What's the difference between a liberal and a terrorist? Go here for the story:

Plancksconstant.org

And.....The money trail : How petty crime funds terror:

www.iht.com

The money trail : How petty crime funds terror
By Jeffrey Robinson International Herald Tribune
Friday, August 13, 2004

Over the past few weeks, several events have focused attention on the way terrorists move money, creating the belief that terror-money trails will lead to what is being planned and, once identified, that those events can be stopped.

A federal grand jury indicted a Texas-based Muslim charity for conspiracy, dealing with terrorists and money laundering; a mosque in Albany, New York, was raided as the result of a terrorist money laundering sting; several Al Qaeda terror-money-related arrests were made in various parts of the world; computer files were discovered in Pakistan that appear to show that Al Qaeda was investing funds to target the New York Stock Exchange, Citigroup, Prudential, the World Bank and the International Monetary Fund; and the Sept. 11 commission report recommended an invigorated "follow the money" philosophy in order to track down Al Qaeda.
On paper, following the money sounds like a great idea.

In the months leading up to September 2001, Al Qaeda operated like a multinational conglomerate by centrally funding a specific activity. They moved a relatively small amount of money — estimates range from $300,000-$500,000 — through charities and alternative remittance systems, known as hawala networks, and were able to exploit the Western banking system with wires, credit cards and ATM machines. But the argument that we can stop Al Qaeda next time by following terror dollars through charities, hawala networks and electronic transfers is misconceived.

It is based on three false assumptions:
First, that terror money is somehow different from regular dirty money. Actually, there is no such thing as terror money. Terrorism is financed through crime, so it is criminal money that we have to look for.

Second, that Al Qaeda is otherwise capable of financing a massive sequel to the Sept. 11 attacks. It isn't, because Al Qaeda Inc. no longer exists. Today, instead of being a multinational terrorist conglomerate, Al Qaeda is much more dangerous — it is a brand. Suddenly, any zealot, anywhere in the world, intent on wreaking havoc is a de facto franchisee with an instantly recognizable battle cry.
Third, that the funding for Sept. 11 is the model for all terrorist funding. It isn't. Generally speaking, Al Qaeda subsidiaries were not centrally funded before Sept. 11, and their franchises are not funded that way post-Sept. 11. What's more, a terrorist event costs almost nothing. By the time the hijackers attacked the World Trade Center and the Pentagon, they had already spent their funds. They'd used their money on cell phones, cars, apartments, motel rooms, food and airline tickets. Because some of those financial transactions were suspicious enough to warrant reporting under various money laundering regulations, and because reporting didn't happen, the 9/11 commission wants that barn door shut. But the horses never lived there.

The central funding of Sept. 11 was a one-off. The first attack on the World Trade Center in 1993 supposedly cost $25,000. The money, which funded the planning of the attack, was stolen through credit card and other types of low-level fraud. It was much the same with the "Millennium Plot" to blow up Los Angeles International Airport in December 1999. The conspirators lived off check fraud, credit card fraud and identity theft. These days Algeria's Armed Islamic Group, or GIA, milks banks and shops through credit card and check fraud. British-based GIA cells financed the 1995 attacks on the Paris metro. It is believed that they also partially funded the Madrid bombings.
That terrorists commit crimes to finance themselves is hardly new. The Irish Republican Amy was funding itself that way more than 30 years ago. They were working slot machines, extortion, identity theft, fraud and cigarette smuggling. Following in those footsteps, three decades later, a Middle Eastern terrorist cell was discovered operating a cigarette smuggling ring in North Carolina. This was not terror money. These funds were the proceeds of crime — dirty money. This was not the centrally-funded, Sept. 11 Qaeda model, it was the locally funded IRA model.

No one knows when or where the next terrorist atrocity will happen. But these four things are true: When it happens, it will cost almost nothing; yesterday's money laundering laws, which are mainly aimed at drug cash going into the banking system, won't stop it; nor will any government intent on following Al Qaeda's terror money trails; but if we get down below the radar where the IRA used to live and where Al Qaeda's franchises are today committing low-level crimes, and if we can cut off their cash flow, then we can bankrupt them and like any business, once it's bankrupt, there is no product.....

For more on the story, follow the link provided above.




-- Edited by Cyber Diva at 13:05, 2007-03-14

Factoring - Credit Card Laundering....

June 13th, 2006
Credit Card Factoring is a type of business fraud that I commonly refer to in the blog.

What is factoring:

Credit card factoring is essentially processing transactions through a merchant account for a business or entity other than the specific business that was screened for the merchant account. Credit card factoring, also known as credit card laundering, or even money laundering, can exist in many forms. The most basic form of factoring would be a business processing transactions for another business. Another common case of factoring is when a business opens a branch, DBA, or sub-business and attempts to process through the central company’s merchant account. This case is often seen when a business starts a website, and tries to process credit card transactions without opening a separate merchant account for their website.

Telemarketing and call centers used solicit factoring often, but their business practices have come under close scrutiny in the recent years due to massive fraud and losses by major financial institutions.

Why exactly is factoring bad?

First, factoring is used as a method to launder money via credit cards. A business would theoretically process payments for illegal products or services and end up with a clean deposit in their bank account a few days later. It is rumored that a huge amount of terrorist activity is funded illegally with credit cards.

A slightly less severe result of factoring, is the loss of accountability for credit card transactions when a business processes for someone else. In the event of fraud or chargebacks, the processing banks have a hard time figuring out who is responsible for the credit transactions, because they could have been run my multiple businesses. In the end, the customer gets their money back, and the processing bank is left to recoup from the business.

Telemarketing companies have been notorious for employing individuals to open merchant accounts and process transactions for them in exchange for a quick buck. The telemarketing company would keep the bank account empty, and when the chargebacks started rolling in, the processing bank was stuck with the bill. Millions of dollars have been lost to this type of fraud, which has also helped telemarketing companies to be labeled as high risk businesses, whether legitimate or not.

What is considered factoring?
Processing a transaction for another business or person
Processing a payment for an illegal or restricted product or service
Processing the merchant account owner’s credit card
Processing transactions in a method not allowed by the merchant account type (Ex: ecommerce transactions through a retail merchant account)
Processing transactions for a separate division / branch / DBA of a company not approved on the merchant account
Unauthorized scanning / reading / decoding of the information on a credit card with or without the intent to process the card
Attempt to employ, or solicit another company or person to process a transaction through their merchant account
Unauthorized re-charging of a credit card (often seen if a business looses a chargeback)

Repercussions for being caught factoring:
Simply put, Visa and MasterCard will have your merchant account shut down, and you can be substantially fined, and placed on the TMF (Terminated Merchant File). Depending on the severity and intent of the factoring, there may be legal repercussions as well. Since deliberate factoring often qualifies as money laundering, there are a variety of laws that are also being broken when a business is guilty of factoring. Also, depending on whether the factoring took place across different states there are federal and state penalties, for factoring. In many states factoring and money laundering are felonies.

Why am I writing about this?
Factoring is something that many businesses do and may not even know its wrong. Factoring is a crime, and is easily avoidable.

source: http://www.merchantaccountblog.com/archives/140

-- Edited by Cyber Diva at 13:13, 2007-03-14

Credit card fraud: Nigerian banks beware!




