Developments during 2007
Caller ID theft/spoof
Internet phones or cell phones hacked to show calls as coming from European and US numbers even though they originate from Nigeria.
Fraud web sites
In 2007 the number of fake company and phishing websites almost doubled from 23000 to 44000 on record. Is this a responsibility for providers to take action and clean up their image?
At the end of 2007 there was an average of 1500 fake company websites registered per week, of which every week we registered 120 bogus financial services companies The websites are registered with false or stolen ID.
A -Money mule- is someone who allows his or her bank account to be used for the transfer of illegal funds for a small commission.
419 AFF comes in many forms. In all cases, money needs to be funnelled back to the scammers in a way that will hide its origins. To this end, the scammers recruit often unsuspecting people.
The offer comes in the form of someone being an agent for a company or a freelance job, collecting payments and sending them.
The problem is that many people do not see this as a crime. After all, they think, I am just offering a service for which I am getting paid.
By using many of those money mules, the effect is distributed over many individuals making it hard for law enforcement to trace it.
Banks should be able to filter transactions of their customers in order to protect them from becoming a -money mule-.
The dollar is still the main scam currency, but there is a significant trend to Asian currencies and the Euro.
Money laundering takes place on all levels of these cross border crime organizations.
-On the ground level the routine is noticeably through money mules and cash transfers.
-The second level mainly by investments in real estate markets in the fast growing economies. (Examples are Shanghai and Dubai)
-The third level still shows the use of airlines and tickets to launder and transfer illgotten profits.
-On the top-level of international crime syndicates, money laundering, transfers and tax evasion takes place through -the minute system- when minutes of Satellite, mobile and broadband phone are the international means to launder money to practically every country in the world.
-Ownership in banks is a way for crime to control normal businesses. We found significance in overcapitalized banks, in countries that join(ed) the EU or (for example Nigeria) that returned to the international business and banking community when it was taken of the FATF list.
E - Cyber crime units in many countries, that suppose to handle 419 AFF, are planned or working but all are understaffed, not qualified, insufficiently funded, under equipped, not right positioned, hardworking staff is underpaid, with some of the units that the media tells us exist, it is a tiring hassle for a normal person to find them and at moments some e-crime units cannot be reached. (Phones are not answered and email bounces)
We have asked a mix of over a thousand interested members of the public, victims and perpetrators that followed, or had to deal with, the anti-e-crime efforts in past years. They see e-crime units as black holes, nothing more then hoaxes paid for by governments to simulate public safety in the real and virtual world. In 2007 those units did not have significant results that could be noticed by victims, the public and more important, criminal perpetrators.
In the world of cyber-crime the officers and analysts we have dealt with are more interested in the scientific aspect of the work and the compilation of a generic report in years to come as opposed to having any impact on the criminal activity.
In a nutshell there are few practitioners in the world of cyber-crime investigation and efforts till not have significant tactical or strategic input with local or federal law enforcement.
Talk is cheap; inadequate funding for anti e-cyber crime efforts.
Proposals for possible effective efforts get in to a downwards red tape spiral and still are dismissed, or priority is played down. Every bit of information is translated to the perception level and threat assessments of (ignorant?) decision makers; at best they try to fit/bury it into existing limited resources of their department. In contrast with over a billion people, the majority of businesses and most criminal rganisations that already use E-cyber space.
As a comparison, when government and politicians are asked to set priorities with an effective budget, it is the last item on the list, assigned with -a guarantee to fail budget-, for which you cannot even make a decent threat assessment or a not to boring internet game for 15 year olds.
Meanwhile the authorities argue about who should participate and which department or NGO should part with some of their budget in favour of funding a tiny e-crime unit. Do not worry this ignorant and old structure approach is exactly the road to failure against rizomatic crime networks.
It seems a structural problem that cyber crime (networks) attracts departments with conflicting responsibilities. Those departments would like to have the responsibility at least for the part that they understand. Because not one is on itself qualified to grasp or handle the complexity of the matter; for example the E, Cyber and Crime components. At best it results in different departments attacking the different branches of the cyber crime tree, but not the roots.
Cyber-crime may be important when terrorism is involved but the current focus will result in a too late remedy, can we wait for that moment? Or do we lift issues to a higher level now?
The rizomatic roots of E- Cyber Crime networks.
Of course all businesses, including cyber crime, are dynamic and it is necessary to adapt. But adapt to what?
Consider the roots of E- Cyber Crime networks have rizomatic dynamics: resisting, contaminating, and vitalizing what has been established, integrating unknown actors and open sourced adaptive. No linear growth or (common) organizational structure.
