Upload File

internet fraud: mythical online scams

1
internet fraud 19 practitioners to perform. In order to get full benefit of that investment, they must be conducted thoroughly and openly with positive approaches to the results. The results are never pleasant, of course. Catastrophes never are, and if there was no catastrophe there would be no need for the post-incident analysis. Smaller post-incident analyses are always appropriate for any digital incident, of course, and such analyses are rarely as complex or expensive as that described here. They can, generally, be conducted internally and will have nowhere near the potential impact of a major post mortem. However, if the time comes to respond to a catastrophic event with a full-blown post- incident analysis, do it right, do it positive- ly and do it quickly. About the Author Peter Stephenson is the director of technolo- gy services for QinetiQ Trusted Information Management. There are more charity-related fronts for Middle Eastern terrorist groups than any other contingent I have been able to find. When I studied cyber terrorism, the main activities that I found these groups involved in was not breaking into com- puters, it was using computers to gener- ate money and political support. There are many such cases, but I will focus on one group that seemed to be quite effec- tive for quite some time. The scheme The scheme is always the same. Present a sympathetic audience with a case that persuades them to donate. The classics are children dying of starvation, children being killed by bombs and land mines, women and children living in rubble, and so forth. This particular group decided to go with blood and pictures of mangled bodies in their approach. Action Step 1: Distressing pictures of individuals are posted online. Step 2: The pictures may be digitized and clipped so that their con text cannot be seen. Step 3: A recognisable and accessible website url is used. For example, 'jihad.org' OR 'islam.tv'. The name can be leased for a year at $12-$15 and an ISP can provide the hosting services at ($35/year) Step 4: The site may be advertised on other related sites. This is a big one. There will always be a pro vision stating — send money to [select the one best suited to your pitch] (a) save a child, (b) prevent this from ever happening again, (c) protect your own family from this sort of thing, or in the case of my favourite site (d) support our lobbying efforts. Aftermath It took several years for this growth establishment to finally come to its end, and it came to its end almost by acci- dent as part of a general (and possibly unconstitutional) shut down of a whole selection of websites from similar chari- ties without regard to which of them might actually be legitimate. The perpe- trators took the money back home to line their pocket books rather than foment revolution, but those who gave to the charity, for the most part, are still not aware of the fraud. They feel they have been altruistic and that legitimate charities have been suppressed by the government. In this case the earnings were probably less than a million dollars a year for the scam. Conclusion When these sites are detected, it is vital that they are removed in an open and informing manner. When a group of similar religious sites are taken out of service en mass, the appearance is of discrimination against the religion. If they are taken offline one by one and the individuals who run them are arrested and charged, it looks like it's a legitimate police action. This type of process was not implemented for this particular case and the public were left speculating. A government process should be established whereby charities are regis- tered, investigated, and validated so bogus online charities can be effectively contained. Internet Fraud Mythical Online Scams Fred Cohen Criminals have adopted the Internet because of its increased efficiency in facilitat- ing the business processes of the criminal enterprise. Their gains in productivity are among the great success stories of the Internet, and many in corporations only wish they could achieve the same level of efficiency. One of the longest running frauds on the Internet, or anywhere else, is the religious or political charity that doesn’t exist. There is nothing new about charities as fronts for frauds, criminals, or even more recently terrorists. Charities are seemingly benevolent. Honest hard working people who want to do good for others and share the fruits of their labours use charities as a gateway to help others.

Upload: fred-cohen

Post on 19-Sep-2016

213 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Internet Fraud: Mythical Online Scams

internet fraud

19

practitioners to perform. In order to getfull benefit of that investment, they mustbe conducted thoroughly and openly withpositive approaches to the results. Theresults are never pleasant, of course.Catastrophes never are, and if there was nocatastrophe there would be no need for thepost-incident analysis.

Smaller post-incident analyses are alwaysappropriate for any digital incident, ofcourse, and such analyses are rarely ascomplex or expensive as that describedhere. They can, generally, be conductedinternally and will have nowhere near thepotential impact of a major post mortem.However, if the time comes to respond to a

catastrophic event with a full-blown post-incident analysis, do it right, do it positive-ly and do it quickly.

