Scammed by Wowser E Services? Here's What to Do

Dennis Faas's picture

Infopackets Reader Barbara J. writes:

" Dear Dennis,

In early March, 2021, my elderly father was browsing the Internet when suddenly a red screen appeared and told him that his computer was infected. Conveniently, the warning message also supplied a 1-800 number to speak to Microsoft to 'fix' the issue. My father confirmed that the person he spoke to had a very thick Indian accent. The company that 'fixed' his computer was named Live IP Support and they charged on two separate occasions, totaling $2,700. The checks were withdrawn from his account under a company named Wowser E Services (aka Wowser eServices).

A few days after the scam took place, $6,000 was withdrawn from my account from his (our accounts were linked together by the same bank). The following day, the scammers tried to transfer $25,000 out of my account - thankfully the bank alerted me to the activity and I was able to recover that money. I am scared to death that they have access to his machine and are monitoring him. I don't know what to do and the police have not been helpful. I also am leery about bringing the computer to a computer repair service that does not specialize in this type of crime. I have read your other article on Live IP Support and understand you know this scam inside and out. Can you PLEASE help? "

My response:

I've said it numerous times before and I can't say it enough -

Any time you see a warning message that something is wrong with your PC and you need to call a 1-800 number to fix the problem, it's a scam! Also, if you receive a phone call out of the blue and the person on the other line needs access to your computer to "fix" a "problem", it's a scam!

Wowser E Services = Fake Tech Support

Wowser E Services is run by a very large criminal organization in India. These people are pure evil and will do everything they can to take your money - whether it's selling fake technical support, making unauthorized charges to your credit card or bank accounts, transferring money out of your account, conning you to wire money overseas, and even stealing your identity to fraudulently create credit cards in your name.

Based on my experience in dealing with the scam for the past seven years, it goes MUCH deeper than most people can ever dream of.

For example, the same group of scammers will register multiple 1-800 numbers and multiple website names and funnel money into various locations.  The same scammers also place fake 1-800 numbers in the search engines claming they are HP / Paypal / Dell technical support. If you call the wrong number, you'll end up getting scammed. The one thing that many of these scams have in common is that money is often deposited to Wowser eServices.

Here's how it happens:

Most of the time victims will supply a blank or written check to the scammers by taking a picture or scanning it. The check contains all the information scammers need to pull off a wire transfer out of the account; however wire transfers will often get flagged by the bank. Instead, scammers will extract the financial information from the check, then re-write it using a digital check - without your signature. The beneficiary will be different than the scammer name they contacted you with - and is usually almost always deposited to: Wowser E Services, Digyleap, or Technet Securities, LLC. I know this for a fact, because I've seen the fake scammer company names associated with these checks.

They do this for two reasons:

  1. You won't be able to call the bank and cancel the check by check number because the new digital check the scammers made will have a different number.
     
  2. You won't be able to call the bank and cancel the check by company name because the beneficiary will be a random name (usually Wowser eServices, Digyleap, or Technet Securities).

Here's a copy of some checks from some of my clients which shows what I said. Information has been redacted.

To date and based on my personal experience, this particular group of cyber criminals go by many different names, including: HelloGeeks, LiveIpSupport.com, LiveNetworkHelp.com, GizmoHelp.net, SoftwareProConsulting.com, Homesoftsolution.com, PC Safe Network, Technet Securities LLC, Digyleap, and many others.

There's also plenty of people complaining about Wowser E Services over at scampulse. The same group of scammers also stole $140,000 from an elderly lady (also noted scampulse).

Here's What Happens When You Let Cyber Criminals in Your PC

When give the scammers access to your computer, they will download your personal information and data, including your passwords, banking info and other financial information. They use this data to steal money from you, potentially blackmail you, and even steal your identity.

At the same time, they will also install multiple remote access backdoors on your PC. They do this so they can connect to your machine any time they want. This allows them to monitor your activities, steal even more financial information, or install specialized software that monitors what you type so they can steal your passwords. They will purposely infect your computer with malware, then call you on the phone and tell you that you have been hacked, and this time they will want thousands of dollars to fix the problem.

And all of this access serves one overarching purpose. It guarantees that you will keep paying them. If you don't pay, they will lock your computer so you can't use it or connect to the Internet and even encrypt or delete your files. These criminals will keep repeating the same scam over and over until you either wise up or your bank accounts have been drained.

Scammed by Wowser E Services? Here's What to Do

If you let the scammers into your machine, here's what you need to do:

  1. Power down the machine and do not use it until it can be properly cleaned. If it's powered off, the scammers cannot connect to it.

    In terms of having the machine cleaned, feel free to take it wherever you like, but please be advised that most computer places/tech savvy people have absolutely no clue where to look to undo the damage caused by the scammers. I've been dealing with this scam for more than seven years and the scammers don't make it easy to remove their remote access backdoors on purpose.

    Case in point. One of my client's took his machine to Best Buy after being scammed. He specifically asked that they remove all remote access and malware on the machine. When he got it back, I examined the machine and found they missed five remote access backdoors and a keylogger, which can record keystrokes and send the information back to scammers. In short, he was no better off than before he gave them the machine, plus he's out $150 - the price for bad tech support. You have been warned!

