Thursday, July 06, 2006

Is it Fair to Blame Nigeria for the World's Fraud Woes?

I recently read an article, where many Nigerians were upset about a series of stories done by CNN. The reason they were upset was because they felt that the story depicted that all Nigerians were corrupt. This made me reflect that there are many of out there - who when a fraud is discovered - seem to automatically classify it as being of "Nigerian" origin.

This evening, I came across a story from the Online Journal: "New version of Nigerian phishing e-mail scam promises jobs, riches, poker and great lunches" - which is essentially calling "phishing" a Nigerian scam. After reading it, I started to understand why Nigerians might find some of this offensive. To read the article: Click Here.

This inspired me to do a little digging.

Since I've done a little research on phishing, I decided to refer to the Anti Phishing Working Group and their most recent report (May), which coincidentally reported a "all-time" record of recorded "phishing attempts."

Nigeria isn't even listed in their "top-ten."

According to the APWG:

"In May, Websense Security Labs saw a continuation of the top three countries hosing phishing websites. The United States remains the on the top of the list with 34.1%. The rest of the top 10 breakdown is as follows: China 15%, Republic of Korea 8.17%, France 3.94%, Germany 3.38%, Japan 2.65%, Malaysia 2.59%, Canada 2.37%, Italy 2.02%, and Brazil 1.7%."

If the APWG is correct - then how could phishing be called a Nigerian scam?

Advance fee - which is also referred to as 419 - has taken on many forms and is a worldwide problem. A lot of it originates in Europe, Canada and even the United States. Lottery scams - which are one form - seem to be coming from Canada, or Great Britain and Romance scams from Eastern Europe are a huge issue.

Recently one of the bogus tools, used in advance fee scams have been counterfeit, or altered money orders. People are tricked into cashing these items and wiring the money back to a "fraudster." According to the U.S. Postal Inspection Service - they are being produced (the counterfeit items) in Eastern Europe and West Africa. So far as the altered items - they seem to be produced in the U.S. Prison System and are used primarily in Romance Scams.

I did mention West Africa - but only as one source - and Nigeria is only one of the countries in West Africa. So far as the "other sources," we can look to points of origin that aren't even anywhere near Nigeria, including the United States.

Interestingly enough, what many term as "Nigerian Fraud," wasn't invented in Nigeria and can be traced back to 1588 AD - what what is known as the "Spanish Prisoner Letter."

Another fact - which many of us - fail to "recognize" is that Nigeria is doing something about their problems with fraud. In fact, some might argue that they are pursuing it more "aggresively" than in many of the other countries mentioned in this post.

In recent years, Nigeria has led a very public campaign against corruption within Nigeria. President Olusegun Obasanjo formed the Economic & Financial Crimes Commission (EFCC), which has been extremely aggressive in fighting fraud in Nigeria. Recently, they were taken off a money laundering "blacklist" and for a list of stories - where they have made an impact - link, here.

There is little doubt that Nigeria realizes it has a fraud problem and that there are "good guys" over there fighting the "good fight."

They key to winning the war is for the "good guys" to work together and go after those who are bad.

So far as the rest of us - the next time we run across a scam on the Internet - perhaps we should take a deeper look at it's point of origin. Not only is it unfair to blame the world's fraud problem on Nigeria, but it confuses efforts to bring forth resolution.

Tuesday, July 04, 2006

If Someone Promises to Fix Your Credit - Proceed with Caution!

Whether it be on a telephone pole, classified advertisement, or a spam e-mail, we all see "advertising lures" that promise to repair people's bad credit. Many of them are bogus - and the sad fact is - they target people, who are already "needy" and take more of their money.

If it's too good to be true, it probably isn't.

Recently, the FTC (Federal Trade Commission) and the Postal Inspection Service went after some of these "services." Here is a quote from a recent FTC press release:

“Credit repair schemes are a big problem for consumers,” said Eileen Harrington, Deputy Director of the FTC’s Bureau of Consumer Protection. “Credit repair promoters generally charge hundreds of dollars, but don’t deliver on their claims. The fact is, they can’t. No one can legally remove accurate and timely information from your credit report.”

Here are some recommendations from the FTC on how to avoid these schemes:


  • Avoid any company that wants you to pay for credit repair services before they provide any services. It is against the law.
  • Avoid any credit repair company that will not tell you your legal rights and what you can do, yourself, for free.
  • Avoid any credit repair company that tells you not to contact a credit reporting company directly.
  • Avoid any credit repair company that advises you to dispute all of the information in your credit report.
  • Avoid any company that suggests creating a “new” credit identity – and then, a new credit report – by applying for an Employer Identification Number to use instead of your Social Security number. That is against the law. If you follow illegal advice and commit fraud, you also may be subject to prosecution.

