Friday, December 22, 2006

FAL$E HOPE$ @ CHRI$TMA$

FAL$E HOPE$ was a Federal Trade Commission operation announced on December 12, 2006, which cracked down on Bogus Business Opportunities. Coordinated with the Department of Justice, the US Postal Inspection Service, and law enforcement agencies in 11 states, the report contains more than 100 law enforcement actions! (In the interest of full disclosure, these publicity operations solicit previously investigated cases from parties who wish to be included in the press release. Although the Operation was announced publicly in December of 2006, many of the activities had concluded as early as February of 2005.)

DOJ Actions were primarily in Nevada and the South District of Florida, but had some great cases themselves! In just one such case, AmeriP.O.S., individuals were told they were buying the right to mark kiosks for prepaid debit cards, phone cards, and internet access. Eleven defendants were charged and received hard time from between 24 and 135 months! Restitution was also ordered in the amount of $16,659,826.94! Altogether this group will spend 729 months in prison.

The original DOJ Press Release shows this to have been part of "Project Biz Opp Flop". In Biz Opp Flop DOJ documented 4,000 consumers nationwide who lost more than $60 million in these fraudulent business opportunities. AmeriP.O.S. promised that for their $12,000 investment, purchasers would received several Point of Sale terminals and support in establishing their own territory for the business. 1,500 people fell for the scam. Other companies, "Cash Link", "Tel 2 Net", "Pantheon Holdings" and "Global Resources" were offering the same offer. Global Resources advertised on television, the Internet, and by high pressure telephone calls, promising earnings of $6,480 per month (with a $14,000 minimum investment = two month break even!) 150 investors sent Global Resources $2.5 million! Pantheon got $19 Million from 1,500 consumers! Perfumes Unlimited, another case included in Biz Opp Flop, claimed consumers could earn $150,000 per year selling perfume in racks placed in stores. 150 consumers gave them $1.5 Million to invest. Accomplices were recruited to lie about their own experiences with the business as references to the success of the product.


The US Postal Inspection Service provided their Work at Home/Distributorshipos Case Briefs to the FTC which included many work at home schemes such as "Wealth By Mail, Inc", "GTEC", "Armand & Company", and many others, including one in my home town of Birmingham, Alabama.

In that case, "Employment Solutions" advertised a work at home envelope stuffing business, for which he would send a "start-up" kit for $32. Many folks received the start up kits, but they didn't receive the profits he described!

Perhaps the most successful case among the USPIS actions was "National Brochures / AAA Information Center". In this case, Malcolm Lincoln received 10 years in prison, and his wife three years, and were each ordered to pay $28,282 in restitution to 200 victims. Victims spent between $35.95 and $745.95 to receive their work-at-home business kits, and were promised they would earn between $4 and $21.82 per envelope stuffed. No one ever received a payment. In total over 1,000 people were victimized and the defendants earned more than $400,000!

Some of the claims were ridiculous! "EDI Health Claims Network" said that the customers medical billing business would earn as much as $1,200 per month with just one client! After consumers paid their $5,985, they were told their first client could be found by looking in their local yellow pages!

Many of the business opportunities in the FTC report promise returns of more than $1500 per week, and some as high as $150,000 in their first year!

One company, USA BEVERAGES, INC, (see the separate press release: FTC Halts Bogus Business Opportunity Scam) used Voice Over IP and prepaid cell phones to make it seem that they were calling from the local area, when in reality, they were making their pitches for coffee display racks from Costa Rica. Their website claimed it was a 12 year old company in New Mexico. With this 12 year history, the promise that franchisees would make "no less than $1,055.60 per week" if they operated 13 display racks must have seemed legitimate! Investors gave up between $18,000 and $85,000 each to learn that it was not true.

Thursday, December 21, 2006

Pump & Dump: SEC gives us a peek!

We all know that the most annoying spammers on the planet today are the ones who are sending out the image based Stock spam that seems to be most gifted at by-passing every form of spam filter. I frequently get the question: "How do these guys make money?"

This week, the Securities and Exchange Commission website has two interesting cases that give us some details. They illustrate two different methods of pump & dump. Account Theft, and False Profile spamming.

Let's look first at the password thief.

SEC Emergency Action Against Foreign Traders - SEC v. Grand Logistic

The subject of this action, Grand Logistic, is a company owned by Evgeny Gashichev who resides in St. Petersburg, Russia. His company operates in Estonia and is licensed as a corporation in Belize. The company exists to speculate in the penny stock market. The way it works is that Evgeny placed $30,000 in an online brokerage account, and began buying penny stocks. Curiously, these stocks, which had seen almost no activity, began to be bought and sold like mad after Evgeny would purchase them.