Credit card fraud: Nigerian banks beware!
By SEUN ADESIDA
Thursday, November 30, 2006
•Credit Card
Photo: Sun News Publishing

*

Fraud on credit and debit cards has a high cost to society as the proceeds are often used to fund serious organised crime, such as drug trafficking and terrorism.

The financial cost to cardholders of card fraud is largely borne by the banking industry, but the personal cost in time, inconvenience and frustration while an incident is investigated - being without cards, waiting for fraudulent expenditure to be reversed or offset, the sense of violation - is immeasurable.

There are several ways card fraud could be perpetuated. Now that Nigerian banks are beginning to introduce credit card into the system, it is pertinent to sensitise the public on the dangers associated with the latest financial technology introduction.

Fraud could occur where a card is physically stolen from the owners wallet or home, or if lost, and is then used by a criminal, posing as the owner, to obtain goods and services. Most fraud of this type takes place before you have the opportunity to report the loss.

The saving grace is that this type of card fraud has remained fairly static for the past five years, but a decrease is expected once chip and PIN is fully rolled out in Nigeria. The kind of credit card currently deployed in Nigeria are just PIN protected. What this means is that the banking sector is dangerously exposed to great losses arising from credit card fraud alone.

This kind of card has the tendency of being easily skimmed; that is cloned. A skimmed card is one that has been printed, embossed or encoded without permission from the card company, or one that has been validly issued and then altered or recoded. In most cases, the genuine data on a card's magnetic stripe is electronically copied onto another card, without the legitimate cardholder's knowledge.

It occurs at retail outlets, such as bars, restaurants and petrol stations. When a corrupt employee puts a card through a device, without one’s knowledge, that electronically copies the data from the card’s magnetic stripe. Sometimes skimming takes place at cash machines where tampering has occurred and a skimming device has been fitted.

The information is usually then sold higher up the criminal ladder where counterfeit cards are made. Often one will be unaware of such fraud until his or her statement arrives, showing purchases that he did not make.
Card-not-present (CNP) fraud: This includes fraud conducted over the Internet, by telephone, fax and mail order. It is perpetrated when criminals obtain card details, through the theft of one’s card details from discarded receipts or by copying down ones details during a transaction. This is now the largest type of fraud in the UK.

The problem in countering this type of fraud lies in the fact that neither the card nor the cardholder is present at a till point in a shop. This means that CNP businesses are unable to check the physical security features of the card to determine if it is genuine without a signature or a PIN. It is not easy to confirm that the customer is the genuine cardholder. Card issuers cannot guarantee that the information provided in a card-not-present envrionment has been given by the genuine cardholder.
Mail non-receipt card fraud is a type of fraud that involves your card being stolen in transit, once it has been sent out to you from your bank.

Identity theft on cards: This occurs when a criminal uses one’s fraudulently obtained personal information to open or access card accounts in one’s name. There are two types:
Application fraud – stolen or false documents are used to open an account in your name. Criminals steal documents, such as your utility bills and bank statements to build up usable information. Alternatively, they may use counterfeit documentation for identification purposes.

Account take-over – by obtaining key personal information. Criminals are able to take over the running of your account, by pretending to be you. The criminal will try to deceive your bank or card company and arrange for payments to be taken from the account. The criminal may also instruct the bank to change various details of the account, such as the address, and then ask for new cards and cheque books to be issued.

To prevent the occurrence of these fraudulent practices, a chip and PIN - the combination of two effective security features can be used. The first, the `chip' or microchip on the card stores card data more securely than a magnetic stripe, making chip cards harder to counterfeit. The second, the four-digit PIN, which is used to prove you are the genuine cardholder. It is a much safer way to prove that you are the genuine cardholder as it cannot be compromised in the way that a signature can.

Security analysts are asking Nigerian banks and the Economic and Financial Crime Commision (EFCC) to quickly float a card crime unit (CCU). The unit must be jointly funded by the banking industry and the Nigerian government and staffed by newly trained police personnel, fraud investigators and bank staff provided by the Bankers Committee.

The unit must focus primarily on counterfeit fraud to encompass other categories of serious and organised cheque and plastic crime, including cash machine fraud, account take-over, application fraud, mail intercept, cheque and card-not-present fraud.
It is expected that the unit will help in identifying, investigating, arresting and prosecuting criminal gangs that may want to start card fraud in Nigeria because of the introduction of debit and credit card into the financial system.

A similar dedicated cheque and plastic card unit (DCPCU), a plastic card crime unit in the UK recorded a resounding success, as it recovered more than 3,400 counterfeit cards, 39,600 compromised card numbers and 5,420 cheques earmarked for fraudulent use. This led to estimated savings to the banking industry in excess of £100 million. The DCPCU has also seized assets and recovered property, valued at £2.39 million, from raids on suspected criminals.

The Unit arrested 306, of whom 90 have been charged. To reduce card-not-present fraud, there is a five pronged strategy in place. This includes the Address Verification System and Card Security Code (AVS/CSC) which is available for businesses that accept card-not-present transactions. These systems allow retailers to verify your billing address and to cross-check a special security code that is on your card. These extra data checks verify the additional information supplied by cardholders to enable merchants to decide whether to proceed with the transaction.

Verified by Visa and MasterCard Secure Code are payment systems that prevent criminals from using stolen card details for Internet transactions. These are password-protected services that enable financial institutions to confirm your identity for the merchant when you are using a card to pay online. Enabling merchants to confirm your identity in this way puts another barrier between criminals and your information.

These systems also have the advantage of being global, and therefore should reduce fraud abroad as well as domestic fraud. In Nigeria, retailers who will be accepting the credit card are encouraged to make use of various card-not-present fraud prevention tools, such as intelligent fraud detection software.
In the longer term, chip and PIN cards may help prevent CNP fraud through the development of pocket-sized card-accepting devices that can be used with phones and computers by generating a dynamic password for use solely in the CNP environment (referred to as token-based authentication).

Intelligent fraud detection computer systems are used by banks, and can track customer accounts for unusual spending patterns that may occur due to fraudulent activity on lost, stolen or compromised cards. The snag here is, do Nigerian banks have this system? The system ensures the effectiveness and sophistication of customer-profiling network systems that identify unusual spending patterns or high-risk transactions.

It enables a bank to be notified, if irregular spending is detected, to check if the transactions are genuine and, if not, an immediate block can be put on the card. These systems are not only used for transactions taking place in the UK but internationally as well. The kind of card currently deployed by Nigerian banks are just a hybrid of the chip-PIN protected card.
Most of the skimmed cards are mainly the kind of cards that are just magnetic strip- PIN protected cards that can easily be cloned, this account for the huge amount of financial losses involved in the crime in UK alone.

The Industry Hot Card File (IHCF) is another facility that is lacking in Nigerian financial system. It enables retailers to electronically check every card transaction for cards being used fraudulently. More than 80,000 retailers subscribe to this electronic file that distributes data on lost or stolen cards. When a card is swiped as part of a normal transaction, it is automatically checked against the file. If the details given match those of a card on file, an alert is given to the retailer. The IHCF contains information on more than 5 million missing cards and over 440,000 cases of attempted fraud were prevented by this system in 2004.

