US Government Takes Down PCCare247 Scammers


The US government set up a sting operation to gather evidence against a company called PCCare247 which was defrauding people.

The Scam

This is a variant on the classic windows support engineer scam.

A cold caller tells you your PC has a virus, offers to prove it then offers to fix it for several hundred dollars or equivalent  in the local currency.

This variant is that PCCare247 advertised heavily that they help people sort out PC issues, but when someone called then PCarre247 would find faults that didn’t exist and charge a lot of money to rectify the non existent problems.

The Sting

Agent  Sheryl Novick phoned PCCare247 . “I saw some sort of pop-up and I don’t know if there’s a problem,” she told a PCCare247 tech named Yakeen. He offered to check her computer for possible problems and he convinced her to download a piece of software that let him take control of her PC.

Yakeen ran Event Viewer on the PC – this always shows lots of errors but they are trivial and should be ignored.

“It has 30 errors,” he told her and that her PC had been hacked by someone who was committing cyber fraud using it and also that there was a virus on the PC.

Yakeen promised that he could “remove all the hackers, remove all the errors and the virus from the computer and recover all the data?” All Novick needed was $400.

Novick agreed to a lower price and provided her credit card.

Yakeen didn’t know that Novick was actually a Federal Trade Commission (FTC) investigator and she had recorded the entire encounter, which had been conducted using a clean PC located within an FTC lab.

PCCare247 used the cash from this scam to build more business, spending more than $1 million advertising accounts on Google. The money bought “sponsored search results” that appeared when users searched for terms, including “virus removal.”

The FTC obtained a restraining order (TRO) against PCCare247, which made it all but impossible to do business in the US. Most of the company’s cash had already been transferred to Indian banks, but the TRO did shut down the company’s domain name, local phone numbers, and credit card processing. New money would not be flowing.

Well done the FTC.

One comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.