2 Indicted for Common IT Pop-up Window Scam

2 Indicted for Common IT Pop-up Window Scam

NEW YORK – Sept 18, 2019  The United States District Court Southern District of New York announced a Sealed Superseding Indictment against Romana Leyva (Leyva) and Ariful Haque (Haque).

This indictment revealed one charge of Conspiracy to Commit Wire Fraud and one charge of Wire Fraud. The complaint alleges that Leyva and Haque operated within a criminal fraud ring (Ring) in the United States and India which targeted elderly victims in the United States and Canada. This fraud worked to cause a window to pop-up on a computer screen while using a web browser.

This pop-up window falsely stated that a virus had infected the victim’s computer. This window would list a number to be called to receive technical support. The window would also have language that stated if they restarted or shut down their computer, “it could ’cause serious damage to the system,’ including ‘complete data loss.'”

In some instances, the pop-up would include a corporate logo of a legitimate company. Even though this window looked ominous, contrary to its statements, no virus was on the victims’ computers and there would not be any harm done if they closed or restarted the computer. This pop-up window and its claims were designed solely to frighten the victim into reaching out for support for a problem that did not exist.

If the victim called the number on the pop-up window, it would go to a call center that was run by the Ring. Employees at the call center would ask for the victim’s permission to give them remote access to enter the computer and “fix” the virus and any associated problems. Once they were given access, the call center employees would make it look like they were working to fix the problem. In reality, per the complaint, they would make a diagnostic tool appear on the computer screen and then falsely re-state that the victim had a virus and offer a “fix” for the issue. The victim then unwittingly could choose the level of fraud to be paid.  They could pay for a one-time, one year or lifetime support of a “fix” they do not need for a problem they do not have. Once this was agreed to, the Ring employee would download a free anti-virus tool and leave instructions via a text file with payment instructions.

Some victims were re-victimized. The complaint mentions an example where one victim, who had already lost several hundred dollars from the pop-up window fraud, was contacted stating that the company who had promised “lifetime” technical support had gone out of business and couldn’t support them any longer and would be issuing a refund. The Ring, after getting access to the victim’s bank account, stated that they had made an error in the refund process. Instead of giving them $450 back, they mistakenly gave them $4,500 back and instructed them to “reimburse” the Ring via gift cards.

This Ring defrauded victims out of more than $10 million through credit card payments, checks, postal money orders and gift cards. In fact, the complaint alleges, the Ring learned over time that they needed to be paid through postal money orders and gift cards and stopped accepting checks and credit cards. This was due to the fact that credit card charges and checks could be reversed after the fact.

Leyva, a Nevada based Ring member, and Haque, a NY based Ring member, both worked to register fraudulent corporations used to receive the proceeds derived from the fraud. Both “willfully and knowingly, having devised and intending to devise a scheme and artifice to defraud and for obtaining money and property by means of false and fraudulent pretenses, representations, and promises, knowingly did transmit and cause to be transmitted by means of wire, radio and television communication in interstate and foreign commerce, writings, signs, signals, pictures, and sounds for the purpose of executing such scheme and artifice, and aided and abetted the same…. to induce them to pay for computer repair services that they did not need and make other unnecessary payments, and sent and received, and caused others to send and receive, interstate and foreign text messages and phone calls, to and from the Southern District of New York and elsewhere, in furtherance of that scheme.”

The complaint asks that any property that was received in conjecture with this fraud be forfeited. If that property cannot be located or deposited to a third person or outside the Court’s jurisdiction, then other property of the same value be forfeited.

This case is ongoing and will be updated as it goes through the legal system.

Notify of
Inline Feedbacks
View all comments