Skip to content
Naked Security Naked Security

Two charged with tech-support scamming the elderly for $10m

The tech-support scammers were allegedly part of a network of crooks in the US and India who conned about 7,500 victims.

Two US people have been charged with the alleged tech-support scumbaggery of spooking old people by shoving scary “Your computer has a virus, call us!!!!” pop-ups in their faces and then fleecing them for services they didn’t need and never got.

The band of crooks did this to about 7,500 victims, most of them elderly, shaking them down for more than $10 million.

The US Attorney’s Office for the Southern District of New York announced the arrests last week, on Wednesday, 18 September.

On that day, police arrested Romana Leyva, 35, of Las Vegas, and Ariful Haque, 33, of Bellerose, New York. They’re both being charged with one count of wire fraud and one count of conspiracy to commit wire fraud. Each charge carries a maximum sentence of 20 years in prison, though maximum sentences are rarely handed out.

Targeting the elderly in US and Canada

According to the indictment, from March 2015 through December 2018, the two were allegedly members of a fraud gang based in the US and India that targeted the elderly across the US and Canada. The goal: to snooker seniors into believing that their computers were riddled with malware so that they’d pony up hundreds or thousands of dollars for bogus computer repair services.

They’d cause pop-up windows to appear on victims’ computers that lied about their systems being infected with a virus. Better call this number, the pop-ups urged, to get some tech support to help you out. Sometimes, those pop-ups scared victims with dire prognostications: don’t restart or shut down your computer, they’d warn, lest it “cause serious damage to the system,” including “complete data loss”!

Sometimes, the crooks gussied up those pop-ups with official corporate logos – which, of course, they ripped off and which they had no lawful right to plaster on top of their bucket of lies – from what the indictment referred to as a “well-known, legitimate technology company.”

Posing as big tech companies

The Department of Justice (DOJ) didn’t name names, but we know full well how much work Microsoft, for one, has put into battling these logo-absconding name ripper-offers.

In October 2018, for example, after Microsoft filed complaints about customers falling for these lie-o-matic pop-ups, Indian police raided 10 illegal call centers and arrested 24 alleged scammers.

It’s not just Microsoft, of course. Shortly after Microsoft filed those complaints, in late November 2018, more than 100 Indian police swarmed 16 tech support scam call centers in Gurgaon and Noida, arresting 39 people for allegedly impersonating legitimate support reps for companies including Microsoft, Apple, Google, Dell and HP.

Of course, those weren’t really viruses on their victims’ computers, and the phone numbers they got people to call to “fix” their non-existent problems weren’t really associated with the bona fide companies with which they claimed affiliation.

In exchange for victims’ payments of several hundreds or thousands of dollars (depending on the precise “service” victims purchased), the purported technician remotely accessed the victim’s computer and ran an anti-virus tool that can be found for free on the internet. The e-swindlers also re-targeted some victims multiple times.

Leyva’s alleged part in the scam:

  1. creating bogus corporate entities that were used to receive victims’ payments
  2. recruiting others (including by lying) to register bogus corporate entities that became part of and facilitated the fraudsters’ activities, and
  3. helping others to set up bogus corporate entities and bank accounts, including coaching them on how to lie to bank employees when necessary.

Haque’s alleged part in the scam was to register a bogus corporate entity that was used to receive victims’ payments. Haque also allegedly trained a co-conspirator who registered a different bogus business that was part of the fraud ring, and who deposited ill-gotten loot into accounts associated with that entity.

Peter C. Fitzhugh, special agent in charge with the US Immigration and Customs Enforcement’s (ICE’s) Homeland Security Investigations (HSI), said that the law is out to protect the elderly from this type of predator:

It is our duty as citizens to protect our growing elderly population and it is our duty as law enforcement to investigate and arrest those, like Leyva and Haque, who seek to make a profit through fraud and deception.

