20 April 2023
Category:
news

FTC Acts on Major Payment Processors Alleged Tech Support Scams

In 2022, tech support scams resulted in approximately $806 million in victim losses, according to the Federal Bureau of Investigation (FBI) Internet Crime Report 2022. Nexway, an ecommerce and payment software and service company, is facing a Federal Trade Commission (FTC) complaint and proposed court orders filed to stop the company from credit card laundering for tech support scammers.The defendants in the FTC case have agreed to the court orders, filed by the US Department of Justice on behalf of the FTC, which prohibit them from credit card laundering. The court orders also include a requirement to monitor high-risk clients for any involvement in illegal activity.In my opinion, and the FTC complaint so alleges, Nexway was at best willfully blind to the scam being perpetrated by its customers,if not worse, Jay Hack, a banking and financial services attorney and partner at full-service law firm Gallet Dreyer & Berkey, tells InformationWeek.The complaint alleges that Nexway and associated company Asknet, as well as the companys CEO Victor Iezuitov and Chief Strategy OfficerCasey Potenzone, were involved in giving tech scammers access to the US credit card network, allowing tens of millions of dollars to be processed. The complaint alleges that the company processed payments for tech support scammers beginning in at least 2016.Companies like Nexway that knowingly launder charges for scammers are breaking the law and helping scammers cheat money from consumers, said Samuel Levine, director of the FTCs Bureau of Consumer Protection, in the FTCs press release.The FTC will not hesitate to use its law enforcement powers to stop them.Hack and another expert talk to InformationWeek about what the complaint and court orders could mean for Nexway and its customers.The ConsequencesThe restrictions outlined in the court orders prohibit the cases defendants from credit card laundering and assisting tech support scammers. The orders also include a total monetary judgment of $16.5 million. The monetary judgment has been partially suspended because the defendants are unable to pay the full amount, according to the FTC. Nexway and its subsidiaries are required to pay $350,000. Asknet and its subsidiaries must pay $150,000, while Iezuitovs obligation is $100,000 and Potenzones is $50,000.Beyond these monetary judgments, the company will likely need to invest resources to meet requirements set out in the court orders and avoid future run-ins with the FTC, Sara Sharp, an attorney and founder ofbusiness law firm SK&S Law Group, points out. This could include hiring new staff, implementing new policies and procedures, and engaging in ongoing monitoring and reporting to the FTC, she says.If the company disregards the court orders or continues to participate in tech support scams, it will likely face more penalties and potentially consumer lawsuits, according to Sharp.Nexways CustomersNexway is a multinational company with many high-profile companies among its customers. Its customers and partners page lists Adobe, Amazon, Intel, and Microsoft, as well as cybersecurity companies Avast, Bitdefender, ESET, and Kaspersky. The companys involvement in facilitating tech support scams is a consideration for all of its customers.Any of the companys clients at high risk for illegal activity face heightened scrutiny, as outlined by the court orders. Even if Nexway customers are not considered high-risk, they are associated with a company that has faced regulatory scrutiny.With security conference RSA coming up next week, cybersecurity companies working with Nexway are faced with the question of what that association will mean during a major industry tradeshow and beyond.The case’s effect on businesses employing Nexway’s services at the RSA Conference willultimately depend on perception. Businesses employing Nexway’s services might find it more difficult to conduct business at the conference if the case is perceived as harming the company’s reputation or representative of more widespread problems in the cybersecurity sector, says Sharp. The case might not have much of an effect, though, if it is viewed as an isolated incident or is not pertinent to the conference.It is possible customers will end their relationship with Nexway. Any of Nexways customers who are themselves heavily regulated should probably look for a substitute company ASAP. In my experience, which involves all sorts of regulated industries, you do not want your company to be doing business with someone who the regulators think is tainted, says Hack. There are a lot of companies in the credit-card clearing business, so why choose one that is under a microscope because of bad past acts?How customers react to Nexways regulatory obligations remains to be seen, but if they begin to end their relationships with the company, it could impact Nexways overall business and the service its remaining customers receive, according to Hack. You do not want to be the last one out the door. The quality of service that you are getting will decline as other customers jump ship, he says.Continued ScrutinyEnterprises operate in a complex ecosystem with multiple supply chain partners. Regulatory compliance is vital within and beyond a companys four walls. The FTCs case against Nexway serves as a reminder of the importance of knowing your partners and your customers. Companies should thoroughly investigate the payment processing service providers they use, including looking into their reputation, looking into any legal or regulatory activities, and looking over their rules and processes, Sharp urges. Companies that put a high priority on morality and legality, as well as transparency, in their interactions with clients and partners, are less likely to come under scrutiny from regulatory bodies like the FTC.Hack recommends implementing a KYC (know your customer) program to avoid dealing with partners involved in illegal activity. Be very careful when the crooks are abusing consumers because you risk the wrath of the FTC or the CFPB [Consumer Financial Protection Bureau], he cautions. What to Read Next:Training New Hires on Security: Strategies for SuccessMicrosoft Teams Up to Take Legal Action Against Cybercriminals6 Ways Cybersecurity Can Boost Revenue

PBH CANADA is Trusted by Thousands of Canadian Businesses

» Learn More About Payment Processing