The UK’s Fraud Prevention Service(CIFAS) provides a range of services to enable its member organisations to exchange information and help identify and prevent fraud, including that relating to plastic cards. CIFAS’ main emphasis is on identity, application and first-party fraud.
New figures released recently by APACS, the UK payments association, show that overall card fraud continued to decline in the six months to June 2006. Total card fraud fell by five per cent during this period, from £219.5m to £209.3m, mainly thanks to chip and PIN protected cards.

Card specialist and financial security experts in Nigeria are queurrying why Nigerian banks should introduce these cards when the financial security infrastructure are still grossly inadequate. This is apart from the fact that it is easy to get a customer’s PIN compromised either directly or indirectly. Others use same PIN for almost all their cards in case the bank is not the one generating the PIN. The next question is: How secure are our point of sale (POS) terminals? At the present security level, most of this terminal are just waiting fraud terminals, POS and ATM service providers must ensure that there systems become more secure and are not financial security risks by the use of the chip-PIN security device instead of the present hybrid of PIN only.

source link: http://www.sunnewsonline.com/webpages/features/money/2006/nov/30/money-30-11-2006-001.htm

Help is available for you Lorraine


Napa Valley State Mental Hospital: http://www.dmh.ca.gov/Statehospitals/Napa/default.asp

Global Terrorism Analysis.....

Terrorism Monitor

Tangled Webs: Terrorist and Organized Crime Groups

By Hayder Mili

Since the early 1990s, Western law enforcement agencies have noted an increasing reliance on criminal activity by terrorist networks around the world. Funding sources from the Persian Gulf, charities and other non-governmental fronts have been placed under pressure. This development, compounded by the arrests of several high-ranking coordinators and financiers of operations in Europe and North America—such as Abu Doha and Fateh Kamel—have compelled jihadi networks to adapt and further diversify their funding sources. Consequently “traditional” criminal activities like drug trafficking, robbery and smuggling are rapidly becoming the main source of terrorism funding. In fact, many recent terrorist attacks have been partly financed through crime proceeds.

Funding Shifts

Throughout the 1990s, European law enforcement officers tasked with combating the Algerian Armed Islamic Group (GIA) networks noticed that operatives had penetrated local criminal structures in Europe and North Africa by using ethnic and cultural links. With the jihad in Algeria at its height, the under-funded GIA became actively involved in drugs and weapons trafficking through logistics and financial support cells in Europe. GIA members such as Djamel Lounici and Mourad Dhina also trafficked stolen vehicles and forged documents. Similarly, for years the Fateh Kamel network in Montreal and an affiliated cell in Istanbul benefited from trafficking in stolen vehicles, theft and credit card fraud. One of its Montreal members, the Millennium bomber Ahmed Ressam, had also planned a series of armed robberies to secure funding for his aborted attack on the Los Angeles airport in 1999.

While a number of violent crimes involving jihadists have taken place in North Africa and Europe over the last decade, the full synthesis between criminality and terrorism took place in 1996 with a series of deadly armed robberies in the French town of Roubaix, which police initially assumed were perpetrated by criminals motivated solely by money. Following the attempted bombing of a G-7 meeting in Lille, French authorities discovered that the Roubaix gang was in fact a small Islamic militant organization that had also committed robberies in Bosnia to fund the jihad. An added benefit of these actions—from the Roubaix gang’s point of view—may have been that these unconventional “fundraising operations” were, in fact, terrorizing in themselves.

In December 2005, co-leader of the Roubaix gang and French convert Lionel Dumont was sentenced to 30 years in prison. Moreover, similar groups have been dismantled in France in the past months, including in a December 13th joint operation involving five French law enforcement agencies that netted over 25 suspects as well as high-grade explosives and weaponry. The group included known jihadists, radicalized delinquents and common criminals. Some of the members of this Zarqawi-linked cell—including presumed leader and ex-convict Ouassini Cherifi—were also involved in a number of armored car robberies that were undertaken to raise funds for the movement of recruits to Iraq.

Triangular Trafficking and Specialization

A “triangular trade” is steadily evolving that consists of weapons, stolen/contraband goods and narcotics. New al-Qaeda affiliates, notably the Groupe Salafiste pour la Prédication et le Combat (GSPC), the Moroccan Islamic Combatant Group (GICM) and North African branches of Takfir wa al-Hijra (Excommunication and exile) have inherited old GIA networks spread across Europe and are actively involved in various types of trafficking to fund operations, trade in weaponry and explosives and move/shelter militants. In Europe, this nexus is mostly active in France and especially Spain, which because of its geography is a major transit (and destination) point for Moroccan cannabis as well as a hub for forged documents and credit cards (Le Nouvel Observateur, October 7, 2004).

While networks were initially involved in drugs-for-weapons exchanges, many eventually shifted to direct drug trafficking. Moroccan sources suspect drug money to be the main source of funding for the May 16, 2003 attacks in Casablanca. Moreover, according to Spanish police, the funding for the March 11, 2004 Madrid train attacks came from drug trafficking, and many of those who took part in the preparation and execution of the attack had been involved in criminal activities such as stolen vehicle trading, jewel thefts and various types of counterfeiting (La Vanguardia, May 24, 2005). Furthermore, over half of the members of the group planning suicide strikes against the Spanish High Court later that year were already in jail on drug-trafficking-related charges.

Additionally, in June and November of this year, Spanish police uncovered operational and logistics cells of the GSPC and the Zarqawi networks, and discovered that the suspects had engaged in credit card fraud, robberies, drug trafficking and vehicle theft. At times an operational cell may partially fund itself, as when police found 7 kilograms of hashish in the hideout of the suspects planning to bomb the Strasbourg cathedral in 2000. Although financed by Abu Doha, the group had been raising funds through drug trafficking in Frankfurt and London. Many other Islamist cells dismantled in Europe following September 11, 2001, had engaged in drug trafficking, including an al-Qaeda linked group operating in Antwerp and Brussels and a cell in the Netherlands involved in the assassination of Ahmad Shah Massoud.

Diversification

Aside from narcotics, militants and sympathizers also traffic in precious stones and metals, mainly because they are easy to transport and difficult to trace. This was the case with a Tunisian man charged in Germany with planning attacks against Western targets, who had used a travel agency as a front for gold and silver trafficking (Agence France-Presse, November 30, 2004). Front companies are ideal vehicles to transfer illicit funds and since the mid-1990s, dozens of terrorist front companies have been dismantled in Europe. Recent arrests in France uncovered a GICM support cell (linked to the Madrid bombings) operating various business ventures, just as Ould Slahi—involved in major al-Qaeda plots and closely linked to al-Qaeda financier Khaled Al Shanquiti—was first arrested in 1999 for laundering drug money through his import-export firm.

