What can you do as a scammer when no legitimate payment provider wants to process your payments anymore? Or, what if you are growing sick and tired of these same payment providers reimbursing disgruntled customers who claim that your products didn't fix computers, like—you know—you said they would?
Simple. You rely on some novel help. That is, until you get caught.
Let us tell you a story of intrigue and wrongdoing that resulted in a multi-million-dollar settlement issued by the US Federal Trade Commission.
How do tech support scammers work?
Some of the worst internet criminals are those who prey on the weakest groups in our society. Communities that are uncomfortable and less experienced with computers are already at a disadvantage, and tech support scammers make shameless use of these circumstances, demanding payments for bogus solutions to entirely non-existent tech problems. First comes the hook: There is something wrong with your computer. Then comes the sell: Only we can fix it.
But, that money stream can dry up because of a legitimate link in the chain—payment processors. Scammers may first receive services from legitimate payment processors, but soon, those providers will notice a high volume of complaints and wizen up to the actions of their customer, consequently kicking them out and warning their colleagues to stay away from said customer.
It's a real problem for many tech support scammers, and one that has pushed some into even accepting gift cards as payment, just to circumvent the problem that they were refused by practically every payment provider.
But for a small group of call centers and software makers recently investigated by the FTC, there was a better option than gift cards.
Enter RevenueWire Inc., a Canadian company doing business as "SafeCart."
Solution: start your own payment provider
The setup was clever.
First, RevenueWire entered into contracts with banks and payment processors in the US in order to obtain and open merchant accounts, thus allowing it to accept debit and credit payments. RevenueWire then entered into contracts with tech support call centers with a less-than-stellar track record. Further, according to the FTC, RevenueWire worked with separate, third-party software companies, including PC Cleaner Inc. and Boost Software Inc., which would direct consumers of their own software to any tech support call centers that were now working with RevenueWire.
In essence, RevenueWire engaged in a miniature, controlled economy, gaining vast insight into an entire ecosystem that included making software, selling it, providing tech support services, and funneling payments made along the way.
This made for a complete alignment of businesses. According to the FTC, the stakeholders in this organization closely cooperated with and participated in companies that acted as telemarketers, software builders, website designers, and call center operators. Plus, they now had their own payment provider.
What they did
The organization's objective, according to the FTC, was to swindle customers out of their money while pretending to be tech support operators.
When you are a tech support scammer there are three main angles you can work to get your “clients” to call you. Calling the clients and trying to sell them your services is one method, and they didn’t shy away it. But as you can imagine, the chances of deceiving a client are much higher when you get a client to actually call you. To achieve this, tech support scammers can:
- Pretend to represent a legitimate company, where Microsoft and Apple are probably the most well-known examples. But Malwarebytes has been the victim of impersonation a few times as well.
- Use advertising to get prospects to visit websites with the number you want them to call, to the degree of using browser lockers and fake online scanners to convince the visitor their computer has serious issues, that only you know how to solve—at a steep price.
- Release fake anti-malware software that prominently displays your number as a help resource. Again, convincing the user that he needs to buy the software to fix those problems, and probably some extra services to go.
In the case at hand, the tech support call centers working with RevenueWire were run by Vast Tech Support, LLC (“Vast”) and Inbound Call Experts, LLC (“ICE”). The FTC filed legal actions against both these companies in the past.
What charges did RevenueWire receive?
RevenueWire was charged under the accusation that they laundered credit card payments for, and assisted and facilitated, two tech support scams previously sued by the FTC. You guessed it, those two tech support scammers were Vast and ICE.
As Andrew Smith, director of the FTC’s Bureau of Consumer Protection, said in a news release when the settlement was announced:
“Finding ways to get paid – without getting caught – is essential for scammers who steal money from consumers. And that’s exactly what RevenueWire did for tech support scammers when it laundered their transactions through the credit card system.”
The FTC said that RevenueWire violated the Federal Trade Commission Act, which prohibits “unfair or deceptive acts or practices in or affection commerce.” RevenueWire also, according to the FTC, violated the the Telemarketing Sales Rule, "provided substantial assistance and support to one or more sellers or telemarketers, whom they knew, or consciously avoided knowing, were violating" sections of the Telemarketing Sales Rule, and they "submitted charges through RevenueWire’s merchant account for companies that made false statements to consumers."
What about the people that worked for RevenueWire?
Only a few people that worked at RevenueWire knew about the complete business model. Most of the employees never learned—and may have been shocked to learn—about the company's true nature when it was named in the FTC settlement. Some may have figured out what was going on while they were working for RevenueWire, but almost no-one was told up front. A fraud analyst working for RevenueWire repeatedly warned executives about dealings with "crooks," according to evidence published in the FTC's report. This information was directly shared with Roberta Leach, RevenueWire's CEO and a named defendant in the FTC case.
The good news
In a recent press release, the FTC announced that RevenueWire and its CEO, Roberta Leach will pay $6.75 million to settle charges that they laundered credit card payments for, and assisted and facilitated, two tech support scams previously shut down by the FTC.
The FTC stipulated:
“Consumers throughout the country have been injured by tech support scams in which fraudsters deceptively market services to 'fix' purported problems on consumers’ computers. The FTC and state law enforcers have brought cases against the software sellers and call centers involved in these scams, including call centers operated by Vast Tech Support, LLC ('Vast') and Inbound Call Experts, LLC ('ICE'). FTC v. Boost Software, Inc., No. 14-81397 (S.D. Fla. filed Nov. 10, 2014); FTC v. Inbound Call Experts, LLC, No. 14-81395 (S.D. Fla. filed Nov. 10, 2014). RevenueWire, Inc. and its Chief Executive Officer (collectively, 'Defendants') have played a key role in many of these scams, including the Vast and ICE scams. Using a business model named 'Call Stream,' the Defendants have provided lead generation, business development, payment processing, and money distribution services to numerous tech support fraudsters, leading to hundreds of millions of dollars of consumer injury.”
We are pleased to learn that the FTC successfully went after this enabler and payment provider, especially in this case as they knew what they were doing and the FTC could build on the cases where they ruled against the scammers themselves.
Malwarebytes’ fight against tech support scammers
Malwarebytes has been involved in the fight against tech support scammers ever since the beginning of our company, even though it is not something that results in a profit for us. We feel that tech support scammers give the industry a bad name by proxy and as pointed out earlier, some of them even pretend to represent our company. Also, we care about everyone’s safety, not just the safety of our paying customers.
If you want to be sure to get help from our actual support team, don’t contact just any number you find while searching, but reach out to us through our Support portal.
Stay safe, everyone, and remain vigilant!