About the AuthorPeter Stephenson is the director of technolo-gy services for QinetiQ Trusted InformationManagement.

There are more charity-related frontsfor Middle Eastern terrorist groups thanany other contingent I have been able tofind. When I studied cyber terrorism, themain activities that I found these groupsinvolved in was not breaking into com-puters, it was using computers to gener-ate money and political support. Thereare many such cases, but I will focus onone group that seemed to be quite effec-tive for quite some time.

The schemeThe scheme is always the same. Present asympathetic audience with a case thatpersuades them to donate. The classicsare children dying of starvation, childrenbeing killed by bombs and land mines,women and children living in rubble, andso forth. This particular group decided togo with blood and pictures of mangledbodies in their approach.

ActionStep 1: Distressing pictures of individuals

are posted online. Step 2: The pictures may be digitized

and clipped so that their context cannot be seen.

Step 3: A recognisable and accessible website url is used. For example, 'jihad.org' OR 'islam.tv'. The name can be leased for a year at $12-$15 and an ISP can provide the hosting services at ($35/year)

Step 4: The site may be advertised on other related sites. This is a big one. There will always be a provision stating — send money to [select the one best suited to your pitch] (a) save a child, (b) prevent this from ever happening again, (c) protect your own family from this sort of thing, or in the case of my favourite site (d) support our lobbying efforts.

Aftermath It took several years for this growthestablishment to finally come to its end,and it came to its end almost by acci-dent as part of a general (and possiblyunconstitutional) shut down of a wholeselection of websites from similar chari-ties without regard to which of themmight actually be legitimate. The perpe-trators took the money back home toline their pocket books rather thanfoment revolution, but those who gaveto the charity, for the most part, are stillnot aware of the fraud. They feel theyhave been altruistic and that legitimatecharities have been suppressed by thegovernment. In this case the earningswere probably less than a million dollarsa year for the scam.

ConclusionWhen these sites are detected, it is vitalthat they are removed in an open andinforming manner. When a group ofsimilar religious sites are taken out ofservice en mass, the appearance is ofdiscrimination against the religion. Ifthey are taken offline one by one andthe individuals who run them arearrested and charged, it looks like it's alegitimate police action. This type ofprocess was not implemented for thisparticular case and the public were leftspeculating.

A government process should beestablished whereby charities are regis-tered, investigated, and validated sobogus online charities can be effectivelycontained.

Internet Fraud Mythical Online Scams

Fred Cohen

Criminals have adopted the Internet because of its increased efficiency in facilitat-ing the business processes of the criminal enterprise. Their gains in productivityare among the great success stories of the Internet, and many in corporations onlywish they could achieve the same level of efficiency. One of the longest runningfrauds on the Internet, or anywhere else, is the religious or political charity thatdoesn’t exist. There is nothing new about charities as fronts for frauds, criminals,or even more recently terrorists. Charities are seemingly benevolent. Honest hardworking people who want to do good for others and share the fruits of theirlabours use charities as a gateway to help others.

Financial Transactions and Fraud Schemes Transactions and Fraud Schemes ... company to liability by disclosing secrets. ... Credit Repair Scams

Internet Fraud Scams - Commercial Bank

Fighting Scams and Fraud - People's Choice Credit Union · 2015-06-19 · Fighting Scams and Fraud Fighting Scams and Fraud If any of these things have happened to you, it is important

Health Fraud Scams …are Everywhere. · Tip-Offs to Rip-Offs By learning to recognize health fraud scams, you can help to avoid them. Be suspicious of these red flag claims: “Quick

Fraud and Scams in Banking Sector

2020 Nebraska Fraud and Scams Updatedhhs.ne.gov/Medicaid SUA/Protect the Good Life, Fraud and Scams U… · 15 10 5 . Percentages . 0 Under 19 3 . 28 . 20-29 . 13 . 14 . 30-39 . 16

