internet fraud: mythical online scams
TRANSCRIPT
internet fraud
19
practitioners to perform. In order to getfull benefit of that investment, they mustbe conducted thoroughly and openly withpositive approaches to the results. Theresults are never pleasant, of course.Catastrophes never are, and if there was nocatastrophe there would be no need for thepost-incident analysis.
Smaller post-incident analyses are alwaysappropriate for any digital incident, ofcourse, and such analyses are rarely ascomplex or expensive as that describedhere. They can, generally, be conductedinternally and will have nowhere near thepotential impact of a major post mortem.However, if the time comes to respond to a
catastrophic event with a full-blown post-incident analysis, do it right, do it positive-ly and do it quickly.
About the AuthorPeter Stephenson is the director of technolo-gy services for QinetiQ Trusted InformationManagement.
There are more charity-related frontsfor Middle Eastern terrorist groups thanany other contingent I have been able tofind. When I studied cyber terrorism, themain activities that I found these groupsinvolved in was not breaking into com-puters, it was using computers to gener-ate money and political support. Thereare many such cases, but I will focus onone group that seemed to be quite effec-tive for quite some time.
The schemeThe scheme is always the same. Present asympathetic audience with a case thatpersuades them to donate. The classicsare children dying of starvation, childrenbeing killed by bombs and land mines,women and children living in rubble, andso forth. This particular group decided togo with blood and pictures of mangledbodies in their approach.
ActionStep 1: Distressing pictures of individuals
are posted online. Step 2: The pictures may be digitized
and clipped so that their context cannot be seen.
Step 3: A recognisable and accessible website url is used. For example, 'jihad.org' OR 'islam.tv'. The name can be leased for a year at $12-$15 and an ISP can provide the hosting services at ($35/year)
Step 4: The site may be advertised on other related sites. This is a big one. There will always be a provision stating — send money to [select the one best suited to your pitch] (a) save a child, (b) prevent this from ever happening again, (c) protect your own family from this sort of thing, or in the case of my favourite site (d) support our lobbying efforts.
Aftermath It took several years for this growthestablishment to finally come to its end,and it came to its end almost by acci-dent as part of a general (and possiblyunconstitutional) shut down of a wholeselection of websites from similar chari-ties without regard to which of themmight actually be legitimate. The perpe-trators took the money back home toline their pocket books rather thanfoment revolution, but those who gaveto the charity, for the most part, are stillnot aware of the fraud. They feel theyhave been altruistic and that legitimatecharities have been suppressed by thegovernment. In this case the earningswere probably less than a million dollarsa year for the scam.
ConclusionWhen these sites are detected, it is vitalthat they are removed in an open andinforming manner. When a group ofsimilar religious sites are taken out ofservice en mass, the appearance is ofdiscrimination against the religion. Ifthey are taken offline one by one andthe individuals who run them arearrested and charged, it looks like it's alegitimate police action. This type ofprocess was not implemented for thisparticular case and the public were leftspeculating.
A government process should beestablished whereby charities are regis-tered, investigated, and validated sobogus online charities can be effectivelycontained.
Internet Fraud Mythical Online Scams
Fred Cohen
Criminals have adopted the Internet because of its increased efficiency in facilitat-ing the business processes of the criminal enterprise. Their gains in productivityare among the great success stories of the Internet, and many in corporations onlywish they could achieve the same level of efficiency. One of the longest runningfrauds on the Internet, or anywhere else, is the religious or political charity thatdoesn’t exist. There is nothing new about charities as fronts for frauds, criminals,or even more recently terrorists. Charities are seemingly benevolent. Honest hardworking people who want to do good for others and share the fruits of theirlabours use charities as a gateway to help others.