We've got yet another domain involved in telephony based fraud folks. This time it's metsupport.com, which is housed at 126.96.36.199 (PTR: perfora.net, AS8560 188.8.131.52/16 ONEANDONE-AS 1&1 Internet AG) and registered to an entity in India (sound familiar? it should do, SupportOnClick, TechMyHelp, Comantra et al, are all based there and all involved in the same activity) called "MET", who according to DomainTools, also own a few thousand other domains (still digging to identify them).
The story sadly, is the same as the domains previously reported on. The caller phones the victim claiming to be from company x, y or z (in this case, the victim reports the tech claimed to be from "Microsoft"), and has been told by their computer that the victims machine is infected, then instructs them to view the Event Viewer to see the "evidence" of infection (as you'll already know, there's no such evidence, the Event Viewer simply reports information, warnings and errors regarding programs and Windows services).
Once conned, the victim is then asked to download remote desktop software (usually TeamViewer), to allow the tech to connect to the victims computer, and this finally ends in the victim being scammed out of hundreds of pounds.
metsupport.com was created on June 3rd 2010, and the WhoIs details show;
The UK phone number on the website, 020 3026 3983, was purchased through a company called "Simwood eSMS Limited" (simwood.com), who are a virtual telephony service provider. Whether they're aware of their customers scamming people is unknown.
E-mail addresses known to be used by "MET" are firstname.lastname@example.org and email@example.com. One of the other domains they own is metrusty.com, which is living on a GoDaddy IP (184.108.40.206 that's also housing such maliciousness as 24x7livefootball.info (fraud) and 24x7livecricket.info (fraud), both of which are running the all too familiar SMS fraud with the help of rdmedia.com/glomobi.com, who want to take at least £15 out of your wallet (how nice).
Update 16062010 17:37
I am happy to report, Joerg over at 1 & 1, has disabled this domain.
techonsupport.com, click4rescue.com, pcrescueworld.com: SupportOnClick revisited
SupportOnClick: Phoned by Malwarebytes? BigPond? Anyone else?
supportonclick.com scamming you by telephone!
Fake tech support call scam - prefetch virus logmein123.com
New scam - They call you by phone!
Staffordshire Council - Telephone computer support warning (PDF)
Cold call scam warns of virus infection
Scareware scammers adopt cold call tactics