    On the other hand, I am a senior systems administrator (view my resume here) and have been dealing with this scam for more than seven years and know exactly where to look and undo the damage - contact me here. To date I have found over 25 remote access backdoors and variants used by the scammers. To put it succinctly, I know this scam inside and out like the back of my hand. I can also get your money back in most cases - keep reading!
     
  2. Once the machine is cleaned and remote access backdoors have been removed, I will provide you with a bulletproof plan to retrieve your funds, plus outline how to keep your money safe moving forward.

    The timing on this is critical, whether you paid by credit card or check. I have a very high success rate in getting my clients' money back, but it also depends on the circumstances.
     
  3. Don't answer the phone when the scammers call you back - and believe me, they will!

    The scammers like to do fake follow up calls to make sure that you're happy with their fake tech support. This is all part of the illusion to make you feel like you've been in contact with a legitimate tech support firm. Here's the kicker: If you're not happy with their services, they will try to convince you to login to your bank account while they're watching in order to "process a refund". ABSOLUTELY DO NOT DO THIS.

    In this case, they will not only get your financial information, but will also try to do a reverse refund scam. In this type of scam, they will modify your bank account details to look like they "accidentally" refunded you 10x the original amount. They are able to do this by modifying the web browser page in real time. They will then ask you to wire the money back to some obscure location (such as a bank in Thailand or elsewhere) or purchase Apple iTunes gift cards to repay them. This has happened to numerous clients of mine - in fact one client lost $20,000 off this scam! There is an excellent video on YouTube by James Browning (an ethical hacker) explaining this process.
     
  4. CRITICAL: Please talk to me FIRST before you call the bank or credit card company. I have plenty of experience with this and if you tell the bank or credit card company the wrong thing, you will not get your money back at all. In fact, I have an EXCELLENT track record for getting victim's money back, but timing is of the utmost importance!

    Also, and this is critically important: If you attempt to reverse the charge prior to having the machine cleaned AND the scammers find out you did this, they will punish you remotely by locking you out of them machine, delete all your files, or make it so your Internet stops working. This can be a costly fix. Ideally you should contact me first, have me remove the remote access backdoors, then proceed with reclaiming funds - otherwise you will be in a world of unending hurt. You have been warned!

    Consultation with me is free (up to 15 minutes) on the phone - click here to email me now and leave your phone number. I promise to call you back as soon as possible, typically after 1 PM EST as I work late into the night dealing with these scams for my clients. I can also provide evidence that I am who I say I am if you need it.

Feeling Overwhelmed? I'm Here to Help

If you are reading this article right now because you've been scammed by Wowser E Services, GizmoHelp.net, SoftwareProConsulting.com, Homesoftsolution.com, PC Safe Network, Digyleap, LiveIPSupport.com or any other fake tech support scammer, I can help. I get emails all the time about this scam and don't worry - you're not alone. I have been helping clients with this scam for more than seven years and can help you recover your funds, make your machine safe to use, and advise you on any concerns you may have.

If you need help, simply send me a message briefly describing the issue. Don't forget to include your phone number and I'll email or call you back as soon as possible. I can also provide evidence that I am who I say I am if you need it.

How do I know you're Not a Scammer, too?

I've been publishing since 2001 and have written six books on MS Windows, the Internet and Security. I get emails all the time about this scam; some people even ask me "How do I know you're not a scammer, too?" My response to this is that you can read the articles I've published over the last few years and also review my resume. I also have an untarnished 20 year history of helping others; search my name on the Internet and you'll see it. Based on that, you should be able to understand that I am in fact legitimate, compassionate, and am more than willing to lend a hand - simply contact me, briefly describing the issue and I will get back to you as soon as possible.

About the author: Dennis Faas

Dennis Faas is the owner and operator of Infopackets.com. With more than 30 years of computing experience, Dennis' areas of expertise include PC hardware, Microsoft Windows, Linux, network administration, and virtualization. Dennis holds a bachelor's degree in computer science and has authored six books on the topics of MS Windows and PC Security. If you like the advice you received on this page, please up-vote/Like this page and share it with friends. For technical support inquiries, Dennis can be reached via Live online chat through this site using the Zopim Chat service (currently located at the bottom left of the screen) or you can contact Dennis using the website contact form.

Rate this article: 
Average: 5 (4 votes)

Comments

rohnski's picture

First point. You are not using HTTPS to protect users signing in to comment. Shame on you. You certainly should know better!
.
Here are a youtubes of a guy who is messing with some scammers doing this sort of scam. It's a hoot. He gets them so confused they don't know if they are coming or going.

Messing with Phone support scammers:
https://www.youtube.com/watch?v=hdu0KUDYQI4
https://www.youtube.com/watch?v=zaZYfpt9dZI
https://www.youtube.com/watch?v=XkroB__Of_g
https://www.youtube.com/watch?v=hdu0KUDYQI4

Bonus:
https://www.youtube.com/watch?v=h4T_LlK1VE4 – Glitter Bombing porch pirates

jbuck011's picture

thanks Dennis