We have a commitment to ensuring that our journalism is not locked behind a paywall. But the only way we can sustain this is through the voluntary support of our community of readers. If you are a free subscriber and you support our work, please consider upgrading to a paid subscription or gifting one to a friend or family member. You can also make a 501(c)(3) tax-deductible donation to support our work. If you do not have the means to support our work financially, you can do your part by sharing our work on social media and by forwarding this email to your network of contacts.

On the morning of Tuesday, June 10, I emailed requests for comment to erotic thriller producer Andrew Garroni and one of his companies, Eureka Multimedia Group. The questions were sent, and apparently received, by Garroni’s personal email without issue—but Eureka’s corporate email was invalid, and my attempt to call the phone number on their website failed, too.

Suddenly, I was questioning whether Eureka Multimedia Group existed at all. For months, as part of the “Dirty Payments” investigation, Drop Site News and 20 international media outlets, coordinated by European Investigative Collaborations (EIC) network, had been looking into a vast fraud scheme covering dozens of fake dating websites. Eureka appeared to be at the center; but was it another shell, itself?

The Dirty Payments investigation—which is based on thousands of leaked financial documents from major European payment processors obtained by European Investigative Collaboration (EIC) and Der Spiegel—found that Garroni, who was involved in a 2007 settlement with the United States Federal Trade Commission for an alleged previous internet scam, appears to have revived a similar playbook to the tune of tens of millions of Euros in suspicious payments.

Eureka is at the center of hundreds of mysterious merchants, almost all unusable dating websites, with names like strollintheparkdates.com and inkeduphipsters.com. The sites, however, are not indexed by, and therefore not findable through, Google. And if you were to stumble upon the site somehow, you’d be unable to pay for anything; consumers who do report being charged on websites dedicated to reporting online scams claim to have no idea how their card information was obtained—a finding replicated in an internal investigation of eight of Garroni’s companies by Worldline—“the largest payment processor in Europe,” which handles roughly 500 billion Euros of transactions annually. As a result, it remains unclear how exactly the scheme functions.

Nevertheless, at least 90 million Euros were processed in a single year on behalf of merchants tied to Eureka and iMerchant, a related company, through major European payments processors. These companies were brought to Worldline under the umbrella of a group known as eMerchantPay (which has said it operates “in full compliance with all applicable laws”). The scheme involved, at a minimum, thousands of cards issued by major U.S. banks such as Bank of America and ZionsBancorp.

In a last-ditch effort to reach Eureka, I decided to visit their corporate office myself. I half-expected to find a locked, unmarked office, but, to my surprise, when I arrived at the large building in the suburbs of LA, a company named Eureka appeared on the lobby directory.

I took the elevator up, and I was met by double wooden doors paired with a plaque: 300 - Eureka Multimedia Group, Inc. I rang the doorbell, and a few seconds later, a middle-aged man wearing jeans and sneakers opened one of the doors.

I explained I was an investigative journalist with Drop Site News and asked if they could provide valid contact information.

“One second,” he said, before closing the door.

I waited in the hall. About two minutes later, the door opened again.

“The person in charge is not here yet.”

“Do you have an email that I could just take down?”

“No, not right now.”

“You have no email address?”

“No.”

“The email address and phone number online don’t work, so…”

“Yeah, well, that’s what we have right now.”

They didn’t have an alternative phone number, either. The doors shut. Five minutes later, the man came outside and asked me for my “business card.” I gave him my email address. I never received an email back from Garroni or Eureka.

The documents related to Garroni are just one part of the leaked documents investigated in Dirty Payments. The Garroni documents span from 2016 to 2023 and include internal audits, financial data, and communications from three European payments processors: Worldline, based in France, and Payone and Wirecard, both based in Germany. (Payone is part of Worldline Group, as it is a “joint venture between Worldline and the DSV Group.”) Though mostly unknown to the public, payment service providers (PSP) such as Wirecard, Worldline, and Payone are key to the global economy. As intermediaries between the global card schemes like Visa and Mastercard and banks, they enable everything from card payments at the supermarket to buying books online at Amazon.

Garroni, 70, is himself best known for his production of movies in the “erotic thriller” genre, though he has also been previously implicated in internet schemes that rely on allegedly deceptive practices to obtain money from consumers.

The Dirty Payments investigation demonstrates how, for years, these companies provided Garroni’s network of companies access to the global payments system. An internal Worldline audit report from 2023 shows that the payment processor began to investigate concerns with companies tied to a commercial agent, eMerchantPay, which had convinced Worldline to onboard merchants listed as being part of a group of companies described as “iMerchant/Eureka,” whose ultimate beneficial owner, according to our investigation, is Garroni. This conclusion was reached by a review of business records in combination with leaked communications and documents from Wirecard and Worldline.