Blurring the Lines

Following the arrests of several key players in the GIA’s European operations in the mid-1990s, networks reorganized themselves around contraband and arms-smuggling rings influenced by elements of the Russian and Sicilian mafia (the latter has also laundered money for the GIA) [1]. These types of relationships arise from mutual benefit, with the terrorists seeking entry into established trafficking/money laundering channels and traditional criminal groups taking advantage of profit opportunities. Ethnic or religious links are not necessarily essential for collaboration to take place; for example, the Madrid bombings were facilitated by members of local criminal groups and petty thieves. When in 2001 the Spanish police conducted a counter-narcotics operation, which netted, among other items, hashish, explosives and detonators, they initially arrested the procurer of explosives for 3/11, José Suárez. Furthermore, the arrests of Marc Muller and Stephen Wendler in the mid-1990s were two of many examples where arms traffickers knowingly supplied terrorist groups with weapons from ex-soviet bloc states. In a case of direct barter, two Pakistanis and a U.S. citizen were detained in Hong Kong in 2002 in an attempt to exchange 600kg of heroin and five tons of hashish for four Stinger missiles, which they intended to sell to al-Qaeda.

Since traffickers and terrorist organizations have similar logistical needs, there is ample room for collaboration in money laundering and even facilitating illegal immigration. Recent evidence from Morocco strongly suggests that jihadists are increasingly reliant on outsourcing to specialized migrant smuggling networks to infiltrate or exfiltrate targeted countries (La Gazette du Maroc, February 9, 2004).

There are additional concerns that trafficking channels can be used to move heavy weaponry and even weapons of mass destruction (WMD) and WMD components. In December 2004 members of Takfir were arrested in Barcelona for allegedly trying to purchase over 400kg of industrial explosives and material from a Czech source to build a “dirty bomb” (MAP Maghreb Arebe Presse, October 28, 2005). Moreover, in a recent case of arms smuggling from Russia, traffickers attempted to sell high-powered arms—and reportedly uranium—to an FBI informant posing as a middleman for al-Qaeda.

Justification

To retain legitimacy, contemporary terrorist groups are particularly concerned about providing religious justification for their acts, criminal or otherwise. The writings of a 13th century Islamic jurist, Ibn Taymiyya, are an important source of authorization in regard to seizing the enemy’s property during jihad. During the Algerian jihad, Ali Benhadj (a leader of the Islamic Salvation Front—FIS) quoted Ibn Taymiyya in declaring a fatwa authorizing GIA groups to assassinate and seize the property of all Muslims who opposed them. Terrorist mastermind Sheik Abdel Rahman had also authorized robbery against “the miscreants and the apostate state,” while in 1998 Osama bin Laden echoed this in his call to kill Americans and “plunder their money wherever and whenever they find it.” In January 2004 a member of the Moroccan group, Salafiya Jihadiya admitted being shown videos that legitimized and promoted robbing “infidels and hypocrite Muslims,” suggesting that encouraging criminal behavior is emerging as an integral feature of al-Qaeda’s internal propaganda.

While Islamists are widely viewed as uncompromising literalists, pragmatism in the search for funds is evident in the religious decree by Salafist ideologue Nasreddine El Eulmi, which authorized the use and sale of drugs during the Algerian jihad. The most radical of contemporary terrorist groups, the Takfir, explicitly encourages robbery and drug trafficking as long as a fifth of the proceeds are used to fund the Islamist cause (Le Parisien, September 8, 2002). Arrests in Morocco in 2002 confirmed that its members were encouraged by their emir to steal “jewels, credit cards and money” from their victims (Maroc-Hebdo, August 3, 2002).

Conclusion

For terrorist organizations, the source of funding is irrelevant and only matters because it procures weapons, facilitates movement and produces propaganda. Even major operations cost relatively small sums when compared with the vast revenues of organized crime groups. For example, major operations like the Madrid bombings cost anywhere between $15,000 to $35,000, while the annual profits from cannabis trafficking in Europe alone are estimated at $12 billion.

The incorporation of organized criminality into terrorist ideology and operations shows the flexibility of terrorist organizations in adapting to dynamic fundraising environments. The border between the two worlds is ever more porous, with terror suspects now often imprisoned on multiple charges, both criminal and terrorist.
This poses significant challenges to law enforcement agencies, which have traditionally targeted terrorism and criminality separately.

Hayder Mili is an independent researcher specializing in Islamism in Central Asia and the Caucasus.

Notes

1. Salima Tlemçani, “Trafic d'armes en Europe,” Les filières du GIA, January 11, 2000.

Hey Passion, isn't this futuristic stuff, cool? "Biometrics, the science of identifying individuals based on their physical, chemical or behavioral characteristics, is a key piece in homeland security strategies..."



Biometrics, the science of identifying individuals.....

CUBS focus is biometrics
By ELLEN GOLDBAUM
Contributing Editor

Biometrics, the science of identifying individuals based on their physical, chemical or behavioral characteristics, is a key piece in homeland security strategies, but no single biometric—such as face, signature or fingerprint—fits all applications, says the director of UB's Center for Unified Biometrics and Sensors (CUBS).

Many of the systems on the market have a high false-positive rate, which could be misleading or even dangerous, according to Venu Govindaraju, director of CUBS and professor of computer science and engineering.

For that reason, he says, the UB center takes a unique approach to developing technologies in biometrics, combining and tuning different biometrics to fit specific applications.

"We believe success in this area depends on being able to combine and tune technologies to different applications by using contextual knowledge about how the data will be used," said Govindaraju. "The technology for these applications exists. Now it's a question of figuring out how to build the best devices."

CUBS has secured funding to create systems that:

Could quickly identify suspicious public-health patterns, indicating a possible terrorist attack or epidemic, by automating handwritten data collected about patients entering the nation's emergency rooms. Funded by the National Science Foundation.

Will help close the digital divide between the English and non-English speaking worlds by developing the first optical character reader (OCR) software for handwritten and machine-printed Arabic documents so that they can be searched automatically with keywords. Funded by the Director of Central Intelligence Postdoctoral Research Fellowship Program. (See story on this page for further details.)

Protect Web sites against cyberterrorism using handwritten CAPTCHAS (Completely Automated Public Turing Tests to Tell Computers and Humans Apart), automated tests or puzzles designed to determine whether visitors to sites are humans or machines. Funded by the Calspan-UB Research Center.

Bridge biometrics and forensics by matching automatically facial characteristics described by crime victims or witnesses with large facial databases of persons previously or allegedly involved in crimes or acts of terrorism. Funded by the Calspan-UB Research Center.

Prevent credit-card fraud and protect homeland security by combining face, fingerprint and signature biometrics, and embedding them in smart ID cards. Funded by the New York State Office of Science, Technology and Academic Research, UB and Ultra-Scan Corp.

Combine biometrics, such as signatures and fingerprints, to identify individuals entering the U.S. and to improve overall system accuracy. Funded by the U.S. Army Research Laboratory.

Additional funding for CUBS projects comes from other private high-tech firms, such as mobileLexis (Salt Lake City), Infinite Group (Rochester), Uniform Data System for Medical Rehabilitation (Amherst) and Ubique (Buffalo).

