Nigerian jailed for defrauding Australian

By Henry Ojelu

A first class honours graduate of Geography, from the University of Lagos, Lawal Adewale Nurudeem, wept uncontrollably yesterday, at the Ikeja High Court, as he was sentenced to 12 months imprisonment for defrauding an Australian woman of over N8 million. Adewale was alleged to have, in November, 2007, under the pretext of being a British national involved in a fatal accident, defrauded Rosalene Sunna, an Australian, who, because of his unfortunate fate, kindly opted to extend financial assistance to him via the internet. According to the information on the charge brought against him by the Economic and Financial Crimes Commission (EFCC), Adewale posted a pathetic picture of a Briton involved in a motor accident in Nigeria on the internet, with the aim of soliciting financial assistance from any kind individual. Kind-hearted 56-year-old Rosalene fell for the scam and initially sent some money to Adewale who was hale and hearty in Lagos. To further milk Rosalene, Adewale appealed for more assistance and she subsequently sent more money thinking she was helping someone in genuine need. Adewale’s fraudulent acts brought him opulence, making him to open fat accounts with several banks, acquired landed properties and a car. Adewale’s cup was full when an official of the internet intelligence agency in Australia discovered the irregularities in the correspondence between him and Rosalene. The EFCC was duly notified via a petition and Adewale was picked up at Ikorodu, a suburb of Lagos, while he was about to pick up another package from his benefactor in a bank in Ikorodu. On arrest, Adewale made a confessional statement acknowledging his fraudulent acts, but later pleaded not guilty when he was arraigned in court. He later entered into a plea bargain changing his plea to guilty as charged. He wept in the dock all through the court proceedings. After listening to Adewale’s lawyer, Mr. Omolaja’s emotion-laden plea for mercy, the presiding judge, justice Obadina, while condemning Adewale for choosing to follow the infamous path of internet scam, sentenced him to a 12-month jail term. The judge also instructed him to prostrate and apologise to his father who was present in court, for embarrassing him and soiling their family name.

March 11, 2009 Posted by alanprince | Uncategorized | | No Comments Yet

Hackers breach Jack Straw’s email

News that hackers breached the UK Justice Minister’s constituency email account and used his contact list for a bizarre fraudulent spam attack might have raised a few smiles, however, behind this story is a reminder of the serious threat that we face on a daily basis.

The burlesque character of this story suggests it may have been more aimed at political embarrassment than at financial gain. Hackers gained access to Jack Straw’s Hotmail account, which he used for constituency, but not government business, stole his contact list and sent spam emails to about 200 contacts asking each to send $3000 to Nigeria so he could get home, having lost his wallet while doing charitable work in Africa.

The recipients were his constituents, Labour Party members and Ministry of Justice officials. The reference to Nigeria echoes with the well-known ‘Nigerian Money Laundering’ attacks, although this incident is not about money laundering. Today, hackers are often expert at tailoring their ‘social engineering’ attacks, but this message was pushing credulity to its limit, particularly as the news media routinely report his travels. One person replied to the email, and nobody sent any money, although several people did phone his home to check the information.

The unsurprising failure of this attack as a criminal financial fraud should not hide the ‘successes’ of the attackers. It is likely that the attackers will make further use of the contact list, to launch future scams or to sell it on to the criminal fraternity through the sophisticated market it has for stolen information of all types. They have also achieved a significant coup in the political embarrassment area. Jack Straw is not just a senior government minister, but the head of law and order and a champion of moving the balance towards more government control and surveillance. He is therefore likely to be a target for this kind of attack. This makes it surprising that he had taken so few steps to secure his Internet activities. We do not know how the hackers gained access to his Hotmail account, but the likelihood is that they used a mundane method to steal his password such as guessing it, downloading spyware, shoulder surfing or intercepting an insecure Wi-Fi session.

