Audrey Strauss, the United States Attorney for the Southern District of New York, announced that ROMANA LEYVA pled guilty today to participating in a conspiracy that for several years exploited elderly victims by remotely accessing their computers and convincing victims to pay for computer support services they did not need, and which were never actually provided. In total, the conspiracy generated more than $10 million in proceeds from at least approximately 7,500 victims. LEYVA pled guilty to conspiracy to commit wire fraud and conspiracy to intentionally damage victims’ computers, before U.S. District Judge Paul A. Crotty, to whom her case is assigned.
U.S. Attorney Audrey Strauss said: “As she admitted today, Romana Leyva was a leader of a conspiracy that caused pop-up windows to appear on victims’ computers – pop-up windows that claimed, falsely, that a virus had infected the victims’ computers. Through this and other misrepresentations, this fraud scheme deceived thousands of victims, including some of society’s most vulnerable members, into paying a total of more than $10 million. Leyva now awaits sentencing for her crimes.”
According to the allegations contained in the Superseding Information, court filings, and statements made during plea proceedings:
From approximately February 2015 through December 2018, LEYVA was a member of a criminal fraud ring (the “Fraud Ring”) based in the United States and India that committed a technical support fraud scheme that exploited elderly victims located across the United States and Canada, including in the Southern District of New York. The Fraud Ring’s primary objective was to trick victims into believing that their computers were infected with malware, in order to deceive them into paying hundreds or thousands of dollars for phony computer repair services. Over the course of the conspiracy, the Fraud Ring generated more than $10 million in proceeds from at least 7,500 victims.
The scheme generally worked as follows: First, the Fraud Ring caused pop-up windows to appear on victims’ computers. The pop-up windows claimed, falsely, that a virus had infected the victim’s computer. The pop-up window directed the victim to call a particular telephone number to obtain technical support. In at least some instances, the pop-up window threatened victims that, if they restarted or shut down their computer, it could “cause serious damage to the system,” including “complete data loss.” In an attempt to give the false appearance of legitimacy, in some instances the pop-up window included, without authorization, the corporate logo of a well-known, legitimate technology company. In fact, no virus had infected victims’ computers, and the technical support phone numbers were not associated with the legitimate technology company. Rather, these representations were false and were designed to trick victims into paying the Fraud Ring to “fix” a problem that did not exist. And while the purported “virus” was a hoax, the pop-up window itself did cause various victims’ computers to completely “freeze,” thereby preventing these victims from accessing the data and files in their computer – which caused some victims to call the phone number listed on the pop-up window. In exchange for victims’ payment of several hundreds or thousands of dollars (depending on the precise “service” victims purchased), the purported technician remotely accessed the victim’s computer and ran an anti-virus tool, which is free and available on the Internet. The Fraud Ring also re-victimized various victims, after they had made payments to purportedly “fix” their tech problems.
LEYVA’s roles in the scheme included (1) creating several fraudulent corporate entities that were used to receive fraud proceeds from victims, (2) recruiting others (including through misrepresentations) to register fraudulent corporate entities that became part of and facilitated the activities of the Fraud Ring, and (3) assisting others in setting up fraudulent corporate entities and bank accounts, including coaching them to make misrepresentations to bank employees where necessary. As she acknowledged as part of her guilty plea, LEYVA was a leader or organizer in this conspiracy.
* * *
LEYVA, 37, of Las Vegas, Nevada, pled guilty to one count of conspiracy to commit wire fraud, which carries a maximum penalty of five years in prison; and one count of conspiracy to intentionally damage a protected computer, which carries a maximum penalty of five years in prison. The statutory maximum sentences are prescribed by Congress and are provided here for informational purposes only, as LEYVA’s sentence will be determined by the judge. LEYVA’s sentencing is scheduled for September 15, 2021, at 12:00 p.m.
Ms. Strauss praised the New York Office of Homeland Security Investigations’ (“HSI”) El Dorado Task Force, Cyber Intrusion/Cyber Fraud Group, for its outstanding work on the investigation. Ms. Strauss also thanked the New York City Police Department for its assistance on this case.
This matter is being handled by the Office’s Complex Frauds and Cybercrime Unit. Assistant United States Attorney Michael D. Neff is in charge of the prosecution.