Next topic for Passion is Operation Cyber Sweep...


http://www.fbi.gov/cyber/cysweep/image045.jpg

-- Edited by Cyber Diva at 14:32, 2007-03-14

Operation Cyber Sweep an FBI report on: Common Internet Fraud Schemes

Common Internet Fraud Schemes

Advance-Fee Fraud Schemes

The victim is required to pay significant fees in advance of receiving a substantial amount of money or merchandise. The fees are usually passed off as taxes, or processing fees, or charges for notarized documents. The victim pays these fees and receives nothing in return. Perhaps the most common example of this type of fraud occurs when a victim is expecting a large payoff for helping to move millions of dollars out of a foreign country. The victim may also believe he has won a large award in a nonexistent foreign lottery.

Business/Employment Schemes

Typically incorporate identity theft, freight forwarding, and counterfeit check schemes. The fraudster posts a help-wanted ad on popular Internet job search sites. Respondents are required to fill out an application wherein they divulge sensitive personal information, such as their date of birth and Social Security number. The fraudster uses that information to purchase merchandise on credit. The merchandise is sent to another respondent who has been hired as a freight forwarder by the fraudster. The merchandise is then reshipped out of the country. The fraudster, who has represented himself as a foreign company, then pays the freight forwarder with a counterfeit check containing a significant overage amount. The overage is wired back to the fraudster, usually in a foreign country, before the fraud is discovered.

Counterfeit Check Schemes

A counterfeit or fraudulent cashier’s check or corporate check is utilized to pay for merchandise. Often these checks are made out for a substantially larger amount than the purchase price. The victims are instructed to deposit the check and return the overage amount, usually by wire transfer, to a foreign country. Because banks may release funds from a cashier's check before the check actually clears, the victim believes the check has cleared and wires the money as instructed. One popular variation of this scam involves the purchase of automobiles listed for sale in various Internet classified advertisements. The sellers are contacted about purchasing the autos and shipping them to a foreign country. The buyer, or person acting on behalf of a buyer, then sends the seller a cashier's check for an amount several thousand dollars over the price of the vehicle. The seller is directed to deposit the check and wire the excess back to the buyer so they can pay the shipping charges. Once the money is sent, the buyer typically comes up with an excuse for canceling the purchase, and attempts to have the rest of the money returned. Although the seller does not lose the vehicle, he is typically held responsible by his bank for depositing a counterfeit check.

Credit/Debit Card Fraud

Is the unauthorized use of a credit/debit card to fraudulently obtain money or property. Credit/debit card numbers can be stolen from unsecured web sites, or can be obtained in an identity theft scheme.

Freight Forwarding/Reshipping

The receiving and subsequent reshipping of on-line ordered merchandise to locations usually abroad. Individuals are often solicited to participate in this activity in chat rooms, or through Internet job postings. Unbeknownst to the reshipper, the merchandise has been paid for with fraudulent credit cards.

Identity Theft

Identity theft occurs when someone appropriates another's personal information without their knowledge to commit theft or fraud. Identity theft is a vehicle for perpetrating other types of fraud schemes. Typically, the victim is led to believe they are divulging sensitive personal information to a legitimate business, sometimes as a response to an email solicitation to update billing or membership information, or as an application to a fraudulent Internet job posting.

Investment Fraud

An offering that uses false or fraudulent claims to solicit investments or loans, or that provides for the purchase, use, or trade of forged or counterfeit securities.

Non-delivery of Goods/Services

Merchandise or services that were purchased or contracted by individuals on-line are never delivered.

Online Auction/Retail

The fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site.

Phony Escrow Services

In an effort to persuade a wary Internet auction participant, the fraudster will propose the use of a third-party escrow service to facilitate the exchange of money and merchandise. The victim is unaware the fraudster has spoofed a legitimate escrow service. The victim sends payment or merchandise to the phony escrow and receives nothing in return.

Ponzi/Pyramid Schemes

Investors are enticed to invest in this fraudulent scheme by the promises of abnormally high profits. However, no investments are actually made by the so called “investment firm.” Early investors are paid returns with the investment capital received from subsequent investors. The system eventually collapses and investors do not receive their promised dividends and lose their initial investment.

Spoofing/Phishing

A technique whereby a fraudster pretends to be someone else's email or web site. This is typically done by copying the web content of a legitimate web site to the fraudster's newly created fraudulent web site. Phishing refers to the scheme whereby the perpetrators use the spoofed web sites in an attempt to dupe the victim into divulging sensitive information, such as passwords, credit card and bank account numbers. The victim, usually via email is provided with a hyperlink that directs him/her to a fraudster's web site. This fraudulent web site’s name (Uniform Resource Locator) closely resembles the true name of the legitimate business. The victim arrives at the fraudulent web site and is convinced by the sites content that they are in fact at the company’s legitimate web site and are tricked into divulging sensitive personal information. Spoofing and phishing are done to further perpetrate other schemes, including identity theft and auction fraud.

OPERATION CYBER SWEEP

This map depicts the locations of the investigative actions highlighted in Operation CYBER SWEEP.

Internet Fencing Operation

This Chicago based scheme involves 20+ individuals who were active members of a theft ring/fencing operation which used Internet auction sites to sell the stolen merchandise at prices far below what the items could legitimately be purchased for. The stolen merchandise was obtained via thefts from interstate shipments and major retail stores across the U.S. The main subjects of the investigation are a mother and son who operated three Chicago area pawnshops. The two have generated approximately $3,000,000.00 via Internet auction sales since January 2001. Search warrants executed during the course of the investigation have resulted in the recovery of stolen merchandise valued at $175,000.00.

It is anticipated federal charges of criminal conspiracy to commit interstate transportation of stolen property, mail fraud, wire fraud, and possession of property stolen from interstate shipments will be filed during the week of November 17, 2003.

The Chicago offices of the Federal Bureau of Investigation, the United States Postal Inspection Service, and the Chicago Police Department investigated this matter.

The “Reshipping” Scheme

As the popularity of shopping on the Internet has grown, so have correspondingly the number of e-commerce websites. As traditional brick and mortar stores continue to increase their World Wide Web presence, the organized criminal elements have quickly responded by adapting, changing, and bringing their tradecraft to the Cyber world.

Although the “Reshipping” scheme continues to change and evolve with time, one main underlying component remains the same. This scheme requires individuals in the United tates who, in some instances are coconspirators and, at other times, are unwitting accomplices, to receive packages at their residence and subsequently repackage the merchandise and ship it to another location, usually abroad.

“Reshipper” Recruitment

“Reshippers” are being recruited in various ways. However, the two most prevalent recruitment scenarios that transpire almost everyday are described as follows:
Employment

Unknown subjects post help-wanted advertisements at popular Internet job search sites. Respondents throughout the United States, who are very much interested in the prospect of working at home, quickly respond to the on-line advertisement. As part of the application process, the prospective employee is required to complete an employment application, wherein he/she divulges sensitive personal information, such as their date of birth and social security number.

The applicant is informed that he/she has been hired and will be responsible for forwarding merchandise purchased in the United States to the company’s overseas home office. The scheme now transitions to the freight-forwarding phase, commonly referred to as the "Reshipper." The packages quickly begin to arrive and, as instructed by his/her employer, he employee dutifully forwards the packages to their overseas destination. Unbeknownst to the “Reshipper,” the recently received merchandise was purchased with fraudulent credit cards.