Wirecard terminated its relationship with Garroni in 2020, the leaked emails suggest, after concerns were raised internally in 2019.

Wirecard later filed for bankruptcy in June 2020 after it was revealed there was an almost 2 billion Euro hole in its balance sheets.

Payone terminated their relationship with iMerchant/Eureka in 2023, after intervention from German financial regulator Bafin. Wordline appears to have terminated its relationship with iMerchant/Eureka in 2024. Worldline declined to comment on specific questions asked by the Dirty Payments investigative group, saying:

“Worldline is committed to the best standards in terms of compliance and prevention of financial crime and has reinforced its resources in that respect [...] As a listed company, Worldline may not communicate to third parties, including journalists, confidential information on a selective basis. In addition, Worldline may not comment on individual past or current customers’ situations.”

On July 1st, Worldline announced that it was hiring a firm to “conduct an external audit of the remaining portfolio of merchants engaged in risky activities,” with results due on July 30th.

Payone’s minority shareholder, DSV Group, in response to EIC’s specific questions, stated:

"Please note that we do not have the ability to comment on individual customer situations."

Despite iMerchant/Eureka no longer working with Payone and Worldline, many of the dating websites remained online until the Dirty Payments investigation started publishing in June 2025.

On June 27th, eMerchantPay, which also features in other stories published by the EIC, provided a statement saying that although they believed Dirty Payments stories “fundamentally misrepresent the facts,” they have “initiated an internal review to understand the full context of the claims to ensure we respond appropriately.”

“We take such matters extremely seriously,” they wrote. “To date, we have not been contacted by any regulatory authority regarding any investigation or finding that would support the claims in the article. Should that occur, we remain fully cooperative and transparent.”

Unusable Dating Sites

Eureka bills itself as a “full-service digital marketing agency” and promises “big wins” and “unstoppable revenue growth”; in reality, it is managing hundreds of unusable, apparent scam websites, most of which can't even be found by via search engines.

The 12 months of data from 2023 on Worldline Group’s high-risk clients reveal that Worldline group processed just over 90 million Euros that year for Garroni’s companies. iMerchant/Eureka is the largest group brought to Worldline by eMerchantPay, and a significant amount of transactions occurred through U.S. bank cards.

Garroni’s group is made of shell companies incorporated in the UK and Cyprus, which operate more than 1,500 bogus websites, mostly dating platforms with similar designs. An analysis of 1,168 of these websites showed that 851 of them purposefully prevent Google from indexing them—something that would presumably be necessary for people to actually use the websites for dating.

The Dirty Payments investigation was able to create accounts on the dating websites. However, when it came time to pay for a membership, it was impossible to do so. Instead, leaked documents revealed each dating website has a related and abbreviated URL which is used for billing and “customer support”. For example, one dating site named with the main URL attemptingtosweepyouoffyourfeet.com has an associated billing URL attosepepf.com. After Dirty Payments began publishing, these sites appear to have been taken down.

Dozens of these abbreviated URLs appear on websites where consumers from a wide range of countries report scams. When one visits the billing website URLs, there is a page labeled “Cancel Subscription,” which prompts user to enter the “first 6” and “last 4” digits of their bank card to proceed.

One example comes from a French user, in reference to charges from avaaby.com:

“Every month or happening every two weeks I get surcharges from this damn page and not only this one but some more that are very similar! I have already canceled my credit cards many times but they keep debiting me! I don't know how they do it!! They are fucking thieves! please stop with this already!!!”

Dozens of user reports note unknown transactions on their bank cards, with no mention of using the associated dating site; the only identifying information in each case is the abbreviated URL on their bank statement.

Another consumer wrote in Spanish that:

"They steal money from you every month. I don't know how they got into my bank account, but they've been stealing from me for two months now. Does anyone know what I can do? The bank already gave me new accounts, but it didn't help. :(“

A separate internal Worldline investigation from June 2023 into 15 dating and gaming merchants tied to Garroni’s companies also had the same findings: It was impossible to make a payment on the main websites, the merchants had high fraud and chargeback rates, and, the report noted, customers were complaining to their banks about unknown charges originating from the merchants. Worldline auditors concluded that ten of these merchants should be terminated immediately.

Unfortunately, the Wordline documents give little clue as to how credit card or other billing information is obtained by Eureka/iMerchant. And attempts by Dirty Payments to reach consumers affected by these likely scams were unsuccessful, leaving it unclear whether victims shared any behavior that might have led to their cards being charged.

From Wirecard to Worldline

Leaked internal emails from Wirecard identify Garroni himself as controlling dozens of shell companies operating hundreds of bogus online dating websites through a company called iMerchant International, incorporated in Canada. The documents tie Garroni to multiple iterations of the apparent scam across different payment processors.

