Damian Williams, the United States Attorney for the Southern District of New York, announced charges against VINOTH PONMARAN for participating in a conspiracy that for several years exploited elderly victims by remotely accessing their computers and convincing victims to pay for computer support services they did not need, and which were never actually provided. In total, the conspiracy generated more than $10 million in proceeds from at least approximately 7,500 victims. PONMARAN was arrested on Friday in Blaine, Washington, and will be presented in the Western District of Washington. The case has been assigned to U.S. District Judge Paul A. Crotty.
U.S. Attorney Damian Williams said: “As alleged, the defendant was a leader of a sophisticated fraud scheme that preyed on victims, including the elderly. This conspiracy allegedly caused pop-up windows to appear on victims’ computers—pop-up windows which claimed, falsely, that a virus had infected the victim’s computer. Through this and other misrepresentations, this fraud scheme deceived thousands of victims, including some of society’s most vulnerable members, into paying a total of more than $10 million. Thanks to our partners at Homeland Security Investigations, this scheme has been dismantled.”
According to the allegations contained in the Superseding Indictment, as well as court filings and statements made in court in connection with the cases of PONMARAN’s co-defendants:
From approximately March 2015 through December 2018, PONMARAN was a member of a criminal fraud ring (the “Fraud Ring”) based in the United States and India that committed a technical support fraud scheme targeting elderly victims located across the United States and Canada, including in the Southern District of New York. The Fraud Ring’s primary objective was to trick victims into believing that their computers were infected with malware, in order to deceive them into paying hundreds or thousands of dollars for phony computer repair services. Over the course of the conspiracy, the Fraud Ring generated more than $10 million in proceeds from at least 7,500 victims.
The scheme generally worked as follows. First, the Fraud Ring caused pop-up windows to appear on victims’ computers. The pop-up windows claimed, falsely, that a virus had infected the victim’s computer. The pop-up window directed the victim to call a particular telephone number to obtain technical support. In at least some instances, the pop-up window threatened victims that, if they restarted or shut down their computer, it could “cause serious damage to the system,” including “complete data loss.” In an attempt to give the false appearance of legitimacy, in some instances the pop-up window included, without authorization, the corporate logo of a well-known, legitimate technology company. In fact, no virus had infected victims’ computers, and the technical support phone numbers were not associated with the legitimate technology company. Rather, these representations were false and were designed to trick victims into paying the Fraud Ring to “fix” a problem that did not exist. And while the purported “virus” was a hoax, the pop-up window itself did cause various victims’ computers to completely “freeze,” thereby preventing these victims from accessing the data and files in their computer—which caused some victims to call the phone number listed on the pop-up window. In exchange for victims’ payment of several hundred or thousand dollars (depending on the precise “service” victims purchased), the purported technician remotely accessed the victim’s computer and ran an anti-virus tool, which is free and available on the Internet. The Fraud Ring also re-victimized various victims, after they had made payments to purportedly “fix” their tech problems.
PONMARAN was an India-based leader of the Fraud Ring. Among other things, PONMARAN managed a call center in India that was used to provide purported computer repair services to victims of the scheme. PONMARAN also recruited co-conspirators in the United States to register fraudulent corporate entities and open bank accounts that were used to receive fraud proceeds from victims of the scheme. PONMARAN also directed co-conspirators to wire fraud proceeds from the United States to accounts in India.
* * *
PONMARAN, 34, a citizen of India, is charged with one count of wire fraud and one count of conspiracy to commit wire fraud, each of which carries a maximum sentence of 20 years in prison. The statutory maximum sentences are prescribed by Congress and are provided here for informational purposes only, as any sentencing of the defendant will be determined by the judge.
PONMARAN’s co-defendants, Romana Leyva and Ariful Haque, were both sentenced earlier this year, following their respective guilty pleas. Leyva was sentenced to 100 months in prison and three years of supervised release, and she was ordered to pay forfeiture of $4,679,586.93 and restitution of $2,707,882.91. Haque was sentenced to one year and one day in prison and three years of supervised release, and he was ordered to pay forfeiture of $38,886.32 and restitution of $470,672.16.
Mr. Williams praised the outstanding work of the New York Office of the Homeland Security Investigations (“HSI”)’s El Dorado Task Force, Cyber Intrusion/Cyber Fraud Group. Mr. Williams also thanked the New York City Police Department for its assistance on this case.
This matter is being handled by the Office’s Complex Frauds and Cybercrime Unit. Assistant United States Attorney Michael D. Neff is in charge of the prosecution.
 The entirety of the text of the Superseding Indictment, and the description of the Superseding Indictment set forth herein, constitute only allegations, and every fact described should be treated as an allegation.