Paddle.com and its U.S. subsidiary will pay $5 million to settle Federal Trade Commission (FTC) allegations that the company facilitated deceptive tech-support schemes that harmed many U.S. consumers, including older adults.
Paddle, a UK-based payment processor, offers payments, tax handling, compliance, and checkout infrastructure for software and digital product sellers by acting as a “merchant of record.”
According to the FTC, Paddle failed to perform adequate screening and fraud prevention, enabling foreign operators like Restoro, Reimage, and PC Vark, to exploit the U.S. credit card system.Â
These schemes used fake virus alerts and pop-up warnings, often impersonating Microsoft or McAfee, to lure consumers into buying unneeded software or tech support services and charged them via unauthorized subscription renewals.
PC Vark sold scareware through deceptive alerts and routed victims to call centers. Paddle processed $12.5 million for PC Vark, despite numerous complaints and chargeback rates exceeding 7%.
Last year, Restoro and Reimage settled over allegations that it was involved in nearly identical scams that directed victims to phone-based upsells. Paddle processed over $37 million in transactions for them.
“From April 2020 to at least June 2023, Paddle processed over $37 million in credit and debit card charges for a pair of affiliated deceptive tech support software merchants, “Restoro Limited” and “Reimage Limited” (collectively, “Reimage”). These Reimage entities were registered in the Isle of Man and later re-domiciled in Cyprus,” reads the FTC complaint.
The FTC complaint also alleges that internal Paddle communications showed that the company knew about the fraud, understood it disproportionately affected non-technical, older consumers, and deliberately concealed the activity to avoid scrutiny from banks and card networks.
To stay under chargeback thresholds and avoid detection, Paddle allegedly used chargeback prevention tools like Ethoca and Verifi to refund flagged transactions before they could be formally reported, masking accurate fraud rates.
Paddle also allowed merchants to begin charging U.S. consumers before completing “Know Your Customer” (KYC) checks, sometimes processing over $500,000 without providing any identification.
The FTC alleges that Paddle functioned as an unregistered payment facilitator (payfac) and aggregator, violating Visa and Mastercard rules by processing for thousands of merchants without proper disclosure or compliance.
The FTS says that even after receiving explicit warnings about scams and chargebacks, Paddle sought revenue-sharing deals with other high-risk processors to keep profiting from problematic clients. It even asked PC Vark to sign indemnity agreements to cover Paddle’s potential liabilities from consumer fraud claims.
As part of the settlement agreement that includes a monetary relief of $5,000,000, Paddle will be:
- Banned from processing payments for tech-support telemarketers.
- Prohibited from aiding deceptive merchants or helping them evade fraud detection.
- Required to screen and monitor clients and report their activities.
- Required to clearly disclose subscription terms, obtain informed consent, and offer simple cancellation.
Paddle published a statement noting that the agreement with FTC confirms its policy not to work with companies accused of deceptive practices, which it calls “abhorrent.”
The company emphasized that it did not process payments for the deceptive telemarketing itself but only for the initial software purchases.
To avoid getting scammed, it is important to remember that Microsoft, McAfee, or other antivirus providers will never use pop-ups or unsolicited calls to tell you your computer is infected, so these are always part of scams.
Avoid buying software through unfamiliar websites or ads, do not make rushed decisions based on alleged urgency, and use ad blockers or internet security tools to block these pop-ups and redirects.
Patching used to mean complex scripts, long hours, and endless fire drills. Not anymore.
In this new guide, Tines breaks down how modern IT orgs are leveling up with automation. Patch faster, reduce overhead, and focus on strategic work — no complex scripts required.