To sum up the FTC's intent in the recent efforts to stop this:

“We have two goals with this announcement,” Harrington said. “One is very specific. It is to stop Bad Credit B Gone’s deceptive practices, and force them to return their ill-gotten gains to consumers. The other is broad. It is to put other credit repair firms on notice that we are on the beat, and it is to alert consumers that there is absolutely no reason to pay for credit repair – ever. Despite their claims, there is nothing that any credit repair firm can do for you for a fee that you cannot do for yourself at little or no cost.”

If someone was trying to repair their finances "at little, or not cost," the FTC has a page with all the details - including people's legal rights.

Link, here.

If you think someone has - or is trying to scam you - file a complaint, here.

Monday, July 03, 2006

How to Protect Yourself on eBay

Kathleen Day of the Washington Post did an excellent article on "Self Defense for E-Bay Buyers," where she took an in depth look at fraud on eBay and came up with some pretty good suggestions on how to protect yourself.

In her own words:

"Goods that are damaged, counterfeit, don't match what was advertised or are never delivered remain a persistent problem for eBay and its customers -- even though the numbers represent a relatively small fraction of transactions on the Web site. How big a problem is unclear. EBay Inc. does not disclose specific totals."

She interviewed Ina Steiner of Auction Bytes, who clarifies this; despite eBay claims to the contrary:

"Ina Steiner, editor of AuctionBytes, an online newsletter that follows eBay and other electronic auction sites, said the estimate does not include many unresolved disputes that exceed the company's time limits for consideration or were not counted for other procedural reasons. It also does not include cases in which customers persuade their credit card company to cancel the charge. And Steiner points out that by comparing confirmed cases of fraud with the number of goods listed rather than the number of actual sales, eBay makes the percentage seem smaller."

In 2005, the NCL (National Consumers League) listed auction fraud as the most prevalent type on the Internet. Interestingly enough, eBay removed the link from their site to them (which tabulated the complaints) so the percentage might be higher than they reported.

For the full story - which contains some excellent tips on how to protect yourself on eBay - here is the link.

For a new service, which protects buyers and sellers on eBay:

buySAFE Protects it's Customers from Fraud on eBay

Sunday, July 02, 2006

Mexican Organized Crime Ring is Mass Producing Fake Documents - and Considers Terrorism an American Problem

Not sure why this story doesn't seem to be making a "splash" in the media, but Sara Carter of the DailyBulletin.com is reporting that the stepdaughter of an organized human smuggling ring is assisting the authorities. The "ring" is responsible for the mass production of forged documents - which according to the step daughter (Saud Leija) - are sold to anyone, who coughs up the money to pay for them.

And this problem could go beyond illegal immigrants having the means to blend in our society, several of the 9-11 terrorists entered the country using forged documents.

If what she is saying is true, this organized crime ring could threaten all of us.

From the Daily Bulletin:

Suad Leija has many secrets.

The stepdaughter of Manuel Leija-Sanchez -- a key figure in what federal authorities believe is a document fraud organization run by the Castorena and Leija-Sanchez families -- has been in hiding and on the run from her own family.

To help U.S. authorities crack down on document fraud, human smuggling and a host of other international crimes, she has revealed her family business, identified relatives and shed light on a series of national security failures.

Fraudulent documents allegedly produced by the families include Social Security cards, driver's licenses, passports, hazardous materials licenses, utility bills and a variety of other forms of identification. To one degree or another, all can be used to board aircraft, transport dangerous materials, earn employment at secure government facilities, and otherwise help illegal immigrants blend into the fabric of American life.

And here is a scary thought about how their "business" might enable a terrorist to cross the border:

During the visit, Suad and her husband met with Natividad and her uncle, Juan Luis Echeveste, who is Natividad's bodyguard. She asked what would happen if the family's fake documents ever fell into the hands of a terrorist trying to enter the U.S.

The answer was frightening, Suad said.

My grandfather said, "Terrorism is an American problem, not a Mexican problem."

Organized crime groups are working together and Suad confirmed this when she said:

"I told (the congressmen) about Pedro and my stepfather, and how they worked together in the cartel,'' Suad said. "I told them about my family and their connections to the Russians, Polish people and the possible threat they pose to this country.''

Of note, many law enforcement experts speculate that the Eastern Europeans are the main players in "computer crimes," which has led to a record amount of "identities" being stolen. If this is the case, the relationship would seem to "mutually advantageous."