Virtual criminal gangs carry out major fraud without the members ever meeting.
The only guarantee one gets when cutting a head of these new criminal networks, is that there are more new heads popping up in (until recent) unpredictable shapes and places.
Media campaigns to warn and educate the public, procedures to protect and change infrastructure, new laws and regulations or arresting a hundred or a thousand obvious perpetrators is positive action, but does not stop the growth and effectiveness of those rizomatic criminal networks, they adapt faster, their decision cycles are significantly shorter and they get better.
Do you believe that a government or one of its agencies can/will help you when you are victim of what is known as cross border e-crime, cybercrime, internet crime? Will there be cyber crime war departments in 10 years?
Greece has doubled its AFF out and input and became a European banking centre for Nigerian AFF. Almost all Greek banks have at least 210 bank accounts used to receive transfers of 419 AFF victims. 419 AFF perpetrators have key ownerships and key positions*. There is no centralized 419 reporting.
The 419 AFF organizations have recruited more low cost locals, mainly in Romania. Among young people that want to work in another country, in Spain among African refugees and China to do their front store work like opening bank accounts, registering companies with the chamber of commerce and receiving money transfers, in 2007 have read more about locals arrested for AFF, in 2008 this will become mainstream when prosecuting AFF, while the 419 AFF organisations stay aloof. There is no centralized 419 reporting.
In The Netherlands we have seen overall a slightly improved situation. Only a 15% rise of 419 scams email containing Dutch contact details. On the other hand, more websites, normal mail, dating and job scams with Dutch contact details. More complaints from victims, which could mean people, are less reluctant to report when they are scammed as before. In 2007 we registered a 70% decline in the use of Dutch company bank accounts by 419 scammers. But a steep rise in money mules.
The federal police project Apollo that started on October 10 2006 ended October 10 2007. It investigated the possibilities for change in Dutch infrastructure, rules, regulations and law, to make the Netherlands less attractive for West African Fraud Crime Networks. During the effort 125 perpetrators were arrested.
2008 could be a turning point if project Apollo is continued in to a new structure.
However it seems that Dutch authorities let the ball drop, and with that the knowledge base collected by the Apollo project. There is no centralized reporting
The federal police project Apollo can be considered as an exemplary -best structural effort-. Other countries with 419 fraud problems are suggested to copy this effort.
In the U.K. police action against 419 AFF came almost to a halt. The only structured attempt is a small Fraud Alert unit in London. The set up of a new national coordination
E-crime unit is currently pending Home Office approval for funding - a typical example of the very slow decision cycles with the authorities - when the largest criminal networks influence most of the internet financial activity - by the time that the authorities react, the crime networks have already anticipated - private sector investment could be necessary.
Japan has almost no 419ers that work there, compared to the high losses of Japanese AFF victims. But it has the exclusive to a very successful extension of the 419 scam which is specifically tuned to Japanese victims. The victims are blackmailed after they realise that they have been scammed. The scammers threaten the victims with telling there colleagues, friends and family that they have been scammed, if the victim does not keep paying fees. There is a surge in scam activity focussed on this -shame scam-, it seems to work even if a victim is initially scammed for a small amount like $50.
Chiba prefectural police have confirmed about 1.3 billion yen from abroad was deposited in about 100 accounts opened by the suspects. Prefectural police launched a joint investigation with Saitama prefectural police to crack a money laundering scheme run by another Nigerian using the same method to launder money for syndicates outside Japan.
Remitting money to Japan is easy because identification and other security procedures are less strict compared with the West.
The Japanese effort is considered a best hands on effort
In Canada there is a high number of Nigerian 419ers. Most of those are perpetrating the whole range of 419 crimes and service other scamrings around the globe. There is a high professionalism among the leaders of the Canadian 419 scamrings, they have built their business and extended it in to the normal business community. There are links to other international organized crime groups and profits are in some cases laundered through foreign banks in which they have a key ownership. In Canada victims of Nigerian AFF can report with Phone Busters fraud prevention and reporting centre.
Kuala Lumpur in Malaysia has become a centre for 419 AFF; we noticed an increase in the number of scammers deployed there from Europe, Canada and West Africa.
Reports from Asia, mainly New Zealand, Australia and Vietnam but also from the US, show an increase of victims whose defrauded moneys are laundered via banks in Malaysia.
In the U.S. the authorities put their effort in prosecuting check fraud victims and unwary money mules, and a media campaign that obviously does not work. There was a minimal effort in international law enforcement cooperation in contrast with the large number of U.S. victims. There still is no centralized reporting with significant results.
More country specific information available on valid request.