HackDig : Dig high-quality web security articles for hackers

Two charged with tech-support scamming the elderly for $10m

2019-09-23 06:05

Two US people have been charged with the alleged tech-support scumbaggery of spooking old people by shoving scary “Your computer has a virus, call us!!!!” pop-ups in their faces and then fleecing them for services they didn’t need and never got.

The band of crooks did this to about 7,500 victims, most of them elderly, shaking them down for more than $10 million.

The US Attorney’s Office for the Southern District of New York announced the arrests last week, on Wednesday, 18 September.

On that day, police arrested Romana Leyva, 35, of Las Vegas, and Ariful Haque, 33, of Bellerose, New York. They’re both being charged with one count of wire fraud and one count of conspiracy to commit wire fraud. Each charge carries a maximum sentence of 20 years in prison, though maximum sentences are rarely handed out.

Targeting the elderly in US and Canada

According to the indictment, from March 2015 through December 2018, the two were allegedly members of a fraud gang based in the US and India that targeted the elderly across the US and Canada. The goal: to snooker seniors into believing that their computers were riddled with malware so that they’d pony up hundreds or thousands of dollars for bogus computer repair services.

They’d cause pop-up windows to appear on victims’ computers that lied about their systems being infected with a virus. Better call this number, the pop-ups urged, to get some tech support to help you out. Sometimes, those pop-ups scared victims with dire prognostications: don’t restart or shut down your computer, they’d warn, lest it “cause serious damage to the system,” including “complete data loss”!

Sometimes, the crooks gussied up those pop-ups with official corporate logos – which, of course, they ripped off and which they had no lawful right to plaster on top of their bucket of lies – from what the indictment referred to as a “well-known, legitimate technology company.”

Posing as big tech companies

The Department of Justice (DOJ) didn’t name names, but we know full well how much work Microsoft, for one, has put into battling these logo-absconding name ripper-offers.

In October 2018, for example, after Microsoft filed complaints about customers falling for these lie-o-matic pop-ups, Indian police raided 10 illegal call centers and arrested 24 alleged scammers.

It’s not just Microsoft, of course. Shortly after Microsoft filed those complaints, in late November 2018, more than 100 Indian police swarmed 16 tech support scam call centers in Gurgaon and Noida, arresting 39 people for allegedly impersonating legitimate support reps for companies including Microsoft, Apple, Google, Dell and HP.

Of course, those weren’t really viruses on their victims’ computers, and the phone numbers they got people to call to “fix” their non-existent problems weren’t really associated with the bona fide companies with which they claimed affiliation.

In exchange for victims’ payments of several hundreds or thousands of dollars (depending on the precise “service” victims purchased), the purported technician remotely accessed the victim’s computer and ran an anti-virus tool that can be found for free on the internet. The e-swindlers also re-targeted some victims multiple times.

Leyva’s alleged part in the scam:

  1. creating bogus corporate entities that were used to receive victims’ payments
  2. recruiting others (including by lying) to register bogus corporate entities that became part of and facilitated the fraudsters’ activities, and
  3. helping others to set up bogus corporate entities and bank accounts, including coaching them on how to lie to bank employees when necessary.

Haque’s alleged part in the scam was to register a bogus corporate entity that was used to receive victims’ payments. Haque also allegedly trained a co-conspirator who registered a different bogus business that was part of the fraud ring, and who deposited ill-gotten loot into accounts associated with that entity.

Peter C. Fitzhugh, special agent in charge with the US Immigration and Customs Enforcement’s (ICE’s) Homeland Security Investigations (HSI), said that the law is out to protect the elderly from this type of predator:

It is our duty as citizens to protect our growing elderly population and it is our duty as law enforcement to investigate and arrest those, like Leyva and Haque, who seek to make a profit through fraud and deception.

What to do

Many elders are sitting ducks for these fraud slingers. Two years ago, when the Federal Trade Commission (FTC) launched a crackdown on tech support scammers, it released a 48-minute scam call featuring an actor portraying one of these scammers’ preferred prey: a tentative, gullible, easily sweet-talked, elderly man.

As part of its Operation Tech Trap – a broad crackdown on tech support scams both in the US and elsewhere – it passed along these tips on what to do if you get an unexpected tech-support call or pop-up:

  • Hang up on callers. They’re not real tech-support staffers. And don’t rely on caller ID to prove who a caller is. Criminals can spoof calls to make it seem like they’re calling from a legitimate company or a local number.
  • If you get a pop-up message that tells you to call tech support, ignore it. While there are legitimate pop-ups from your security software to do things like update your operating system, you shouldn’t call a number that pops up on your screen in a warning about a computer problem.
  • If you’re concerned about your computer, call your security software company directly – but don’t use the phone number in the pop-up or on caller ID. Instead, look for the company’s contact information online, or on a software package or your receipt.
  • Never share passwords or give control of your computer to anyone who contacts you. Doing so leaves your computer open to malware downloads and backdoors.
  • Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything the software says is a problem.
  • Change any passwords that you shared with someone. Change the passwords on every account that uses passwords you shared.
  • If you paid for bogus services with a credit card, call your credit card company and ask to reverse the charges. Check your statements for any charges you didn’t make, and ask to reverse those, too. In the US, report it to ftc.gov/complaint.

Tips like these are great for those of us who can absorb them. But the elderly, all too often, don’t have that capacity.

Please do keep an eye out for any friends, neighbors and loved ones who might fall into that category. Keep an ear out for those who get flustered with technology and bewildered by pop-ups. Let’s do what we can to protect others from these swindlers and their tech-speak razzamatazz, lest they squeeze elders for every dime they have.


Source: 1-rof-ylredle-eht-gnimmacs-troppus-hcet-htiw-degrahc-owt/32/90/9102/moc.sohpos.ytirucesdekan

“Two charged with tech-support scamming the elderly for $10m”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud