Friday, October 21, 2005

419 From the Other Side of the Fence

There is an interesting article by Robyn Dixon of the LA Times, who interviewed an allegedly former 419 (Advance fee fraud) scam artist named Samuel. He describes a murky world of cybercafes, where the Nigerian fraudsters congregate and send out the infamous e-mails. According to the article "they even have an anthem "I Go Chop Your Dollars," hugely popular in Lagos, which hit the airwaves a few months ago as a CD penned by an artist called Osofia:

"419 is just a game, you are the losers, we are the winners.

White people are greedy, I can say they are greedy White men, I will eat your dollars, will take your money and disappear.

419 is just a game, we are the masters, you are the losers."

For the video, click here.

Samuel goes on to describe the long lost riches and the dating scams, as well as the money some have made off these schemes. You can read the entire article by going to:

''I Will Eat Your Dollars''

The lyrics of this song might be offensive to some, but it is probably reality to many in Nigeria.

Quite simply, in Nigeria, 419 is a means to escape poverty. For years, foreign companies have made themselves and a "select" few Nigerians extremely rich (via vast oil reserves). Meanwhile the majority of the population lives in conditions that would make a "welfare recipient" in the West appear wealthy. In fact, the CIA estimates that 70 percent of the country lives in poverty, despite the fact that they are a member of OPEC and the eleventh largest producer of petroleum in the world.

To a Nigerian, their perception of these companies is probably just what the song states, or "greedy white men."

There is another headline that has been hitting the press about Microsoft and the Nigerian goverment working together to end scams. Neil Holloway (President Microsoft Europe) said "It's the first-ever agreement Microsoft has signed with an African country to aid law enforcement efforts. Microsoft's aid will include providing information to law enforcement in addition to training. The company has already been working with Nigerian authorities over the last three to six months. We think we have a responsibility to make an impact in this particular area."

Hopefully, the Microsoft Computer Security types have received additional training in self-defense, or have been augmented by other security types, preferably former special forces personnel. Here is the latest CIA Travel report: U.S. State Department's Travel Warning - Nigeria. My understanding is that the oil companies, who have billions invested in Nigeria, have a large budget for security there.

The Nigerian government has also made numerous headlines lately in it's battle against 419. Numerous arrests have been made and money has even been returned to victims. After years of bad press (a lot of it from 419), they do seem to be trying to take measures to improve their image in the world.

Still, the majority of the people live in standards that we couldn't even imagine in the West. I fear, if this problem (which is probably the cause) is allowed to continue, there will always be a steady stream of willing recruits into this seedy business.

Unfortunately, these actions by the Nigerian government and Microsoft only address the suffering created in the West by 419.

If we really want to address the problem of 419 in Nigeria, we probably should take a look putting pressure on the government over there to provide a better standard of living for their people. I would challenge all the foreign companies doing business in Nigeria (particularly from the petroleum industry) to take this to heart.

Microsoft is a newcomer in Nigeria and there is no doubt they are doing a lot of charitable work around the world. I salute them in their efforts and hope their partnership with the Government of Nigeria reduces the amount of suffering created by 419. I would hope that Microsoft and (others) also take the time to address the reason that 419 is a means of escape for many young Nigerian's, like Samuel.

It would be sad that if in the end, they "too" were perceived as "greedy white men."

If anyone is interested in a Nigerian view of corruption in Nigeria, click on the title of this post.

