FTC: E-commerce platform knowingly facilitated payments to scammers

hacker using mobile smartphone calling for victim
Adobe Stock

Since 2016, a multinational e-commerce company has worked with tech support scammers to extract at least $18 million from consumer victims. The scheme, outlined in a complaint this month by the Federal Trade Commission, was known to the CEO of the payments company.

The court approved three consent orders last week between the FTC and the company, Nexway, establishing a total of $49.5 million in judgments (three judgments of $16.5 million each) against Nexway, its CEO Victor Iezuitov and Chief Strategic Officer Casey Potenzone. However, due to their inability to pay the fines, the parties will instead collectively pay $650,000. The full penalty will apply if the FTC finds evidence that Nexway and its officers lied about their finances.

Besides the fines, the FTC is also requiring Nexway to stop a practice called credit card laundering, monitor clients who are at an elevated risk of violating the law, take action against clients who violate telemarketing rules and stop engaging in payment processing for tech support companies that use false or unsubstantiated advertising.

The FTC mentioned numerous banks, credit card companies and payment processors in its complaint against Nexway, many of whom took remedial actions against Nexway between 2018 and 2020. These actions included putting Nexway on probationary status over its chargeback rate and telling the company to stop processing payments for one of its criminal clients.

By and large, these financial companies went on to fall for tricks that Nexway and one of its main scam telemarketer clients, Tech Live Connect, used to try to turn down the heat. These tricks included the bogus $3 transactions on prepaid credit cards to artificially inflate total transaction numbers and Nexway load-balancing its transactions on behalf of Tech Live Connect with other, legitimate transactions.

Ultimately, the scheme fell only after scrutiny from multiple state attorneys general, the Better Business Bureau and the Department of Justice. The actions against Nexway put in stark relief how important it is that banks scrutinize the relationships they have with their riskiest clients, according to Tamas Kader, CEO of fraud prevention company SEON.

"Every bank that has worked with Nexway should review the relationship with them, given this judgment," Kader said. "They have a choice to work with other payment processors with a better compliance record."

Nexway also did business in the U.S. and Germany under the names Asknet and Asknet Solutions, but the company now mainly uses the Nexway name. Nexway did not respond to a request for comment.

Nexway's troubles started around 2016, when according to the FTC, Potenzone solicited a contract from telemarketing company Tech Live Connect. Details of how the relationship started are lacking, but by January 2017, Nexway started receiving consumer complaints about the new client. Rather than cut ties, Potenzone doubled down by requesting help from Brian Cotter, the president of Tech Live Connect.

"I have to do the sales guy thing," Potenzone said in an email to Cotter in March 2017. "Can you give us a boost anywhere? I'm really really close to one of my quarterly goals ... and am pulling a few strings to goose it."

According to the FTC, Cotter forwarded the email to his staff, and Tech Live Connect diverted additional sales to Nexway for the last ten days of the month.

The next month, the Hindustan Times published an investigative report detailing Tech Live Connect's fraudulent practices. Potenzone and Nexway learned about the article soon after it came out, according to the FTC. Potenzone also went to an FTC website that month to read a press release about actions the FTC had previously taken against telemarketers.

Despite the negative news about its client, Nexway continued to process Tech Live Connect's charges, the FTC said.

Tech Live Connect's scams would start when a victim got a pop-up on their computer, either from an unsolicited advertisement on a website or from software the victim searched for and installed to try to enhance their computer performance. In advertising cases, the pop-up claimed the victim's computer was infected with multiple viruses.

Acr1373141586921602519031.png
Tech Live Connect, the tech support scam company, used deceptive pop-ups including this one to ensnare victims. Victims reported pop-ups that appeared to be from Microsoft and Apple, claiming their devices were infected.
Federal Trade Commission

For help removing the viruses, or for help activating the supposedly performance-enhancing software, the victim would need to call a phone number. That number went to Tech Live Connect or one of its many aliases, which include Premium Techie Support, Sensei Ventures and Saburi TLC.

