When Doug Varey clicked on a pop-up ad offering computer security protection for 12 years for £556, he signed up.
“I had no reason to suspect it wasn’t genuine,” he says.
That was a mistake. Mr Varey was a victim of a common online scam known as computer software service fraud, which ended up costing him some £4,000.
Indian police have now shut two call centres and arrested seven people suspected of involvement in the scam, which has seen victims lose thousands.
The arrests follow an international operation involving British and Indian Police and the tech giant Microsoft.
The BBC has had exclusive access to the operation.
The investigation, which has taken four years, focused on what is known as computer software service fraud.
The City of London Police say it is one of the most common online scams, with over 2,000 cases reported to Action Fraud every month.
The raids by the cyber division of Kolkata Police targeted two call centres in the Indian city thought to have been used to target thousands of victims in the UK and the United States.
Retired businessman Mr Varey says the price of the computer security protection first attracted him.
” I thought per year, that’s quite cheap. And I agreed to sign up for it.”
A few months later the phone rang one evening in his Devon home. It was the security firm telling him he had a serious problem and needed to go and look at his computer.
There he was shown what he was told was a Russian man who had taken over his computer. “I looked at this screen where there’s a picture of a thick-set man in his 50s, I guess, on a computer doing things.
“And this chap said ‘Oh my God, oh my God, this is worse than I thought.’ And he was increasing my level of anxiety to the point where I was panicking.”
He was then shown the man buying guns, ammunition and hand grenades. The adviser on the phone said there was one thing he could do to make the problem go away – pay for an advanced level of security at a “special offer” price of £4,000.
“Now at that time, it wouldn’t matter what he said,” he explains. “I wanted to finish with the problem.”
While he thought he had been speaking to someone based in New York, the money was paid to a company called Vision Call Services, with an address in Kolkata in India.
It was only some weeks later that Mr Varey realised that he had been a victim of computer software service fraud.
He was recently contacted by a Microsoft executive seconded to the investigation which has seen the City of London Police working with several Indian police forces. Microsoft got involved in funding the inquiry because the scam callers often claim to be working for the company.
The documents supplied by Mr Varey were important evidence as the operation to raid call-centres in Kolkata was planned.
How to avoid being scammed
The City of London Police said anyone who thought they had been targeted by a computer software service scam should contact Action Fraud.
The police offered these tips to avoid being scammed:
- Always check out callers, especially cold callers who claim to be Microsoft, your telephony provider or internet service provider.
- Legitimate organisations will encourage you to call back via a number you’ve obtained from a trustworthy source.
- Do not assume that the number displayed on your phone is accurate, these can be spoofed, leading you to believe that the caller is in the UK or from a trusted organisation.
- Don’t call phone numbers on pop-up messages which indicate there is a problem with your computer.
The offices of Vision Call Services was one of the locations targeted. A statement from the Kolkata Police said they had found an illegal call centre in operation, with callers introducing themselves as officials from Microsoft. A number of computers and hard disks were seized, and four people were arrested.
Commander Karen Baxter of the City of London Police said the international operation sent a message to criminals: “Overseas fraudsters should see this as a warning: we will use every tactic in our power to halt your pernicious criminal activities.”
The fraudsters use a variety of techniques to extract cash from their victims. Sometimes they use popup ads to offer a worthless anti-virus protection package, or they call claiming they have detected a fault on your PC.
But often they persuade their victims to give them remote access to their computers. Once they have achieved that, they move on to getting into their target’s online bank account.
Commander Baxter says these are unscrupulous criminals who will stop at nothing to bleed their victims dry: “They are very convincing, tenacious and have developed sophisticated systems in an effort to elude capture.”
Microsoft welcomed the success of the operation in Kolkata. The firm’s UK head of legal affairs Hugh Milward said:”Effective public-private partnerships are essential if we are to combat sophisticated cyber criminals who operate on a global scale.”
The company says it will never cold call people to offer technical support.
Mr Varey says he feels “a plonker” for having fallen for the scam but he wants to help others avoid being deceived.
“The money is gone but what I really want to do is stop other people falling for this same scam.”
‘I lost £4,000 in a hand grenade hacker scam’