The charges from the SEC indicate that Evgeny would buy penny stocks from HIS account, and then would log in using stolen credentials to many other accounts, including E*Trade, ScottTrade, and TD Ameritrade accounts and make large purchases from other people's brokerage accounts - without their knowledge or permission - in volumes ranging from 6,000 to 71,000 shares! Then, when the price had risen sufficiently, Evgeny would liquidate the holdings in that account from his own profile.

So how did he do? Evgeny's initial investment grew from $30,000 to $383,000 in just seven weeks!

For more details see: The SEC's Complaint.



Now let's turn our attention to the Stock Spammer case "Red Hot Stocks". This is a case where we get to see the "end of the story", however, as usual, the question remains outstanding whether or not justice has been served. Still, the SEC is to be applauded for their action.

In the current SEC Final Judgement against Red Hot Stocks defendant Dieter Raabe, Raabe was ordered to pay $489,900 in disgorgement, plus prejudgment interest of $215,110 and post judgment interest of $16,300, and a civil penalty of $110,000, for a total of $831,310.

Wow! $831,310 sounds like a great deal of money! But wait, didn't we establish that in 2002 he had already earned $4 million from his fraudulent trading schemes!?!?


This case goes all the way back to an SEC Complaint in 2002 against Red Hot Stocks, where the SEC filing indicates that the defendant had earned more than $4 million through manipulation of the stock market.

In this situation, subscribers of the "Red Hot Stocks" website received a newsletter which contained a false or misleading statement about the dealings of a penny stock company. One of the biggest problems though, from SEC rulings, is that the profiles were made without disclosing that the author and promoter was personally planning to liquidate a large holding once his objectives had been met. There are rules dictating when an "insider" may sell their stock holdings after public statements are made. Raabe was previously accused with James E. Franklin. Franklin operated the companies "Vector Keel Ltd." and "Initial Public Offering Consultants, Inc." who would buy (or receive for services rendered) the stock. Then "Red Hot Stocks" would create online profiles for the companies, and spam the hell out of the profiles waiting for payday.

The actual Red Hot Stocks website is still available thanks to the Archive.org WayBack Machine. Here's a link:

Red Hot Stocks (WayBack Machine link to 1998)

Some of the stocks profiled there include:

AXPL, NTSA, NEOT, LCAV, EZCL, CMYN, GRB.V

So, this case brings to a close Pump & Dump activity which occurred through this "free stock tips" newsletter offered more than 8 years ago!






Many examples of similar scams can be found in the archives of Harvard University's CyberLaw archive on Stock Spam. Here is a great resource listing stock symbols touted by spam, produced by Laura Frieder and Jonathan Zittrain:

Stock Touts (From Harvard CyberLaw)

Their excellent paper, just released 16DEC06, is available here:

Spam Works: Evidence from Stock Touts and Corresponding Market Activity

Thursday, October 12, 2006

Counterfeit Checks? Who cares!

Today I had a pretty typical law enforcement interaction.

Before I get into that, I want to say that I have great admiration and respect for many of the law enforcement folks I meet every day. The down side of this interaction is not a reflection on any individual in law enforcement, but rather of the troubles at the next level - the US Attorney's Office, where they decide whether a federal case will be worked or not.

SCENARIO
============
In this circumstance, a family member had advertised some services on the Internet. Predictably, a number of non-English speaking persons jumped on the service and wanted to buy it. The first wants to know if he can send a Cashier's Check for $4,000 rather than the actual price of $2,100, and would she be willing to deposit it in her account and wire the additional funds to his Travel Agent. The second actually sent a check for $3600 (I have the check), and then Tragedy Struck, and the poor gentleman is hospitalized in Canada and his only hope is if my family member could send $500 of that $3600 to a Canadian address TODAY!

(The other guy wanted the money sent to a Travel Agency in London, who was paying for his son's trip to the United States).

CRIME
=================
So, we have a counterfeit check. The check itself is printed on check stock you can buy in an office supply store, and drawn from an American based Credit Union. Only they've mis-spelled common English words, even on the face of the check, and have given an invalid toll free number for the credit union.

I contact the credit union's "risk management" office, describe my scenario, and ask if its common. She says she gets "two or three calls a day" very similar to mine, each ending with a counterfeit check drawn from their credit union. Sometimes they have deposited the check and sent money to the con man. Sometimes they haven't.


REJECTION
=================
I ask her who her chosen law enforcement partner in this situation is. She says that she has called the Secret Service, who seemed interested at first, but lost interest when they realized the checks were being mailed from Canada. I call her local FBI CyberCrime Supervisor and describe the scenario to him. He says that unfortunately "bank fraud is not the priority that it once was" in the Bureau. He'd love to work the case, but "if there is not at least $500,000 in loss, the local Assistant US Attorney won't prosecute."

