Victim Location 98012
Total money lost $1,050
Type of a scam Tech Support
About a year and a half ago, when I opened my desktop computer, I saw a Stop Error Message on my Windows 7 Pro OS stating that Microsoft Systems engineering detected my computer is infected with some type of trojan virus and that I need to call the 888 toll free number to contact Microsoft. When I called this number, the person on the other line stated his name as Ben William Smith, but sounded with a strong Hindu accent (from india). When I told him about the stop error, he said he needs to install a software remotely so he can clean out the virus. He said the trojan virus had to be cleaned out, but to do this, he will need me to agree. When I asked him what company they are with, he mentioned that they are a 3rd party company contracted to work for Microsoft Corporation who are gelping Microsoft Windows users clean out malwares and trojan viruses. So I agreed.
These people from India appeared to be very smart programmers because, as I watched them do stuff on my computer, they went in through the cmd.exe after asking me to press the Windows logo icon on my keyboard + R simultaneously. Once in the cmd/DOS based window, the tech support guy I was talking to, began to type some programming and said that they discovered a trojan virus was able to breach through my OS kernel. The tech person also said, that the malware or trojan virus was able to get in through my router’s MAC address.
After some couple of hours of them taking over my computer remotey, they appeared to have fixed the problem and charged me $299 at the time. They were asking me to pay them $499 but I told them, I have no money, so they agreed me to simply pay $299. I asked them what company they worked for, and they responded that they are operating under GNI, LLC and even encouraged me to check them out with BBB.org.
When I went in to BBB.org at that time, they registered with an A+ rating. I trusted BBB’s rating report so I agreed to pay them. After I made a payment over the phone using my debit card, I went to my local bank and reported this incident. Right away, my bank disabled that debit card and issued me a new debit card.
Fast forward a year and a half after, on May 23rd, 2018, I started receiving a call from the same guy who claims that their business license to operate had expired and that they are required by law to refund the money for the services that users were not able to receive from them as part of the agreed fees rendered to them for the entire time of paid tech support services agreement. The guy disguised under the name of Ben William Smith kept calling as I told them I can not speak with them as I am driving. He asked what time I can call receive a callback from him and I told him within half an hour, I should be home. He appeared persistent and right on the dot as far as time is concerned, but I didn’t answer as I was caring for my children. His calls were persistently coming through, but later on registered as an unknown caller. What is weird is it would ring and register as someone with an 800 number, but after a day, it registered with an unknown caller ID. So, these programmers or scammers are very skilled in either programming or cyber hackers to be able to spoof even the T-Mobile network, and the Microsoft OS systems engineering. When they called me the following day, I answered the call. The same guy Ben William Smith introduced himself again and said they myst refund me the money I overpaid them, but to do this, they must once again remote in to my computer. Once I logged in, they made me go to a website, I believe www.teamview1234.com. once they were at that website, they installed a teamviewer.exe and began to successfully remotely go in my computer. The tech support guy appears to be main criminal talking to victims while he has someone in the background doing the work. Then, Ben William Smith asked me to login to my bank so they can wire transfer the money to my bank. When I did this, I saw the programmer manipulating my computer remotely, pulled up a window that appeared to be a a callstack programming API and watched someone type 3,490.00. When this happened I told the guy to stop and tell the person doing the transfer that he made a mistake and put in another “0” after the 9, because he claims he simply needs to wire transfer me $349 back for what I paid. This is when I began to be highly suspicious that I just got scammed and got mad and told them to change the amt of the refund. By this time, the scammer said, the financial analyat who is doing the transfer made a mistake, so now I have to refund them back the money or else they will lose their job. The programmer analyst even pretended to be crying for help and got scared. So now, Ben William Smith said, I have to wire transfer the money they overpaid me, but I was angry at this mistake, so I allowed them to simply take what is not mine to begin with. When I said this, a guy named Jake Tyler took over the phoen and started to go to a website called pangea online transfer and tried transferring $2989. This attempt failed. So they went in to zoom.com and tried doing a paypal transaction in the amount of $2989.00. In the process, the transfer required that I put in my email account, which I did. They successfully wired $2989.00 out using my email address and phone number. Now, they asked me to login to my gmail account. I asked them why, they said they need to verify that the money they overpaid me really went through successfully. So I did. I was angry and so nervous by this and started to feel violated after I saw them try to delete that transaction from my gmail address, so I turned the computer completely offline, by shutting it down. The guy, Ben william Smith called again and said if I want to gain control of my computer back, I must allow them to log back in so they can simply verify that the money went through. Under severe duress because they changed the password on my computer login ID profile, I obliged. This was when they were able to gain access on my online banking account again. They minimized my online banking window so much, that I can barely see what the other programmer was doing remotely, but I could see money being transferred out of my 4 bank accounts and this time they used remitly.com to wire out all the money from my bank accounts to a recipient named Nina Gusmia. This dawned on me that GNI, LLC is similarly tied up to the recipient’s last name and first name. The scammers used a spoofed phone number (201) 801-8495, which registered to be a VoIP phone serviced by Broadvox Communications, based in Cleveland, Ohio. Broadvox Communications’ website is www.inteliquent.com. When I called Broadvox Communications, I was so disappointed that I could not get through this number to report the scamming artists using their VoIP services. When I checked my online banking system to determine whether there was any $3490.00 originally deposited on my account, I was chagrined to discover there was no trace of it ever going through my bank account. So, the scamming artists, sad to say, they are skilled programmers and cyber hackers were able to take out all the real money we have on my online banking account, by remotely transferring all the money from the 3 other accounts to the one account, and wired it out to a recipient named Nina Gusmia, using remitly.com, which amounted to the said amount on this scammer tracking report. I called remitly.com’s Customer Protection department at (888) 736-4859 to report this incident. Unfortunately, they told me they can’t help me get my money back, but suggested that I contact my bank’s fraud dept team, so my bank’s fraud dept team are the ones who can file a case with remitly.com directly to retrieve the money I lost.
I called my bank’s fraud team and gave them all the information and told them exactly what remitly.com’s Customer Protection department’s recommended course of action and gave all the necessary details to run after these scamming artists. I also had to file a police report and gave them evidences as I was able to capture a recording of a lot of the activities on my phone.