A pop-up appears on your computer, warning of a virus. You call the “Microsoft technician” in the pop-up message, and they explain that they need remote access to fix it. Most of us know this script by now. It’s a scam, operated by people intent on siphoning money from your account.
A court case last week gave us more insight into how these operations work. Two former executives of call tracking and analytics company C.A. Cloud Attribution Ltd pleaded guilty to selling phone numbers and call infrastructure to tech support scammers. Prosecutors say they even coached their illegitimate customers on how to avoid getting caught.
Adam Young, former CEO, and Harrison Gevirtz, former CSO, ran the company between early 2017 and April 2022. According to the Department of Justice (DOJ), they sold telephone numbers, call recordings, and call-forwarding services to companies in India they knew were running tech support fraud operations. The two are US residents, but C.A. Cloud Attribution was registered in Cyprus.
The scams themselves followed a familiar pattern, using fake pop-ups warning of imaginary infections. Victims were persuaded to call the numbers, where agents impersonated Microsoft and Apple and charged hundreds of dollars for fictitious technical work. In some cases, scam agents would gain access to victims’ systems and obtain personal financial information through remote access.
Willing participants
The two executives didn’t just look the other way. Prosecutors say they advised their fraud clients to rotate through large pools of numbers so complaints wouldn’t get any single account terminated. They also told their own sales staff to pursue businesses they already knew were fraudulent. On occasion, they brokered introductions so fraudsters could buy and sell calls between each other.
To cap it all, the pair also ran a call center of their own in Tunisia from 2016 to April 2022, where some staff allegedly carried out fake tech support scams themselves.
According to FBI Boston Special Agent in Charge Ted E. Docks:
“What the CEO and CSO of this well-known call tracking and analytics company did was downright despicable. By their own admission, they willfully profited from telemarketing and tech support scammers, here and abroad, who preyed on the elderly, exploited the vulnerable, and drained victims of their life savings and peace of mind.”
Young and Gevirtz pleaded guilty to misprision of a felony (concealing knowledge of a crime), which carries a maximum sentence of three years in federal prison and a $250,000 fine. It’s notable that the Feds didn’t get them on wire fraud conspiracy, which carries up to 20 years in the slammer.
C.A. Cloud Attribution isn’t the first infrastructure provider to get caught helping tech support scammers. In 2023, the Federal Trade Commission (FTC) went after payment processor Nexway, alleging the company had been “strongly dependent” on its “premium tech support” clients that accounted for roughly a quarter of its revenue. Visa had already placed Nexway into its Chargeback Monitoring Program in December 2017, but the fraud continued anyway. The FTC originally sought a $49.5 million penalty, later reduced to $650,000.
The next call from “Microsoft”
The pattern is consistent. The scam itself might be loud, with pop-up sirens and fake blue-screen warnings, but the supply chain underneath it often looks dull and corporate. According to court documents, Young and Gevirtz deliberately stopped their details appearing on pop-up tech support alerts so that C.A. Cloud Attribution could keep a low profile.
If a well-known call tracking and analytics company can spend years knowingly routing calls into scam operations and face a maximum sentence of three years, it raises uncomfortable questions about deterrence for the next vendor tempted to look the other way.
Sentencing for both men is scheduled for June 16, 2026.
Something feel off? Check it before you click.
Malwarebytes Scam Guard helps you analyze suspicious links, texts, and screenshots instantly.
Available with Malwarebytes Premium Security for all your devices, and in the Malwarebytes app for iOS and Android.