So, what should you do if you or a family member or friend receives a counterfeit check?

The best plan, according to all parties, is to fill out the report that you can find at the Internet Crime and Complaint Center website -- http://www.ic3.gov/ -- By entering as much data as possible into that database, your case can be combined with other cases to try to generate those minimums that will make a US Attorney want to prosecute. Note: The $500,000 is a higher threshold than I have heard in most jurisdictions. Some have stated they will take action for as little as $75,000 in proven losses.

I believe this will get better, but part of what will make it better is people like you and me making sure that we gather as much evidence as we can, and put it in front of the people who have to make these decisions. Maybe we waste our time today, but its the necessary leg work to getting this situation turned around.

Good luck!

_-_
gar

Counterfeit Checks? Who cares!

Today I had a pretty typical law enforcement interaction.

Before I get into that, I want to say that I have great admiration and respect for many of the law enforcement folks I meet every day. The down side of this interaction is not a reflection on any individual in law enforcement, but rather of the troubles at the next level - the US Attorney's Office, where they decide whether a federal case will be worked or not.

SCENARIO
============
In this circumstance, a family member had advertised some services on the Internet. Predictably, a number of non-English speaking persons jumped on the service and wanted to buy it. The first wants to know if he can send a Cashier's Check for $4,000 rather than the actual price of $2,100, and would she be willing to deposit it in her account and wire the additional funds to his Travel Agent. The second actually sent a check for $3600 (I have the check), and then Tragedy Struck, and the poor gentleman is hospitalized in Canada and his only hope is if my family member could send $500 of that $3600 to a Canadian address TODAY!

(The other guy wanted the money sent to a Travel Agency in London, who was paying for his son's trip to the United States).

CRIME
=================
So, we have a counterfeit check. The check itself is printed on check stock you can buy in an office supply store, and drawn from an American based Credit Union. Only they've mis-spelled common English words, even on the face of the check, and have given an invalid toll free number for the credit union.

I contact the credit union's "risk management" office, describe my scenario, and ask if its common. She says she gets "two or three calls a day" very similar to mine, each ending with a counterfeit check drawn from their credit union. Sometimes they have deposited the check and sent money to the con man. Sometimes they haven't.


REJECTION
=================
I ask her who her chosen law enforcement partner in this situation is. She says that she has called the Secret Service, who seemed interested at first, but lost interest when they realized the checks were being mailed from Canada. I call her local FBI CyberCrime Supervisor and describe the scenario to him. He says that unfortunately "bank fraud is not the priority that it once was" in the Bureau. He'd love to work the case, but "if there is not at least $500,000 in loss, the local Assistant US Attorney won't prosecute."

So, what should you do if you or a family member or friend receives a counterfeit check?

The best plan, according to all parties, is to fill out the report that you can find at the Internet Crime and Complaint Center website -- http://www.ic3.gov/ -- By entering as much data as possible into that database, your case can be combined with other cases to try to generate those minimums that will make a US Attorney want to prosecute. Note: The $500,000 is a higher threshold than I have heard in most jurisdictions. Some have stated they will take action for as little as $75,000 in proven losses.

I believe this will get better, but part of what will make it better is people like you and I making sure that we gather as much evidence as we can, and put it in front of the people who have to make these decisions. Maybe we waste our time today, but its the necessary leg work to getting this situation turned around.

Good luck!

_-_
gar

Tuesday, October 10, 2006

Birmingham InfraGard - October 2006

Its about six hours from InfraGard time. My wife asked me about 9 PM, "How long will it take you to finish your presentation?" I told her, "It will be presentable in about an hour, and then it will get better every hour until I fall asleep."

http://www.birmingham-infragard.org/

Today's topics:

(mine) - Jihad Online - the Internet as Propaganda tool
(Dan's) - Two recent IE Zero Days

Its amazing how trivial it is to find many of the Jihad Propaganda pieces - videos, magazines, daily news reports - with a few little "search in Arabic" googlings . . .

The primary distribution points seem to be "large file sharing" services. There are actually several Jihadi blogs here on blogger.com. Google pops up a "Hate" warning for those blogs. Its says:

Some readers of this blog have contacted Google because they believe this blog's content is hateful. In general, Google does not review nor do we endorse the content of this or any blog.

Well, I guess that's nice. Google doesn't endorse blowing up American GI's Hummers with Rocket Propelled Grenades. They just innocently provide the space for the bloggers to tell their fellow jihadists where to download the videos of the action.

More later . . . let me know if you find anything interesting!

_-_
gar