the same day. In total Comantra has called me FIVE times over a one week period. I can see why people just cave in in order to get rid of them.
Just got a call a few minutes ago. Told them they were a scam and hung up. They called right back (twice!) and I hung up each time. I see from previous posts that I should expect a few more calls. 🙁
I've had so many calls I've lost count. The last one however I engaged them in a long technical process and lied blantently about the 'error' screen. Then asked them to solve a list of made-up other technical problems and then said I'd call them back after an hour of their time. They haven't called since.
I just recieved this call today 01/27/2012. Microsoft has never telephoned me before, with or without a live person. I have called them. Red flags all over the place.
I could barely understand the person because of his India accent. He was persistant: It didn't matter which Windows OS I had, they'd fix the problem; it was a service of Microsoft, etc. I flatly refused to comply with his instructions and he STILL kept trying to convince me.
Finally, I told him that I couldn't understand him because of his accent. He then attempted to defend India as the largest service center in the world. When I told him that didn't change his accent, he finally hung up. He hadn't ask about a credit card at that point, but if it had come up, I would have told him I didn't have one.
I can just see Microsoft using a live person to individually telephone every single Windows owner to correct a problem.
I just got a call from Comantra – Same as Susan above. Couldn't understand them but unfortunately I fell for it but only for a one time deal for $55.00. I made a mistake that I will never make again, but I can't help wondering what they'll use of the information that they retrieved. Those bastards were good cause the use scare tactics and I fell for it.
We use to get calls all the time .
We would say we don't have a computer …not even a desktop or laptop …nope we don't use them ,clunk they would hang up every time .
I think there are several firms or units using this technique. The person initially speaking to you probably believes they are working for a legitimate firm and has been "trained" to persevere. Working on lots of calls they eventually find a sucker. When you get close to installing the remote control software, often from ammee, a more technical supervisor will get stuck into your computer and copy all your relevant details. It is possible there was once a genuine firm which helped you and did not steal your money via credit card fraud, but there are so many rogues you will never be able to tell. It is important to warn all of your friend about this, especially those with little knowledge.
I just received a call this evening from someone with a eastern accent claiming he was from Microsoft Corporation. He was asking for my husband by name and claimed his computer had issues. This is the third time in the last two months they have tried. My husband does not nor ever will have a computer. I told him he had no computer and he just kept on. I told the man to get off the phone and stop calling and he plain out said NO! After giving him some hell I hung up. They will just keep calling, it must work for them and eventually they get some poor sucker. Sad things are like this and there is no recourse.
I just got off the phone with somebody doing the same scan. As soon as they mentioned "eventvwr" I typed it into my search engine and found articles about the scam. I told this to the lady with the Hindi accent on the phone, and just as described by others here, she was arrogant enough to say that of course there were scammers but her company certainly wasn't one of them. I went as far as launching eventvwr and listening to her describing the "infected files." I in essence said that if Windows knew that all these files were infected, wouldn't there be some program capable of cleaning them already on my system. She gave up, and said she would connect me to a "technical specialist" who would further explain what they were doing. I asked him who was paying him, as I knew nobody would make phonecalls like this "out of the goodness of their heart." He hung up shortly afterwards.
I didn't get to the point described by other correspondents of their company taking remote control of giving them some "plastic." I'm assuming they might try again.
Some guy jut called me from their. Didn't fall for the scam but i went to all the event viewer stuff but when told me to go to ammyy.com on the run window i did research and confronted him about the scam.
Bill
I phoned BT help line because of poor download speed, operator checked speed and
said there were issues with my computer,and that one of their technitions would call me.A few momenets later my phone rang and the Indian dialect said my computer had serious problems and that my anti virus needed replacing. He offered to sort it for £35 pounds.I thought i was talking to a BT employee and gave him my bank details,later the computer was working much better.The next day on checking my bank account i found that as well as the £35 they had stolen a further £172. i immiedately cancelled the card.
Today they had the cheek to telephone me asking why i had cancelled the card 'there had been a mistake .Would i remove the stop on my bank account and switch my computer on' They have phoned three times today trying to persuade me to open my account no doubt so they could plunder it.I feel BT are at fault because their operator obviosly gave my details to the scammer
I had a same call today from number 0014259053074. They didn't speak good english. First i had a woman and later she gave me an technical expert. I asked him to email me the information. He told me that would take to much time to email everyone. He asked me if i would do what he asked me, i said no and then he hung up.
Seems like this is starting again – just called me yesterday (22 Aug 2013). Said they were from Windows security center, GRS "Global Reports Security"; plausible at first – they had my computer serial number, said my computer was infected and infecting others. I was passed to several "technicians," and asked to access using Showmypc. Some techs seemed knowledgeable, some did not, some clever – complimenting on caution. All were pushy.
I know this is old, but seriously folks ᎓ how many more years (decades?) will it take for every computer owner to have gotten this simple message ᎓
“Do not give ANY personal information to
ANYONE, EVER, or give them ANY kind of
access, EVER, unless YOU are the one who
INITIATED the CONTACT”?
. . . through his or her head? Do you know how hard it is to actually feel empathy for anyone who in 2020 is still trying this hard to get kicked in the teeth?