Garroni first appears in the Wirecard documents by way of a 2016 email to Wirecard from an iMerchant employee. The employee CC’d Garroni’s own iMerchant email account in a discussion about an issue with onboarding companies to Wirecard. A later 2019 email contains discussion about concerns related to Garroni’s companies: “You may be familiar with the Garroni portfolio. We have found several cases of obvious transaction laundering, where rejected transactions from one Garroni merchant are routed to another Garroni merchant and go through. This is likely a transaction rejected for high-risk (adult) transactions, which is then forwarded to a low-risk (dating) merchant.” This hypothesis could not be independently confirmed.

A February 2020 email later states how, following a “a very serious investigation request from the USA regarding a portfolio… comparable for example to Garroni,” Wirecard began to investigate merchants directly tied to Garroni. An April 2020 email states that Wirecard had decided to terminate connections with Garroni’s portfolio of companies, though no detail is given on the ultimate factors behind this decision.

A 2019 file from Wirecard of recipients of Christmas gifts from the company includes Garroni, listing the address of another of his Californian companies, Eureka Marketing, Inc. (California business records confirm that Garroni is tied to two companies with “Eureka” in their name, Eureka Multimedia Group, Inc. and Eureka Marketing, Inc.) Garroni also lists Eureka Multimedia Group, Inc. on his LinkedIn account.

Several of the companies tied to Garroni in the Wirecard emails later appear in leaked Worldline documents. Garroni managed to onboard many of his companies to the French payment institution Worldline thanks to eMerchantPay. A June 2023 Worldline audit report shows eMerchantPay’s portfolio with Worldline consisted of over 550 individual merchants, 138 of which belong to iMerchant/Eureka. Worldline’s risk department, the document notes “was trained by the former Head of HBR [high brand risk] to not disclose such type of setups in any external (schemes, audits etc) communication since do not [sic] legally exist and WL should not have any knowledge of them.”

The Garroni Playbook

Garroni is most well known in the movie industry, producing the 1980 film “Maniac” and its 2012 remake starring Elijah Wood. After his first films, he set up a direct-to-video erotic thriller production company, Axis Films International.

Today, Garroni’s social media shows him frequently attending the Los Angeles Opera and the Los Angeles Philharmonic. On Instagram, he often posts scenic sunsets from the Hollywood Hills.

However, Garroni also has a history of being investigated for potentially unfair and deceptive internet practices. In 2007, the United States Federal Trade Commission sued Garroni and multiple business entities he and his partners controlled for allegedly engaging “in a nationwide scheme to use deception and coercion to extract payments from consumers.” In the scheme, three websites (movieland.com, moviepass.tv, and popcorn.net) promised users a “free trial” of a software for downloading movies, television, and/or adult content. After the end of the trial period, the software would begin to display pop-up messages that “[took] up much of the computer screen, obstruct[ed] consumers from working in other windows, and lack[ed] any obvious way to permit consumers to minimize or close [them].”

The pop-ups demanded payment from consumers, many of whom said that they had no recollection of ever downloading the service. The pop-ups claimed that those seeing the message were legally obligated to pay for the service since they did not cancel during their trial period. Consumers could temporarily close the pop-ups through a button on the payment entry page, but the pop-ups would reappear, and with increasing frequency. Individuals were also unable to simply delete the software from their computers, as the download service “install[ed] programs and computer code that prevent[ed] consumers from using reasonable means to uninstall [the] software.”

Garroni and his associates ultimately agreed to pay just over $500,000 in their settlement with the Federal Trade Commission and were barred from installing content on consumer’s computers without consent in the future (Garroni did not admit guilt as part of the settlement).The state of Washington also sued Garroni and partners for the same scheme resulting in a $50,000 settlement and “provisions that limit their business practices.”

Garroni has also been previously implicated in a nearly identical set-up in the UK. The Guardian reported in 2007 and 2008 that a UK-based company named Micro Bill Systems Ltd. was behind a pornographic download service which, after a “three-day free trial,” would use invasive and increasingly longer lasting pop-ups to demand payment from users. The managing director of Micro Bill Systems Ltd., Ashley Bateup, told The Guardian at the time that “although [he] admits to having met Andrew Garroni, he denies having any business dealings with him. Discussions did, however, take place between Bateup's co-director, Mark Webb, and Andrew Garroni three years ago.” The Guardian also reported that their own tests showed that the billing software used by Micro Billing Systems Ltd. was different from the one involved in the American scheme.

However, Drop Site News can report for the first time, Garroni does appear to have been involved with the company at the heart of the UK scheme. A review of UK business filings shows that an American citizen named Andrew W. Garroni, with the same address as the one listed for Garroni in the Washington state lawsuit, was on the board of “Micro Billing Systems Ltd”—not the same as Micro Bill.