For some of the bad press on the internet regarding 419, here are some sites courtesy of the 419 Coalition (US) :
419 Fraud (US)
419 Legal (South Africa)
African Anti-Fraud Control Agency (AAFA) (Norway) (Norway)
American Association of Retired Persons (AARP) (US)
Anti African Scam Commission
Artists Against 419 (US)
Australian Institute of Criminology
Avant Solutions Inc. (US) (US)
Bart De Wolf's Site (El Salvador)
Brian Wizard Inc. - 419 Novel Available Now - (US) (US)
California Society of Certified Public Accountants (US)
Canadian Council of Better Business Bureaus
Classic Car Fair (New Zealand) (US)
Consumer Protection Association of America
Crimes of Persuasion (US)
Data Wales (Wales, UK)
Delaware Scam Victims (US)
eBay Scamkillers (US)
Economic and Financial Crimes Commission (EFCC) (Nigeria) (Nigeria)
Email Scams and Frauds (Dr. Robert J. O'Hara's site) (US)
Fighting back at Nigerian 419 Advance Fee Fraud Scammers (UK)
Financial Scandals Website (UK)
Forensic Services SA (South Africa)
FraudAid (US)
Freeman Institute (US)
G2 (US)
Globrocks Information Systems (US) (US)
I Need a Trustworthy and Honest Business Partner (Denmark)
Idaho Department of Finance (US)
InterGOV (US)
International Investigation Services (IIS) (Iceland)
Internet Crime Prevention and Control Institute (US)
Internet Fraud Complaint Center (IFCC) (US)
Internet Scambusters E-Zine (US)
Involution.Org (US)
Lads Of Lagos (US)
London Metropolitan Police (UK)
Loss Prevention Concepts Ltd. (US)
Ministry of Fair Trading, Government of Western Australia
Money From Africa Letter Collection (Poland)
Monitor das Fraudes (Brazil-Portuguese Language)
Monks of Adoration (US)
Motherland Nigeria (US)
Mr. Ugo Watt's Scam Baiter Pages (UK)
National Association of Credit Management (NACM) (US)
National Criminal Intelligence Service (UK)
National Fraud Information Center - Internet Fraud Watch (US)
Nigeria 419 Scam (US)
Nigeria Master Web (Nigeria)
Nigeria Scam Alert (US)
Nigerian Business Proposal (.com) (US)
Nigerian Fraud Email Gallery (US) (US)
Nigerian Letters (Australia)
Nigeria Master Web (Nigeria)
Nigerian Nightmare (US)
Nigerian Scams (WONST) (US)
Nigerian (India)
Offshore Finance Canada Magazine/Ezine (Canada)
PeaceProject (US)
Pennsylvania Attorney General (US)
Phonebusters (Canada)
Policia Judiciaria (Portugal-Portuguese language)
Poppage1 Site (Canada-India) (US)
Quatloos! (US) (Brazil-Portuguese Language)
Regulatory Intelligence Agency (RIA) (Vanuatu)
Romance Scam 419 Yahoo Group (US)
RCMP/GRC Royal Canadian Mounted Police (English & French language) (US) (UK)
Scam o Rama (US) (US)
ScamWatch (US)
Scam Victims United (US)
Scott Bidstrup Site - Onsite Personal Viewpoint on Nigeria (US) (Sierra Leone)
Silicon Valley Business Law (Law Offices of Thomas Gross) (US) Urban Legends Reference Pages (US)
South African Police Service (South Africa)
Southwest Georgia Com (SOWEGA.COM) (US)
Spam, Scams and Hoaxes (US) (US)
Stop 419s (UK)
StorOslo Sikkerhetstjeneste AS (Norway)
Svensk 419/Nigeriabrev-site (Sweden-Swedish Language)
The Big Scam (Sweden)
The Internet Project (TIP) (Australia)
The Nigerian Scam Buster
The Nigerian Muse (Dr. Mobolaji Aluko) (US & Nigeria) (US)
United Nigeria Association Tulsa (UNAT) (US)
United States Department of Commerce International Trade Administration
United States Department of State Bureau of Consular Affairs
United States Department of State Bureau of International Narcotics and Law Enforcement
United States Department of the Treasury FinCEN
United States Embassy Nigeria
United States Federal Bureau of Investigation
United States Federal Trade Commision
United States National Archives and Records Administration
United States Postal Service
United States Secret Service
United States Senator Russ Feingold
Venture Research Institute (US)
Virginia Attorney General
War On Spam (US)
Waruno Mahdi's Website (Germany)
Web Police (US) (US) (UK)

Wednesday, October 19, 2005

Protect Yourself from Spyware

Spyware/Adware programs are all over the place. They are used by big business for marketing, criminals to steal personal and financial information, or by "whomever" wants to invade someone's privacy. Most of the programs are legal and easily purchased anywhere, including the internet.

According to SpyCop, " commercial monitoring spyware is being developed with features that can rival the most advanced FBI wiretap tools. An article by Will Sturgeon of sums it up rather well: "Spyware is becoming increasingly pernicious and sophisticated, according to security experts who are warning that users are still failing to take basic steps to protect themselves against the threat." The mass media, along with Internet bloggers, fail to notice the mounting threat that these products now pose. With the rise in cybercrime, including identity theft, phishing and credit card fraud, it's quite surprising that computer users are still at a loss as to how to protect themselves."

SpyCop has an interesting e-book for those, who desire to learn how to protect themselves: It points out that besides Spyware and Adware programs being easily accessible, a lot of so-called programs touted as protection are no better than some of the free programs out there. One of the best free programs is Spybot and can be downloaded at:

Both Spyware and Adware should be illegal, in my opinion. There are too many opportunities for it to be used to victimize people and too many examples of it doing so. Here is an interesting site, which shows legislation and litigation regarding this from the Center for Democracy and Technology:

Of course, I always recommend letting your elected officials know how you feel.

In the United States go to:

In the United Kingdom go to:

If anyone has information for other countries, please feel free to add it on a "comment" to this post.