For the full story by the Daily Bulletin: Click Here

I written about this before and I'll say it again - I'm not against human beings trying to better themselves - but we can no longer allow criminals to control our borders! After reading this, it's no wonder we are facing an "identity theft crisis" when you consider where they must be getting the information to produce the fake documents.

Unfortunately, the "identity theft crisis" is minor in comparison to the potential of this activity giving terrorists the means to enter the country and murder Americans.

They are a "clear and present danger" to our citizens and should be dealt with, accordingly.

Los Angeles Grand Jury Calls Child Care Program an ATM for Thieves

In the past year, I think I've figured out one of the reasons why governments are broke and taxes are at an all-time high - there is too much fraud and abuse in a lot of entitlement programs.

Here is a report by the Los Angeles Grand Jury, which estimated that LA County is losing half a billion dollars a year in fraud in their child care (Back to Work) program.

And if it's this bad in LA, I wonder how much we are losing nationwide? If I'm not mistaken, every State in the Union is running one of these programs.

Here are the findings, directly from the most recent LA Grand Jury report:

MILLIONS OF TAX DOLLARS LOST TO CHILD CARE

Millions of tax dollars have been lost to fraud from child care funds allocated by the State of California and administered by the County of Los Angeles Department of Public Social Services (DPSS) in a program entitled California Work Opportunity and Responsibility to Kids (CalWORKS). As currently administered, the program is equivalent to an ATM for thieves. Our research included previous civil grand jury reports, audits, contracts, other documents, and interviews with over 100 individuals involved in the CalWORKS program.

This 2005-2006 County of Los Angeles Civil Grand Jury investigation revealed:

Only 28% of the children placed with license-exempt child care providers were verified as present with their child care provider, according to the April 2005 California Department of Education (CDE) Error Rate Study Report.

Forty-nine (49) individuals who cheated the CalWORKS child care program of $3,421,578, between September 2004 and February 2006, have been successfully prosecuted by the County of Los Angeles District Attorney.

DATE DISPOSITION AMOUNT

September 9, 2004 13 convictions $925,000
December 9, 2004 12 convictions $500,000
January 26, 2006 10 convictions $1,200,000
February 23, 2006 14 convictions $796,578

Up to 50% of the more than one billion dollar CalWORKS program may be lost due to fraud and poor oversight as estimated by several of the DPSS personnel.

The 2005-2006 County of Los Angeles Civil Grand Jury recommends that DPSS require verification in each step of the CalWORKS process to ensure that parents have the work opportunity intended, that children are cared for in healthy, safe environments while their parents are working, and that tax dollars are used as authorized. Our study shows that child care welfare fraud is a continuing burden on the taxpayer. There is an urgent need for prompt and thorough implementation of our recommendation.


For a link to the full report: Click Here

The report likened the program to an "ATM for thieves." Sadly enough, we've seen a lot of fraud uncovered in "entitlement" programs this year and this will ultimately hurt those who are "truly needy." I say not only go after the thieves, but also go after the people in charge of administering these programs. If fraud is this rampant - someone needs to "inspect the inspectors."

If the civil servants running these programs did this at a "private company," the company would go broke if they were allowed to continue. Before this happened - unless those in control of the company were insane - they would be fired.

The standard should be no less for those in charge of spending "public funds!"

buySAFE Protects it's Customers from Fraud on eBay

Fraud on eBay has become a growing concern - and because their internal programs have not satisfied their customers - a new "service" has come into vogue. I recently spoke to Rob Caskey (Senior Director of Marketing, BuySAFE), which is a service that certifies and guarantees purchases on the auction giant; about how they protect purchases on eBay. Rob provided me with a lot of information, including press releases and independent articles, which show how their program works.

A recent press release from BuySAFE said:

(www.buysafe.com), the leading online trust and safety company for e-commerce transactions, today launched the first service that enables Retail Websites to display a meaningful trust signal (the buySAFE Seal) backed with a broad guarantee. Merchants who qualify to use the buySAFE Seal have passed the buySAFE Business Inspection, which ensures the merchant is trustworthy, reliable and committed to delivering on the terms of the sale. These retailers can then display the buySAFE Seal on item listings, which tells consumers the transaction is guaranteed with a surety bond of up to $25,000. Additionally, all buySAFE Bonded Sellers agree to allow buySAFE to continuously monitor their performance. This ensures a virtually risk-free shopping experience.

For the full press release link, here.