What to do

Many elders are sitting ducks for these fraud slingers. Two years ago, when the Federal Trade Commission (FTC) launched a crackdown on tech support scammers, it released a 48-minute scam call featuring an actor portraying one of these scammers’ preferred prey: a tentative, gullible, easily sweet-talked, elderly man.

As part of its Operation Tech Trap – a broad crackdown on tech support scams both in the US and elsewhere – it passed along these tips on what to do if you get an unexpected tech-support call or pop-up:

  • Hang up on callers. They’re not real tech-support staffers. And don’t rely on caller ID to prove who a caller is. Criminals can spoof calls to make it seem like they’re calling from a legitimate company or a local number.
  • If you get a pop-up message that tells you to call tech support, ignore it. While there are legitimate pop-ups from your security software to do things like update your operating system, you shouldn’t call a number that pops up on your screen in a warning about a computer problem.
  • If you’re concerned about your computer, call your security software company directly – but don’t use the phone number in the pop-up or on caller ID. Instead, look for the company’s contact information online, or on a software package or your receipt.
  • Never share passwords or give control of your computer to anyone who contacts you. Doing so leaves your computer open to malware downloads and backdoors.
  • Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything the software says is a problem.
  • Change any passwords that you shared with someone. Change the passwords on every account that uses passwords you shared.
  • If you paid for bogus services with a credit card, call your credit card company and ask to reverse the charges. Check your statements for any charges you didn’t make, and ask to reverse those, too. In the US, report it to ftc.gov/complaint.

Tips like these are great for those of us who can absorb them. But the elderly, all too often, don’t have that capacity.

Please do keep an eye out for any friends, neighbors and loved ones who might fall into that category. Keep an ear out for those who get flustered with technology and bewildered by pop-ups. Let’s do what we can to protect others from these swindlers and their tech-speak razzamatazz, lest they squeeze elders for every dime they have.

7 Comments

I have had tech support scammers call me saying my “Dell” computer was sending out error codes and it needed to be patched….

One problem….my system is not a Dell its a specific computer built by me and they left me alone…okay think thats the end of the story….NOPE

3 weeks later they called me again and I had this to say “You have called the Edinburgh Police Force how may I help you and this number is being traced right now by our anti-cyber crimes division”

They never called me again, I make it a point to use “This is the [Local Scammers location] Police Force [insert division name here] this number is being traced right now by the cyber crimes division to find out your address expect us in the next 3 minutes”

They never call back after that, Tech scammers, car insurance scammers it works every time!

By doing that, you’re taking a risk of being charged with impersonating a police officer. Granted, it’s unlikely for that to happen since the scammer is not going to report you. But still…

Yeah I know I am taking a risk of impersonating a police officer, but sometimes you have to freak the scammers out so they dont contact you again, and its usually over cellphone I get those stupid calls…

I had one scammer call me in the car about a car insurance they got about me and I replied “Funny because I am driving that car right now and its not ever been in an automotive accident and I am now hanging up and calling my team of assault lawyers to find you and put you outta business for good” and I hung up on them

No. He asserted that the scammer had called a police force. That is quite distinct from claiming to be a policeman / -woman. Forces can (and, I expect very many do) have civilian call handling staff (as these are doubtlessly cheaper than qualified officers).

He should probably be saying “service”, nowadays, though, as our increasingly heavily armed police prefer not to be described as a “force” (on the orders of the Ministry of Truth, naturally).

Thalmost got me they told me I needed to go purchase two goggle play cards to reset my password,they took control of my phone.

Another thing you must do, and this is coming from a Windows PC tech(disclaimer: I am not, nor have I ever been affiliated with Microsoft. Do NOT USE team viewer or any remote assistance application on non windows 10 machines unless you trust the other party, and if you have Windows 10, keep up with the updates. Microsoft removed a component from Windows 10 called the sam-lock tool….aka syskey….with team viewer and other such applications, the scammers would go around remote assistancing you and with you on the phone they would Syskey your machine, thereby locking you out of you computer, till you run a windows refresh or possibly a factory reset

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?