As part of the transaction, Tech Live Connect would get credit card payment details from the victim, which the company then allegedly passed along to Nexway. Nexway would process the payment under its own name as the merchant of record, according to the FTC. Victims then received emails from premiumtechiesupport-en.@nexway.com confirming the purchase.

According to the FTC, Nexway submitted the credit card charges originating from these tech support scams through its own merchant accounts with Adyen (a Dutch payment company), Deutsche Bank and other acquiring banks and payments processors. As a commission, Nexway received 7% of new charges and 8% of recurring charges processed on behalf of Tech Live Connect.

The FTC called this scheme "credit card laundering" because Nexway processes other payments in the course of its business as an e-commerce platform, which lended a patina of legitimacy to the payments Nexway processed on behalf of Tech Live Connect. That allowed both Nexway and Tech Live Connect to mislead banks and credit card companies about the nature of the transactions.

But some acquirers and agents did catch on that something was amiss, particularly when chargebacks on Nexway transactions reached as high as 2.6% in December 2016. For comparison, Visa and Mastercard both use 1% as their threshold for putting a company in their chargeback monitoring programs.

Visa did just that in December 2017, and Mastercard did so in May 2018. In February 2018, the Better Business Bureau contacted Nexway to ask about its connection to the scams and gave Nexway an "F" rating. The same month, Adyen required Nexway to stop sending credit card charges for Tech Live Connect. State attorneys general from Missouri, Ohio, Michigan, Wisconsin and Kansas started sending Nexway letters about consumer complaints related to Tech Live Connect.

The retail giant ignored fraudsters’ use of its money transfers in consumer scams that cost victims hundreds of millions of dollars, according to the Federal Trade Commission. Walmart called the agency’s lawsuit “factually flawed and legally baseless.”

June 29

All the time, Nexway continued processing payments on Tech Live Connect's behalf and, according to the FTC, lying to the likes of Visa about the nature of the transactions it was processing.

When Nexway put pressure on Tech Live Connect to do something about the chargeback rates, Tech Live Connect responded by using prepaid cards and bogus transactions of about $3 to reduce chargebacks. The company told Potenzone about this practice, who then shared the news with CEO Iezuitov, according to the FTC.

Moreover, Nexway intentionally shielded clients like Tech Live Connect from law enforcement investigations, according to the FTC, which named Econosoft (doing business as Assured Money and Vacillate) as another Nexway client who was engaged in fraud.

Nexway referred to Econosoft, Tech Live Connect and other clients engaged in tech support scams collectively as Premium Tech Support, or PTS. An attorney for Nexway told Iezuitov and Potenzone in June 2019 that "PTS are well aware that we are trying to shield them from the judiciary," and that Nexway would be "more doomed shutting down PTS today."

Part of the reason Nexway may have protected these clients is that they represented 25% of Nexway's revenue as of July 2019, according to the FTC.

In total, Nexway caused Deutsche Bank, WorldPay and other acquirers to deposit over $18 million in charges from Tech Live Connect's transactions with consumers into the credit card system from approximately August 2016 to February 2020, according to the FTC. Nexway also deposited "tens of millions of dollars" in charges from other Premium Tech Support clients, according to the FTC's complaint.

The judgment against Nexway highlights the need for banks to not only scrutinize risky clients but make sure that their customers — people who might potentially get targeted by these scams — know they are doing so, according to Aaron Lazor, CEO of funds recovery service MyChargeBack.

"Obviously, not every investigation by a payment processor can absolutely verify the legitimacy of a beneficiary 100% of the time," Lazor said, "but consumers must be convinced that payment processors demonstrate zero tolerance for scammers 100% of the time."

Lazor went on to say that, while the FTC's consent order against Nexway does not require banks to "boycott" the company, they do have a choice in the matter when it comes to who they partner with to process payments.

"In fact, they have many choices because plenty of alternative payment processors exist," Lazor said. "If banks are not convinced that Nexway has learned its lesson, the market will react accordingly."

For reprint and licensing requests for this article, click here.
AML Card fraud Fraud Technology
MORE FROM AMERICAN BANKER