Reporting from The Guardian in 2009 identified the legal entity controlling Micro Bill Systems Ltd. as Platte International Ltd., where Ashley Bateup was an officer. While Bateup was not involved with the Micro Billing Systems Ltd. entity and Garroni was not an officer of Platte International Ltd., business registration records show that both Platte International Ltd. and Micro Billing Systems Ltd. shared two corporate entities as officers—Premier Secretaries Ltd. and Premier Directors Ltd.

“Money Laundering”?

The June 2023 Worldline audit also suggests that iMerchant/Eureka were suspected of involvement in a “money laundering/transaction laundering” scheme in the United States. The audit was triggered by the resignation of eMerchantPay’s auditor, which terminated their relationship with eMerchantPay after they raised concerns about particular transactions and could not “conclude whether the accounting for the transaction is appropriate and whether there has been a breach of applicable laws and regulations.” The audit report also notes 196 specific merchants related to agent eMerchantPay were flagged internally after Worldline received alerts from card-issuing banks, including Bank of America and ZionsBancorp, about “activities outside expected behavior.”

Worldline’s investigation of three agents and 3,369 total cards, found that 3,295 individual credit and debit cards, a majority of which were “issued by Bank of America and Zions Bancorporation, had been responsible for 340,622 transactions on those specific 196 eMerchantPay-related shops. 94% of merchants across the three agents were “dating merchants.” Transactions related to eMerchantPay in the preceding 12 months represented a total of nearly 13 million Euros in transaction volume, 72% of the total across all three agents. In addition, 94% of the involved debit cards across the 3 agents (with debit cards representing approximately 53% of the total number of cards investigated) were corporate bank cards, not consumer cards, which WordLine determined signaled that “it is highly unlikely that [transaction] turnover coming from identified cards is user-related.”

Further, despite all of the eMerchantPay companies being registered in Europe, 100% of the 3,295 specific cards Worldline investigated related to eMerchantPay were issued in the United States. Outside of those specific cards, 36% percent of all cards transacting with eMerchantPay were from the United States. Combined with cards from the UK, Canada, Australia, and elsewhere, over 68% of cards were from outside of the EU, which is highly unusual given the location of the eMerchantPay companies.

Worldline suspected that this behavior could align with “money laundering/transaction laundering” activity, and the report suggested that eMerchantPay companies may have been in control of the cards investigated, but was not able to conclude that this was the case.

In October 2023, Worldline announced lower earnings expectations and that the company had “tightened its risk appetite policy”. As a result, Worldline appears to have terminated its relationship with all merchants brought to them by eMerchantPay.

Bank of America and ZionsBancorp did not respond to requests for information sent about the alert they issued to WordLine. The Department of Justice and the United States Treasury’s Financial Crimes Enforcement Network (FinCEN) did not respond to questions from Drop Site about whether they were alerted when the card issuing banks reported the unusual activity to Worldline.

Early Warning Signs

While the Worldline audit was published in 2023, there were other, earlier signs that eMerchantPay may not have been a legitimate set of merchants. The audit report notes that eMerchantPay had been working with Worldline since 2014. Our research indicates that eMerchantPay was Worldline’s first high-risk partner and the co-builder of Wordline NV/SA’s high-risk business in Belgium back in 2014.

One major warning sign should have been the eye-popping profitability of companies in eMerchantPay’s portfolio. Drop Site News and partners had access to data about WL’s high-risk clients from the year 2023, covering a 12-month period. This data shows that more than half of the merchants associated with iMerchant/Eureka at Worldline’s German subsidiary Payone paid commissions between 20 and 25 percent on transactions. Nearly 30 companies paid commissions as high as 35 to 50 percent. Payments industry experts interviewed by Drop Site’s partners said that fees in excess of 5 to 10% were an indicator of potential fraud, as legitimate merchants have little reason to accept such fees. Fees for larger merchants are usually around 1% and for smaller merchants around 3 to 4%.

Another cause for concern should have been the number of eMerchantPay merchants that had been obtained from German payments processor Concardis. A Worldline document dated November 2021 shows that the company was considering adding “188 ex-Concardis merchants… through eMerchantPay,” and, in order to fast-track their approval, allowed them to onboard without completing due diligence or Know Your Customer (KYC) checks, despite explicit recommendations against this from Worldline’s compliance department. Of these 188 merchants, 51 were part of iMerchant.

Eleven days later, on November 30th, 2021, German financial regulator BaFin announced it was launching investigations into Concardis. Handelsblatt reported that “BaFin [was] examining, among other things, whether the precautions against money laundering and other illegal activities are adequate – and [had] already discovered some deficiencies.” Still, this did not deter Worldline from expanding its relationship with eMerchantPay before its June 2023 audit raised serious concerns.

Although Drop Site News and the EIC reached out to Garroni and Eureka through multiple means, including email, phone, and physical mail, no reply was received. iMerchant similarly did not respond to requests for comment from the EIC.

Leave a comment