If the day of the week ends in “day,” then you know some Indian scammers are busy trying to steal your money in the ISO certification scheme.

Meet “Global ISO Register,” a website that claims to be a universal registry of ISO certificates but is actually just an invitation for people to send $US 5,000 to a completely anonymous person in India for exactly nothing in return.

The website solicits companies, certification bodies and accreditation bodies to join one of two tiers of “membership” in order to get listed on their shitty website. The “Regular Membership” package costs $2,500 per year, and the “Premier Membership” costs $5,000. In exchange for either of these payments, you get to use their shitty logo. You also get this benefit, which is a word salad mess that makes no goddamn sense:

Complete Quality Information to email as email in all relative issues of certification, Magazine Name (Cert Plus)

There’s no “Cert Regular,” so I have no idea what “Cert Plus” is.

As usual, there are no humans listed behind the organization. The physical address in Toronto is fake (as in, there’s no such street), there’s no email address, the website’s domain registration information has been entirely redacted, and there is no social media presence for any company called “Global ISO Register.” They’ve gone to some pretty good lengths to cover their tracks, more than most Indian scammers, even hiding the metadata on the MS Word file application that you’re supposed to submit with your check.

At some point, you must be given instructions on where to send the check, which might expose the scammers unless they demand payment in anonymous Bitcoin like some dark web criminals. I didn’t take it that far to check.

The only clue is that their domain name is hosted by Inway Hosting, an Indian web hosting company—to the surprise of literally no one. Indian scammers love to use US, UK, or Canadian addresses to hide their tracks.

The website’s data is sparse and mostly wrong. A search for US-certified companies came up entirely blank, so either they haven’t actually found any victims stupid enough to pay them, or their website is broken. The list of certification bodies and accreditation bodies hasn’t been updated in at least 15 years, as it includes some organizations that have been out of business for that long. It appears the CBs and ABs listed didn’t actually pay anything, but someone just scraped an old list and manually entered them on the website to make it look legitimate.

Finally, there’s the matter that a company can’t legally sell a membership to anything with the name “ISO” in it to begin with, since the name is ISO’s trademark. But India doesn’t really care about international copyright law, so there’s not much that anyone can do about it.

There is one possible hint as to the owners, but it’s not solid. There’s only one Google hit (that I could find, anyway) of a company cross-advertising Global ISO Register. That would be the certificate mill Certification Assurance International (CAI), which claims accreditation by the fake body “ASIB”. CAI claims to operate out of the US (of course they do) and boasts a phone number out of South Carolina. That site then has a Facebook page with photos of one bearded guy giving training to some companies in 2022, and not much after that. The company then has a Saudi phone number, as well as another one from Bahrain. The company’s LinkedIn page lists it as headquartered in Manama (Bahrain), and has a few photos showing the same guy from LinkedIn. while he’s not identified in the photos, the guy did “repost” the images from his own account, thus allowing us to identify him as Zia ul Haq Ijaz Ahmed of Pakistan.

But Pakistan isn’t India (you should know that), although sometimes Pakistani companies will use Indian web hosting companies. So my gut tells me this isn’t the guy behind Global ISO Register, but he probably knows who is.

Please, though: if you want to burn up $5,000 for nothing, at least send it to me. You know who I am, you know where I live, and you even know what I drink. (Alsace Gewurztraminer or, failing that, Scotch.) Donate to the shady guy you know and trust, not the shady guy you don’t.

Or don’t send your money to anyone, and keep it for yourself. That’s an option, too.


ISO 14001 Implementation