Fraudsters who use remote desktop support programs while scamming their victims have made it difficult for at least one legitimate IT company to convince users that it's not trying to steal their money.

As we've written on numerous occasions, scammers have made an estimated tens of millions of dollars by tricking computer users into thinking their PCs are infected. The scammers cold call people, tell them that harmless error messages in the Windows Event Viewer are actually signs of a major problem, and then convince them to install a remote desktop program that gives the scammer access to their computer. The scammers pretend to fix the computer and charge its owner for the unnecessary and imaginary service. The same tricks can be used to steal users' passwords and private information.

Commonly used remote desktop programs include TeamViewer and LogMeIn, the latter of which posts a warning telling customers to beware of "malicious third parties posing as LogMeIn."

After our most recent story on this topic, we heard from the makers of a remote desktop tool called Supremo, another program used by scammers.

"For us it's really frustrating," Digital Marketing Manager Davide Costantini of the Italy-based Nanosystems told Ars via e-mail. "Non-tech-savvy users are the weakest target and they easily misunderstand that we’re not affiliated with the scammers. They write us e-mails asking for refunds (the scammers make them pay for the support) or looking for further support."

"The scammers use Supremo as a tool to get control of remote computers and steal passwords and other relevant information," he also said. "Of course the user of the host PC has to authorize the inbound connection in order to allow the remote control. But the scammers convince him that he needs assistance. Usually they tell the victim they’re calling from Microsoft and that they have problems with the Windows license or that they have malware in the PC."

One victim took to Nanosystems' Facebook page to say, "i don't appreciate you calling and telling me my event logs were viruses!! SHAME ON YOU! I will NOT download your software!!"

"Sir, I’ve been hacked this morning with one of your remote control programs," one e-mail to the company read. "Is there any way that I could reverse it or make sure that the people who hacked me do not have access to my computer? They have access to everything on my computer—banking and passwords. They gave me your e-mail address as a reference."

"i signed up with you paid you and now can not get a hold of you," another irate victim wrote.

Supremo is a fairly new product; the final version was released in September of this year after two years of development and beta testing. It's free for personal use and requires a subscription for commercial use. It has about 172,000 users, having built up a large following during the public beta, Costantini said. Nanosystems also makes backup software and other IT products.

Legal action is no cure-all

The Federal Trade Commission last year charged 14 corporate defendants and 17 individuals with perpetrating these types of scams, and it won a temporary restraining order to freeze $188,000 worth of assets and shut down their operations. But many other scammers continue their nefarious ways.

NanoSystems hasn't taken legal action, as that would be "expensive and we know it would be really difficult to reach the scammers," Costantini said. "We would prefer to prevent their activity with technical solutions." Nanosystems doesn't record its users' IP addresses, "for privacy and legal compliance reasons," which also limits its ability to identify cyber criminals, he said.

Costantini says he replies to every message from victims. The company also added an alert that pops up on its remote access software. It reads: "Note: by starting the Supremo connection you are allowing the remote control of your computer/server. Don’t allow unknown people to get control of your machine. Nanosystems and Microsoft don’t contact individuals offering paid support services. If someone called you for this reason he’s probably a fraudster."

The company prefers not to put a "scary message" in its software, "but we were forced," Costantini said. "I hope this measure will reduce their activity."