After being employed for one month, the employee is now ready to receive his/her first paycheck. Prior to receiving his/her first payroll check, the employer contacted the employee by the usual means, email, and informed him/her that another business, which owes him money, will be forwarding to him/her a cashier’s check drawn on a United States financial institution. Incidentally, the cashier’s check will be issued for an amount in excess of the employee’s negotiated monthly stipend. The employee will be instructed to negotiate the cashier’s check and electronically forward the overage to an overseas bank account. As a matter of fact, the employer will extend his good will by offering the new employee a small financial bonus for the inconveniences associated with negotiating the cashier’s check.

This is a screen shot of a web site.




A fraudulent website offering, “work at home” employment.

Subsequently, the new employee will be contacted by the financial institution that recently handled the transactions and be informed that the cashier’s check was in fact a fraudulent nstrument. At that time, the employee will also be informed that he/she is liable for the total amount of the negotiated fraudulent cashier’s check.

The employee now realized his/her employment was fraudulent. However, this fraudulent scheme does not end here. For the victim employee, it is now when the most troubling aspect of this employment begins. Remember at the outset of the interview, the prospective employee was required to complete an employment application that asked for very personal information. That information is in the hands of an unscrupulous “employer,” who unbeknownst to the victim employee has already obtained credit in his/her name.

“Friendship” and “Love” via Internet Relay Chat

While conversing in various Internet Relay Chat “rooms,” unsuspecting United States citizens are befriended by unknown individual(s) who represent themselves as living in either Ghana or Nigeria. At this initial juncture, the unknown subject’s line of recruitment will take one of two paths.

“Friendship”

After establishing this new on-line “friendship,” the unknown subject explains that, for various legal reasons, his/her country will not let direct business shipments into his/her country from the United States. After the unknown subject has “played" their sad story, he/she asks for permission to send recently purchased items to his/her United States address for subsequent shipment abroad. The unknown subject further explains that he/she will cover all shipping expenses. After the U.S. citizen agrees, the proverbial “flood gates” open and the packages start to arrive at great speed. This fraudulent scheme lasts several weeks until the “reshipper” is contacted. The victimized merchants explain to the “reshipper” that the recent shipments were purchased with fraudulent credit cards. The “reshipper” is interviewed by law enforcement and usually cooperates in the investigation.

“Love”

This recruitment method is very similar in nature to the scheme detailed above. However, instead of friendship, this unknown subject uses the art of seduction to ensnare his/her unwitting accomplice. The unknown subject quickly confirms his/her romantic overtures by providing his/her unsuspecting partner with a nominal gift.

After the romantic trap has been set, the unknown subject proffers the idea of him/her being allowed to utilize their partner’s U.S. residential address for the receiving and subsequent reshipping of the recent on-line purchases. Once the agreement has been reached, the packages start to quickly arrive and, out of his/her feelings of obligation, the packages are quickly prepared for reshipment abroad. Several weeks pass and eventually, the U.S. girlfriend/boyfriend is contacted by the victimized merchants. Shortly thereafter, the strings of attachment are untangled and the boyfriend/girlfriend realize that their Cyber relationship was nothing more than an Internet scam to help facilitate the transfer of goods that were purchased on-line by fraudulent means.




“Reshippers” Economic Impact

In preparation for Operation Cyber Sweep, the Internet Crime Complaint Center (IC3), through its established public/private alliance with the Merchants Risk Council (MRC), requested suspected on-line fraudulent “Reshipper” transaction for the 120 days preceding November 1, 2003.

Numerous Reshipper investigations have been initiated nationwide and abroad, coordinated via the IC3. USPIS, FBI, USSS and a myriad of state and local agencies have participated in these investigations.

Members of the MRC reported 7,812 fraudulent transactions with an aggregated potential economic loss of $1.7 million. Analysis of the transactional data identified

5,053 addresses in the United States that were utilized in the furtherance of the “Reshipper” scheme.

As a result of the continual real time sharing of information between law enforcement and private industry, over $350,000 in merchandise was recovered and returned to the respective victim companies.

According to the MRC, e-commerce in the United States has experienced losses related to the “Reshipper” scheme in excess of 500 million dollars.

“LOVERSPY” Intrusion/Illegal Interception of Communications

The subjects of this investigation were selling a service marketed as a way to “catch a cheating lover.” The service sends software in the form of an e-mail greeting card, which says, “I Love You” or a similar message. Once the greeting card is opened, the software installs itself on the victim’s computer and logs all keystrokes. The service was marketed to potential buyers via spammed e-mail messages. For $89, each buyer received access to a webpage that allowed him or her to send five greeting cards containing the malicious software that could be sent to five separate e-mail addresses. Both the main subject and the buyers received logs of victims’ computer activity. The subject also received copies of all keystrokes.

In October 2003, a search warrant was executed at the residence of the main subject which revealed more than 1,000 victims of intrusion with an egregious loss of privacy and an estimated economic loss of $500,000. The number of victims and the economic loss are expected to increase as the records obtained during the search are analyzed. Charges for intrusion and interception of electronic communications against the main subject, co-conspirators, and purchasers of the software are being considered.

This case is being prosecuted by the U.S. Attorney’s Office, Southern District of California, and investigated by B-ICE, Department of Justice-CCIP and FBI San Diego.

Auction Fraud (Non-Delivery of Merchandise)

In what eBay and investigators believe may be the largest domestic eBay auction fraud case, Russell Dana Smith, aka John P. Leary, is charged in a 54-count indictment returned in the District of Utah with operating a scheme to defraud winning bidders of eBay auctions by failing to deliver equipment purchased by winning bidders. The indictment alleges Smith auctioned computers on eBay and had auction winners pay for the computers by sending money to him through the mail or having payments transferred into his bank accounts. Although winning bidders paid for the computer equipment, the indictment alleges Smith did not provide the equipment to them. The dollar loss and total number of victims in the case is still under investigation, although both appear to be substantial.

This case was investigated by the Utah Cyber Crime Task Force, composed of the Federal Bureau of Investigation, the Department of Defense, the United States Postal Inspection Service, the Utah State Attorney General’s Office, the Salt Lake City Police Department, the West Valley City Police Department, and the South Salt Lake City Police Department.

Access Device Fraud

In a case highlighting the multiple criminal violations often employed in a typical fraudulent Internet scheme, the subject of this investigation orchestrated a sophisticated plan to obtain expensive electronic merchandise through a combination of Access Device Fraud, Identity Theft, Credit Card Fraud, Wire Fraud, and Mail Fraud. The subject facilitated this scheme by illegally obtaining legitimate Internet connection accounts for customers of a major Internet Service Provider (ISP). The subject accomplished these ISP account takeovers by entering ISP chat rooms and cutting and pasting the list identifying which users were currently in the chat room. The subject then used “cracker” software, available for download from the Internet, to gather information concerning the users’ passwords. This code breaking software utilized a brute force attack which was able to randomly guess the user IDs and passwords of approximately 800 of the ISP's legitimate customers. Once in possession of the victims' account information, the subject logged onto the Internet and assumed the identity of one or more of his 800 victims. The subject made use of the ISP's shopping feature to scour the Internet in search of high-end electronic equipment. This equipment was purchased and billed directly to his victims’ credit card accounts which were already on file with the ISP. The merchandise, valued at over $70,000.00, was shipped to the subject and his associates.