Monday, October 17, 2005

Ask the Private Investigator

There are a lot of sites on fraud and I've looked a quite a few of them. Here is one, I consider noteworthy by John Dierckx, Corporate Risks New Zealand. John is a Private Investigator, who is not only well rounded in investigations, but also specializes in computer crime (cyber-investigations).

What I like about this site is that John, who is obviously a very busy and talented investigator, takes the time to share his knowledge with everyone in the interest of protecting people.

Recently, he even wrote a post of interest to bloggers on how not to not get into trouble with your employer. His most recent post on Pyramid Schemes is extremely well researched and contains valuable information on how not to become a victim. What's interesting is he clearly defines the difference between Pyramid Schemes and MLM (Multi-level Marketing). Please note, there are a lot of scams within Multi-level marketing, also!

To read John's article, click on the title of this post!

Sunday, October 16, 2005

Better Teamwork is an Opportunity

There is an interesting story from the CanWest News Service by Chad Skelton about finding stolen goods on eBay. In the article, it states: "When someone calls this city's police to report they've had something stolen - either in a home break-in or a vehicle smash-and-grab - Sergeant Doug Fisher gives out the same piece of advice, again and again: "Look for your item on eBay."

The story goes on to describe a former high school principal arrested for selling 9,000 items on eBay and a "sophisticated" ring at Toronto's airport that stole millions of dollars worth of goods and sold them....on eBay.

Fisher said, "eBay co-operates by pulling down suspect listings when notified, and turning over the names of shady sellers without requiring a warrant. But he added it often takes the company 10 to 20 days before they respond to his requests."

In the rapidly changing world of internet fraud, 10-20 days is more than enough time for most criminals to assume another identity and be long gone. Furthermore, fencing stolen goods on eBay is only one part of the problem. Fraudulent financial transactions and the use of fake identities pose major problems, also. Again, not only on eBay, but just about any auction site out there.

There has been an increasing problem of "account hijacking" on e-Bay, as well as, other auction sites. This has been happening both with buyer and seller accounts. Quite simply, the accounts are taken over and fraudulent transactions are "laundered" through the legitimate accounts.

Much of this is accomplished from phishing and pharming the information necessary to takeover accounts. The Anti-Phishing Working Group (APWG) in August reported thousands of sites involved in this activity. This would give the criminals involved in this sort of activity the ability to switch accounts and identities every few days, if not daily. In fact, the APWG's latest report estimated the average life of one of these sites to be 5.5 days. If Sergeant Fisher has to wait 10-20 days for his request, the crooks are likely to be long gone.

One would think that it would take a fair level of technical expertise to accomplish this level of sophistication, but it doesn't. There are reports that information need to perform these crimes is routinely sold in chatrooms and even on websites. Even if the criminal doesn't want to buy the information directly, technology to do this is being sold (often very cheaply) and from there social engineering takes over.

To add to the confusion of it all, victims are often harvested from all over the internet (chatrooms, dating sites, job sites etc.) to receive the stolen goods and ship them elsewhere. They are also being conned into negotiating bogus financial instruments and wiring the money to a distant locale.

Please note, that some of these people might be posing as victims in order to avoid the long arm of the law.

I don't mean to single eBay and the auction sites out in this. The same activity occurs with financial institutions, retailers and even "Google." The specifics might vary, but the activity is basically the same and just as intertwined.

We can't win this battle unless the activity can be detected quickly and then dealt with when it's fresh. The criminals simply change identities and then do the same thing (over and over) again. All too often, there are barriers to rapid communication, jurisdictions that aren't clearly defined and red tape.

Ironically, the fear of protecting information sometimes creates a barrier to the rapid exchange of information between the good guys. Let's face it, the fear of "identity theft" has created heightened awareness and laws that make getting information more difficult. Unfortunately, the bad guys aren't hampered by the same rules.

The laws are necessary to protect the innocent. What is needed is better team work, along with safe ways for information to be shared between the people charged with fighting fraud. In addition to this, as the people charged with fighting fraud are normally understaffed and underfunded, perhaps allocating more resources would help, also.

My personal theory is that law enforcement, IT and corporate security types need to communicate more effectively and develop resources to facilitate the rapid exchange of information. There are many resources out there to gather information and many of them do communicate with each other. Herein lies the answer and the more they consolidate their efforts, the more effective they will become.

There has been evidence that a lot of the organized gangs involved in fraud are consolidating their efforts and are working in collusion with each other. In fact, when you note all the cooperation on their end from technology to socializing to logistics, it becomes very apparent. Perhaps, the answer is for the good guys to develop a similar strategy, or fight fire with fire!

You can read the story from CanWest, by clicking on the title of this post.