Avoiding Tech Support Scams from Microsoft & the AARP Fraud Watch Network

Digital Safety, Fraud & Scams

Elder Fraud - Preventing Senior Scams

Investment Fraud & Scams · 2019. 11. 19. · Christine Kieffer-FINRA Foundation-Investment Fraud & Scams 4 Sources: FINRA Investor Education Foundation research reports, Financial

Fighting Scams and Fraud - voc.sa.gov.auvoc.sa.gov.au/sites/default/files/Fighting_Scams_and_Fraud.pdf · Fighting Scams and Fraud If any of these things have happened to you, it

SCAMS, SCHEMES & SWINDLESlongevity3.stanford.edu/wp-content/uploads/2014/01/Scams...Scams, Schemes & Swindles a research review of consumer financial fraud 3LETTER FROM THE DIRECTOR

CORPORATE FRAUD - ICSI · PDF fileCORPORATE FRAUD By Manish Lamba “FRAUS OMNIA VITIATE ... • Investment Scams • Bankruptcy Frauds • Miscellaneous ... • Financial Frauds

Recent developments in investment fraud and scams ... tradingmch18.pdf1 Recent developments in investment fraud and scams: Contracts for Difference (‘CFD’) spread betting and binary

Health Fraud Scams …are Everywhere - FDA Fact Sheet

Springhill talk nation time scams fraud among obamacare concerns

FRAUD ALERT! DETECTING AND PREVENTING SCAMS IN …

Understanding Fraud Schemes & Scams · PDF fileUnderstanding Fraud Schemes & Scams ... Lottery Scams promise large lottery winnings in return for an initial ... character for them

Fighting Fraud: U.S. Senate Aging Committee Identifies Top 10 Scams … Fraud... · 2017. 1. 4. · Sweepstakes scams, such as the Jamaican lottery scam, continue to be a problem

include title and FDIC and CFPB logos and publication date...• Contractor fraud and home improvement scams • Mortgage assistance relief scams • Anyone who . 10 . Scams Targeting

TIPS TO AVOID FRAUD & SCAMS - scb.gov.bs

Treasurer’s Update (and) Protecting Against Fraud & Scams

Government Scams Ross McDonald AGA/ACFE Fraud and Technology Conference October 11, 2006

Fraud and Scams Targeting Delaware · 1. Training on how to detect and avoid scams, 2. Limiting the number of people authorized to pay invoices or place orders, 3. Talking about scams

AFFINITY FRAUD - How To Avoid Investment Scams That Target

Protecting your self against high fees, scams and outright fraud

Protecting Your Firm and Your Clients from Scams, Fraud ... · Protecting Your Firm and Your Clients from Scams, Fraud, and Financial Loss . Thursday, May 16, 2013 .5 Ethics and 1.75

Student's Guide to Fraud Scams · 2. Student Tax Scams For several years, IRS scams have been affecting individuals across the United States. Tax scams tend to increase around tax

Session 16 Fraud Alert: Avoiding Scholarship Scams

Protecting Yourself Against Home Improvement Fraudkfi.ky.gov/public/Senior Scam Jam/Home Improvement Fraud - IPD.pdf · Home Improvement Scams Common Types of Home Improvement Scams

Guide to avoiding elder fraud - Philips · • Identity theft • Homeowner scams • Cash fraud • Robocall scams Advance-fee scams Telemarketing fraud This often involves having

AFFINITY FRAUD - How To Avoid Investment Scams That Target Groups

FINANCIAL SCAMS, FRAUD AND MONEY LAUNDERING · PDF filefinancial scams, fraud and money laundering: could you be at risk? financial services commission (fsc) public forum presenter:

White Paper: Employee Fraud Case Studies - Exit Planning ...mpninc.com/pdf/White_Papers/Employee_Fraud.pdf · 2 EMPLOYEE FRAUD CASE STUDIES OF TYPICAL SCAMS OVERVIEW: EMPLOYEE FRAUD

How to Stop Credit Card Chargeback Fraud Scams