Investigation determined the identities of 70 different victims were utilized to fraudulently purchase merchandise via this criminal scheme. The Federal Bureau of Investigation and the United States Postal Inspection Service participated in this investigation.

International Initiatives

Numerous on-line complaints have been filed with the Internet Crime Complaint Center (IC3), wherein the alleged perpetrator(s) reside abroad. After analyzing the complaints and identifying the country from which the offense originated, the IC3, in coordination with the Federal Bureau of Investigation’s (FBI) Legal Attaché (Legat) program, forwarded numerous Internet Investigative Reports to those FBI agents assigned abroad.

In response to those IC3 complaints, Legat Lagos (Nigeria) provided details of the perpetrators’ various on-line fraudulent activities to their counterparts at the newly created Nigerian Economic and Financial Fraud Commission (EFCC). One of EFCC missions is to “Contribute to the Global war against financial crimes.”

As a result of the joint efforts between the FBI and law enforcement officers in Nigeria, to date, FBI Lagos has assisted in the recovery of over $100,000 in merchandise that was fraudulently obtained on-line and has recovered 2.1 million dollars in fraudulent cashier’s checks.

Additionally, FBI Lagos is currently providing investigative assistance to the EFCC regarding a recent recovery of numerous fraudulent bank documents and checks. So far this investigation has identified six subjects in Lagos and two victims in the United States. The subjects in Nigeria have been arrested and the FBI is attempting to locate and interview the victims in the United States.

Internet Investment Fraud

An Internet Investment Company founded and established an on-line website at www.EE?BIZ VENTURES.COM (EBV). EBV claimed to be a Christian?based humanitarian organization that helped individuals improve their financial situation. EBV solicited individuals, via the Internet and Internet chat rooms, to invest money with promises of a 100 percent return in three to four days. Investors, known as participants, were led to believe EBV was able to make such large investment returns due to overseas investments and day trading, when in fact, no such investments were made by EBV. Participants were required to set up an E?GOLD account and transfer funds from their E?GOLD account to various EBV, E?GOLD accounts. Participants invested in $20.00, $50.00 and $125.00 increments with a maximum daily investment total not to exceed $5,000.00. 26,000 victims located throughout the world lost a total of 50 million dollars as a result of the fraud. Seven subjects have been identified and two subjects have already pled guilty.

This investigation was conducted by the Federal Bureau of Investigation, the Postal Inspection Service and the Security Exchange Commission.

Identity Theft

The subjects in this investigation obtained victims’ identity information by stealing U.S. mail from victims’ mailboxes, vehicles, and homes. The subjects then created credit card accounts and forged checks utilizing the stolen identities. To aid their scheme, the subjects used computers to create checks and fraudulent Department of Motor Vehicle, U.S. Military, and business identity cards for the stolen identities. These false identity cards were then used to cash the forged checks and purchase goods with the fraudulent credit card in local stores and over the Internet.

This scheme affected more than 200 victims with an estimated loss expected to exceed $100,000. Twenty-one subjects were indicted on October 31, 2003.


This case is being prosecuted by the San Diego District Attorney’s Office. The law enforcement agencies involved in this investigation include: San Diego Cyber Crime Task Force, Chula Vista Police Department, USPIS, Social Security Administration, California Department of Motor Vehicles, US Naval CID, B-ICE and FBI San Diego.
Intrusion/Extortion

The Washington Post obtained information that Forensic Tec Solutions, a computer security consulting company, illegally entered confidential government and business computers. The consultants purportedly entered these systems to notify victims of system vulnerability problems, gain exposure/publicity and subsequently offered to protect the systems for a fee. Investigation has confirmed that computers located on military installations, government facilities, and 70 civilian businesses, to include law and medical offices, were illegally accessed by employees of Forensic Tec Solutions.

Law enforcement personnel from the San Diego Regional Computer Forensics Laboratory, the FBI, Army Criminal Investigative Command's Computer Crime Investigative Unit, and NASA Inspector General's Office executed a federal search warrant and analyzed the evidence. Brett O’Keeffe, the former president of Forensic Tec Solutions, was recently indicted for unauthorized access to protected computers and arrested.

The following agencies are involved in this investigation: NASA's Inspector General's Office, Army Criminal Investigative Command's Computer Crime Unit, Department of Energy Inspector General's Office, Defense Criminal Investigative Service, Naval Criminal Investigative Service, the US Attorney’s Office-Southern District of California, and FBI San Diego.

MSBlaster

This investigation was initiated in response to the illegal release of the Internet worm known as MSBlaster. As a result of this worm’s release, Microsoft experienced a successful distributed denial of service attack (DDoS) on their Internet website, Microsoft.com. This DDoS attack caused the Microsoft website to be shutdown for approximately four hours. Upon notification from Microsoft to the Northwest Cyber Task Force (NWCTF) that possible information regarding the source of the worm had been detected, the NWCTF, together with the United States Secret Service (USSS) and FBI agents from San Diego, Minneapolis, Boston, Seattle, Dallas and Raleigh, coordinated this complex investigation and seized vital computer evidence. Two search warrants were executed which resulted in the recovery of digital data. Analysis of the recovered data assisted in the ultimate identification and arrest of the two responsible subjects. The potential loss due to the MSBlaster worm is estimated at over $10 million dollars.

The NWCTF is composed of investigators from the USSS, the FBI, the IRS, the Washington State Patrol, and the Seattle Police Department.

On-line Death Threats

During July 2003, subject Charles Booher, sent numerous email and telephonic death threats to an individual residing in Canada. Booher thought this individual was responsible for sending him spam email. The threatening messages sent by Booher were very explicit and graphic threatening to kill or maim the victim, as well as any employee at the victim's company. The Internet Service Provider (ISP) made numerous attempts to get him to stop, but he continued until his account was terminated. The Sunnyvale Department of Public Safety also made contact with Booher in hopes of getting him to stop, but he continued making almost daily death threats to the victim. Charles Booher was indicted on four counts of “Sending Interstate Threatening Communications”, November 18, 2003.
Auction Fraud (Non-Delivery of Merchandise)

In October 2003, the Boone County Kentucky Sheriff’s Department initiated a fraud investigation into the activities of Michael D. Hoffert of Florence, Kentucky. The investigation was opened based on complaints from victims who made bids on items posted at Internet auction sites and were then subsequently contacted by Hoffert, offering to sell the same item for less than the current bid. Hoffert would arrange for the victim to send him money via wire transfer, or money orders for the item, which ranged from computer equipment to high end electronics, and upon receipt of the funds, would break contact and not deliver the item.

The Internet Fraud Complaint Center was instrumental in identifying victims of this scheme, which increased the loss figure to over $7,000.00.

On October 31, 2003, the Boone County Sheriff’s Department executed a search warrant at Hoffert’s residence in Florence, Kentucky, which resulted in the seizure of computers, and other items deemed to be of evidentiary value.

On November 7, 2003, Boone County District Court Judge Michael Collins issued an arrest warrant for Michael D. Hoffert for eight counts of Theft by Deception. On November 9, 2003, Hoffert was arrested by the Warren County Ohio Sheriff’s Department, and is currently lodged in the Warren County Ohio Jail, awaiting extradition to Boone County, Kentucky.