A contact list in Exchange contains names, email addresses and optionally phone numbers, addresses and other information such as employment details. This is small fry both qualitatively and quantitatively, compared with the numerous leaks from government databases or incidents in the commercial world such as with the retailer TKMaxx. However, the hackers now have enough information to launch spam attacks, and other low-level identity theft attacks, on 200 people who did not even know their information was being held in this way or in this place. All such attacks highlight the danger of aggregating information into a single place.

Jack Straw is reported as saying that “there is no evidence that confidentiality of constituents was affected”. This may be true, but he would have to admit the likelihood is that their confidentiality has been affected. We may never know how far down the criminal line this information will pass. It is possible that the hackers also downloaded the contents of his mailboxes, which could contain some very sensitive information. Hotmail should be able to clarify the extent of the breach by examining its logs but this information is unlikely to be published. It could have happened, and the victims will be the last to know.

The moral of this story is that everyone has a duty to protect the information they hold online, and particularly when it belongs to, or refers to, others. This duty of care includes maintaining a high standard of cyber hygiene, refraining from using authentication credentials in insecure environments, protecting mobile devices from theft and misuse, and ensuring secure communications.

March 3, 2009 Posted by alanprince | Uncategorized | | No Comments Yet

Scammers even trying schemes that invoke the FBI’s name

Some scams are linked to organized crime in both the U.S. and overseas, said Brian Hale, spokesman for the FBI in Washington, D.C.

 

He said one scam continuing since last year targets the FBI itself. E-mail spam messages claim to be an official order from the FBI Anti-Terrorist and Monetary Crimes Division unit in Nigeria, telling recipients they have been named beneficiary of millions of dollars. The messages ask for personal information and threaten the recipient with prosecution if they fail to provide it.

In December, the FBI issued an alert about the scam, stating it does not send such unsolicited e-mail.

 

For 2007, the most recent data available, the FBI and the Internet Crime Complaint Center received 206,884 scam complaints. That’s down slightly from 2006.

 

The Internet Crime Center, a joint program by the FBI and the National White Collar Crime Center, said more than 90,000 cases nationwide involving estimated losses for the complaints in 2007 at $240 million were referred to law enforcement – up $40 million from the year before.

 

In Illinois, the national complaint center received 6,214 complaints in 2007. The top dollar-loss complaint to the national center from Illinois that year involved a confidence fraud with losses of $700,000.

Statewide, total scam losses from complaints to the national center for the year were more than $9 million.

 

Nationally, the most common kind of scam complaint involves online auction frauds, according to Craig Butterworth, spokesman for the National White Collar Crime Center.

 

So called “work-at-home” scams are also common, he said. That’s where a supposed job listing is a hook to lure victims who are “hired” to receive and redistribute money via wire transfers.

 

That’s similar to overpayment scams, according to Butterworth. One example is known as the “super-shopper scam,” in which victims think they are getting a legitimate chance to work by shopping or dining out and submitting evaluations of their experience.

 

Victims receive bad checks, which they are told to deposit, and further instructed to wire a percentage to a third party while using the rest to “complete their assignment,” Butterworth said.

 

“This scam is successful when the (scammer) is able to convert the victim’s wire transfer into cash before the bank realizes the initial payment is counterfeit,” he said.

 

Natalie Bauer, spokeswoman for Illinois Attorney General Lisa Madigan’s office, said about 20 percent of complaints to the Consumer Protection Division in 2007 involved identity theft. That year, there were 32,577 complaints; of those, 6,388 related to identity theft.

 

“We expect that trend to continue,” Bauer said. “The economic recession is likely a factor in the steady flow of identity theft complaints.”

 

She said the attorney general’s consumer complaint hot line has had increased calls about mortgage fraud.

 

“Some people claim to work with lenders to help you keep your house, but they ask for money up front,” Bauer said.

 

Under Illinois law, the mortgage services have to perform their service first before collecting any money, she said.

By Steve Bauer

March 3, 2009 Posted by alanprince | Uncategorized | | No Comments Yet