Summary: Vinoth Ponmaran, the leader of a tech support fraud scheme, was sentenced to seven years in prison for defrauding over 6,500 victims and generating more than $6 million. The operation primarily targeted elderly individuals in the U.S. and Canada by using fake malware alerts to extract money for non-existent technical support services.
Threat Actor: Vinoth Ponmaran | Vinoth Ponmaran
Victim: Elderly individuals in the U.S. and Canada | elderly victims of tech support fraud
Key Point :
- Ponmaran’s operation involved creating fake pop-up alerts claiming virus infections to instill fear and urgency in victims.
- Victims were misled into paying for non-existent services, with scammers using remote access tools to feign legitimacy.
- Two co-conspirators were also sentenced, with significant forfeitures and restitution ordered alongside Ponmaran’s prison term and financial penalties.
The leader of a tech support fraud scheme was sentenced to seven years in prison after tricking at least 6,500 victims and generating more than $6 million.
According to the U.S. Department of Justice, the fraudulent operation targeted elderly victims in the United States and Canada.
Fake malware infections
Between March 2015 and July 2018, Vinoth Ponmaran (36) ran an operation that caused pop-up windows to appear on the victim’s computer screen warning of a virus infection.
To make the alert more credible, the scammers used the logo of a renowned tech firm and provided a phone number for technical support and steps to remove the malware.
“No virus had infected victims’ computers, and the technical support phone numbers in the pop-up windows were not associated with the legitimate technology company,” explains the U.S. Department of Justice announcement.
“Rather, these representations were false and were designed to trick victims into paying the Fraud Ring to “fix” a problem that did not exist.”
The pop-ups created a sense of urgency, conveying messages about increased risk of losing data if the system was rebooted. Sometimes, those pop-ups “froze” the victim’s computer, making it impossible to access files and data.
Although the U.S. DoJ announcement does not specify how these pop-ups appeared on the victims’ systems, common methods used include visiting compromised websites, malvertising campaigns, phishing emails, and pre-existing infections.
Those who called the scammers seeking help were advised to pay hundreds to thousands of U.S. Dollars, depending on the fake support package they opted for.
Then, the scammers used remote access tools to perform a scan on the victim’s system using a free anti-virus tool, making the whole process appear legitimate.
Ponmaran was the manager of an India-based call center that handled the defrauding procedure and was responsible for recruiting co-conspirators in the United States who would help launder the proceeds via American bank accounts.
In 2022, two of Ponmaran’s co-conspirators, Romana Leyva and Ariful Haque were both senteced to prison. Levya received 100 months and ordered to forfeit $4.7 million and pay restitution of $2.7 million.
Haque received 12 months and one day in prison and ordered to forfeit $38,800 and pay restitution of $470,600.
In addition to the prison sentence, Ponmaran is also ordered to forfeit over $6.1 million and received supervised release for three years.