“Global Minds” Tech Support Scam|Classic Pop-Up Scammer

Long-time no video, however, I have returned to the scene! In this video we look at a scam company known as “Global Minds” I’m sure they have many other different company names too. They are taking part in an older tech support scam that involves using fake web-based pop-ups to make you believe something is wrong with your computer when there isn’t. They also have many different sites registered that no longer work that based on the URL, was used for previous pop-up scams. If you are interested in viewing this and more info collected please scroll down below this post.

The scam started out like basically any scam of this nature, you accidentally click on an ad or get redirected from an ad infested site or miss-spell a common website and end up at a screen that looks like this.

(Click to enlarge)

The pop-ups usually say something like your system has been infected or your hard drive is going to crash if you close this page or in this case “unusual activity was detected.” either way all of them want you to call a toll-free number that claims to be Microsoft but isn’t, sometimes the pop-ups have automated voices that speak into your speakers or a loud alert noise that would scare the hell out of you if you had your speakers all the way turned up. Most pop-ups scam companies usually share, for example, when you call the number depending on certain aspects such as time of day, for example, you will get a different scammer every time. This pop-up, in particular, had at least three scam companies attached to it.

Once I called the number, the scammer asked me the usual card of questions, what were you doing when you got this message, how often do you use the computer, did you make any changes, etc. Mostly all distraction questions. The first thing he did was ask me to go to the run box, (Windows key + R) and type “msconfig” which is a program that allows you to view system services and change start-up options. He had me look at the system services tab and pointed out all the stopped services saying those services should be running and were stopped because of an “infection.” When in reality, the services are normally stopped and Windows starts and stops them as the services are needed.

MSCONFIG program showing stopped services
(Featured picture is from another video)

After this, he wanted to get connected to my machine like all scammers. Once connected, he did the various card of tech support scammer tricks, such as going into CMD and running ‘netstat’ which lists all the TCP connections coming in and out of my machine and saying they are hackers trying to enter my machine. When in reality, they are normal connections and they are not hackers trying to get into the computer.

Example of CMD open and the netstat command being run.
(Featured picture taken from another video)

He then moved onto say that my computer was infected and needed to be cleaned. He went on to show me on a notepad what was wrong with my computer and asked for private information in the notepad for one of the support plans. You should NEVER TYPE PERSONAL INFO INTO A NOTEPAD DOCUMENT FOR TECHNICAL SUPPORT! Always ask to pay through a trusted payment gateway online through a secure site. A reputable company will always have you pay this way if they don’t and you ask for a payment gateway and they refuse, chances are they are a scam. He claimed that the plans would run on the network and protect all devices on them. There isn’t a magical one-way solution that will protect everything on the network, its all a load of BS. The “plans” he was offering ranged from $199 to $499.

In the end, I gave him fake details and told him I’d like to go with the most expensive plan to get his hopes up and to waste his time, even more, when the fake card doesn’t go through. Of course, when confronted about scamming they disconnect and hang up like cowards. If you ever get a pop-up like this, NEVER CALL THE NUMBER! simply close your web browser and get rid of it. If it took over your screen, you can hit (Escape + Shift + Crtl) to open task manager to close the browser that way. If you are ever on a call with a tech support company that performs the tactics in this video or others listed here, disconnect them from your computer immediately then hang up. Do not tell the scammer you know it’s a scam until you are sure they are out of your computer. Some scammers can be nasty and delete important files or even crash your computer.

Details on this scam:

Date of Scam: 7/23/19

Number Called: (Pop-Up Number)
(866) 895-3781 (Provider: PLIVO, INC) (Since: 6/20/19)

Website Number:
215-854-9449 (Provider: Sprint Spectrum, L.P.) (Wireless)


Website registration info: (Hosted by GoDaddy)

Name:ankit khetarpal

Address:3900 city avenue W1006


State / Province: Pennsylvania

Postal Code: 19131

Country: us

Phone: +1.2158549449

Other registered sites: (Click hereto view)

IP Address: (Bharti Broadband, Indian IP Address)

1 Comment

Leave a Reply