The following agencies participated in this investigation: Boone County Sheriff’s Department, Warren County Ohio Sheriff Department, and City of Florence Kentucky Police.

Lowe’s Corporation – Intrusion Matter


Lowe’s Corporation Network Security and System Administration personnel detected intrusions into their company’s computer network and notified FBI Charlotte via the InfraGard representative. Subjects gained unauthorized access to Lowe’s network in an attempt to obtain credit card transaction data. A subsequent intrusion on October 25, 2003, was detected at the Southfield, Michigan Lowe’s store. In response, a 24-hour surveillance of the Southfield Lowe’s store was initiated by local and federal law enforcement agencies, FBI Charlotte manned 24-hour shifts at Lowe’s Corporation Headquarters, and personnel from the FBI Electronic Research Facility (ERF) traveled from Quantico, Virginia, and installed specialized equipment to capture network traffic data at the Southfield Lowe’s store.

On November 9, 2003, two search warrants were executed by FBI Detroit and subjects Adam W. Botbyl and Paul G. Timmons were arrested. During the search, approximately 25 computers, network micro cells, telnet servers, and telephone diagnostic tools were seized. Botbyl and Timmons were charged with violating Title 18, USC, Section 1030 (a)(5)(A)(i), “knowingly causing the transmission of a program, information, code and command, and, as a result of such conduct, intentionally caused damage, without authorization, to a protected computer.”

Although the subjects were skilled enough to gain initial access to Lowe’s network, a swift and coordinated response by Lowe’s personnel and law enforcement resulted in the apprehension of the subjects, denial of unauthorized access to credit card data and prevention of serious damage to the network. The estimated costs related to investigate the intrusion and secure the network have not yet been determined.

The following law enforcement agencies participated in this investigation: Waterford Township Police Department, Bloomfield Hills Police Department, Southfield Police Department, Allen Park Police Department, Ottawa Sheriff’s Department, Macomb County Sheriff's Department, FBI Charlotte, and FBI Detroit.

Chicago Re-Shipper/Counterfeit Check Scam

This matter was initiated by the Lansing, Illinois Police Department, upon being notified by several industry participants of the Merchants Risk Council (MRC), that a suspect address in Lansing, Illinois was being used to receive and re-ship numerous packages of miss-appropriated merchandise. Lansing PD requested the assistance of the U.S Postal Inspection Service in this matter. Joint investigation determined that the subject was actually using four separate addresses to facilitate the scheme. Subject was identified as a Nigerian national living in Illinois. Subject was arrested, and through a search and surveillance conducted incident to that arrest, approximately $100,000 in counterfeit checks were recovered, as well as merchandise and invoices from forty two separate merchants, reflecting losses of more than $70,000.

Subject, who continues to cooperate pursuant to arrest, has provided details regarding both the substantial re-shipper scheme, as well as the expanded scheme to enlist additional participants, who would ultimately become victims, upon learning that the payments they received were counterfeit cashiers checks. Typically, these additional participants/victims are asked to assist the subject, either in a re-shipment of merchandise, or in handling a payment from a third party, that the subject is not capable of handling. Due in part to the quality of the counterfeiting, checks were not determined to be bogus for several days after being deposited into the victims account. By that time, the victim, believing the check to be authentic, had already deducted his/her profit, and forwarded the remainder (via wire transfer/Western Union) to subject overseas.

Romanian Internet Fraud Investigation

The Romanian General Directorate for Combating Organized Crime (DGCCOA), in cooperation with the United States Secret Service, arrested a subject in Alba Julia, Romania, who was responsible for a large scale "Phishing" scheme resulting in nearly $500,000 in on-line losses.

The subject forwarded spoofed emails resembling an actual auction web page to the attention of bidders who were not successful in an online auction. On this spoofed page, the subject advised victims of the availability of a similar item for a better price. Upon visiting the "sale" page, victims were asked for personal information including their name, bank account numbers and passwords. The victims were then advised that they "won" the spoofed auction and agreed to send money to the subject through a spoofed escrow site created by the subject.

This investigation had a positive impact in protecting American citizens against on-line fraud emanating from abroad.

SPAM

Allan Eric Carlson was charged with "hacking" into computers around the country. Subsequent to the initial illegal intrusions, Carlson hijacked or "spoofed" return e-mail addresses of reporters at the Philadelphia Inquirer, the Philadelphia Daily News, and the Philadelphia Phillies. Carlson used these accounts to launch spam e-mail attacks. Carlson was also charged with identity theft. This case marks the first use of an identity theft statute against an e-mail spammer. Carlson faces a maximum possible sentence of 471 years imprisonment, $117,250,000 in fines and a special assessment of $7,800.

This case was investigated by the Federal Bureau of Investigation.



source: http://www.fbi.gov/cyber/cysweep/cysweep1.htm



[file edit note: edited to add space.]

-- Edited by Cyber Diva at 14:55, 2007-03-14

Statement of Ken A. Wasch, President,

Software & Information Industry Association

WASHINGTON, D.C. – Nov. 14, 2003 – “The Software & Information Industry Association (SIIA) commends the efforts of the Attorney General, the Department of Justice, CCIPS, FBI as well as the Bureau of Immigration and Customs Enforcement in their steps to help combat the increasing problem of online piracy through effective educational and enforcement programs and initiatives. The Department of Justice’s increased involvement in this war against theft of digital code and content that is exemplified through today’s announcement is both much needed and appreciated.”

“Piracy has become a subculture of criminal activity where criminals believe that the malicious act of digital piracy is a victimless crime that has no punishment. SIIA believes it is essential to send a clear message to digital pirates that stealing copyrighted works is not only wrong but could result in stiff penalties and even jail time. The action announced today – in conjunction with prior enforcement activities – goes a long way toward that goal.”

“SIIA will continue to work closely with law enforcement to actively change the notion that piracy does have victims and that it will carry with it grave consequences.”

About SIIA
The Software & Information Industry Association (SIIA) is the principal trade association for the software and digital content industry. SIIA provides global services in government relations, business development, corporate education and intellectual property protection to more than 600 leading software and information companies. For further information, visit http://www.siia.net.


# # # #

Contact: James Kim 202 289 7442, ext. 1362

Credit card fraud using ebay.co.uk

http://forums.ebay.co.uk/thread.jspa?threadID=1200097438&tstart=0&mod=1173870267138

monsta_mo (29 ) View Listings | Report 13-03-07 18:17 GMT
0y mum has had a sum of money debited from her credit card by a company claiming to be ebay.co.uk. There has been no activity on her ebay or Paypal account...ever. So far she's ahd no feedback from her creditcard company. Anyone else experienced this?

oldie-newbie (0 ) View Listings | Report 13-03-07 19:24 GMT 1 of 2
Oy!



PMSL


dark_angel_london (1070 ) View Listings | Report 14-03-07 11:04 GMT 2 of 2
If she doesn't recognise the transaction then tell your mum to contact her bank/card company and tell them it's an unauthorised transaction. They'll look into it and the funds should be back on your mum's card.