In a follow-up press release, buySAFE did an impact study:

The study analyzed 1.6 million item listings from 188 Internet retailers.
  • the visitor-to-buyer conversion rate of Bonded Items was 2.1 percent higher than that of non-Bonded items
  • Bonded Items received 4.7 percent higher prices than non-Bonded items
  • Overall, using buySAFE increased revenues by 6.8 percent
  • buySAFE impacted both high and low-end product sales. For example, in the high-end jewelry category, Bonded Items saw the average sales price increase 40 percent. In the lower-end camera and photography accessory category, Bonded Items saw an increase in the average sales price of nine percent.

This study would indicate to me that the greatest increase in sales corresponds with the types of merchandise that are considered "desirable" to criminals, or items that are easily sold, elsewhere.

These are some pretty impressive statistics and when I spoke with Rob Caskey, I asked him for proof that buySAFE actually made good on their claims. The reason I did this is that - eBay claims to provide protection - and I've read a lot of "horror" stories of how frustrating it can be to file a claim.

Rob (Caskey) directed me to a recent story in BusinessWeek.com by Rob Hoff. In his own words, he said:

That said, I'm pretty satisfied now, because I just got a check from buySAFE, the company that offers bonding to online merchants--including Glacier Bay. Essentially, it's a reimbursement for what I paid. Although eBay's feedback system has worked amazingly well, at least for me, clearly it didn't work in this particular case, and I'm sure others like it. I had never paid much attention to that buySAFE seal, but you can bet I will on future auctions.

AuctionBytes (Ina Steiner), also did a story on this.

I've written about the individual (human) frustration of victims on eBay and often commented that they needed to get their act together. Now market forces are beginning to fill the "niche" that they have failed to provide.

Here are some previous posts, I've written about fraud on eBay:

California Issues Alert on Emerging eBay Fraud Trend

Package Deals to Commit eBay Fraud

BBB Worker Takes Job Processing Fraudulent eBay Transactions

Diary of an Identity Theft Victim

How Much Fraud Can e-Bay's Customers Endure

Saturday, July 01, 2006

Bad Apples in the Barrel are the Biggest Danger to Security

In light of the story circulating about a mid-level manager at Homeland Security getting caught falsifying immigration documents, Michael Chertoff said:

"I wish we could be perfect. Human existence is not perfect, but I can tell you it is a very small proportion, and there is nothing more important than finding those few bad apples and throwing them out of the barrel."

I had considered writing a post about this mid-level manager, then it occurred to me that Mr. Chertoff was correct (from a global perspective) and that - from a security standpoint - there is nothing more important than throwing those "bad apples" out of the barrel.

"Bad apples" don't only exist in "Homeland Security," and although someone getting caught there makes good "press," we have bigger problems out there that need to be dealt with.

One of the biggest threats, we face today is rogue nations obtaining nuclear capabilities. AQ Khan, who developed nuclear weapons for Pakistan, admitted selling secrets to North Korea, Libya and Iran. Many believe that he obtained a lot of his knowledge from the Chinese, who were caught stealing nuclear secrets from us during the Clinton Administration, Online NewsHour: Spies Among Us -- June 9, 1999."

And there is evidence that the Chinese actively seek to plant insiders to steal information. Here is a previous post, I wrote about that.

If any of this is true, we are still being damaged as a result of "insider" problems from the 90's. Two of the biggest threats to world peace today are Iran and North Korea and their "nuclear ambitions."

Insider problems exist at all levels - and are a favorite means for rogue governments, foreign businesses, criminals and terrorist organizations to defeat any and all security measures.

Ira Winkler of the National Computer Security Association wrote:

The Federal Bureau of Investigation estimates that U.S. Corporations lose $100 Billion annually due to industrial espionage. While many people believe that the espionage is committed by well financed organizations that can only be stopped by national agencies, that is very incorrect. Industrial espionage usually exploits simple and very preventable vulnerabilities to produce tremendous results.

The theft of sensitive information from U.S. corporations is the goal for many foreign nations and companies. Adversaries do not care about what form the information takes. Whether information is in electronic format or is thrown away in the trash, it is irrelevant as long as the information is compromised.

Industrial spies know how to bypass any strong part of a security program to attack an organization at it's weakest point.

For Mr. Winkler's full analysis, link here.

Mr. Winkler's analysis brings up some very valid points and scary insights. The people who engage in insider theft will use any and all means to accomplish their goals. Look at all the major breaches that have been caused by a laptop being left unsecured?

Perhaps, I got off topic, but my vote is that we move on and forget this mid-level manager. Homeland Security has bigger fish to fry and the fact that he was caught indicates that they are willing to clean up their own backyard. After all, there are a lot of other backyards out there that probably need to be cleaned up and this is where our focus should lie.