Category: The Authorities

US Catches Scammers on Instagram

Olalekan Jacob Ponle, known as “mrwoodbery” to his Instagram followers, flaunted his wealth, including a new Lamborghini he had in Dubai.

He was arrested by Dubai Police for alleged money laundering and cyber fraud.

A number of African criminals were caught in the dramatic operation, including 37-year-old Ramon Olorunwa Abbas, “hushpuppi” or just “hush” as he was known by his 2.4 million Instagram followers.

Police in the emirate say they recovered $40m in cash, 13 luxury cars worth $6.8m, 21 computers, 47 smartphones and the addresses of nearly two million alleged victims.

Mr Abbas and Mr Ponle were both extradited to the US and charged in a Chicago court with conspiracy to commit wire fraud and laundering hundreds of millions of dollars obtained from cybercrimes.

It is a spectacular crash for the two Nigerian men who extensively documented their high-flying lifestyle on social media, raising questions about the sources of their wealth.

They unwittingly provided crucial information about their identities and activities for American detectives with their Instagram and Snapchat posts.

Business Email Compromise Scam

The criminals used various scams including the 419 Advance Fee scam but the most lucrative was Business Email Compormise.

They are accused of impersonating legitimate employees of various US and tricking the recipients into transferring millions of dollars into their own accounts.

In one case, a foreign financial institution allegedly lost $14.7m in a cyber-heist where the money ended up in hushpuppi’s bank accounts in multiple countries.

The FBI affidavit alleges that he was involved in a scheme to steal $124m from an unnamed English Premier League team.

“The scammer would gather contextual details, as they watched the legitimate email flow,” explains Crane Hassold, Agari’s senior director of threat research.

“The bad actor would redirect emails to the bad actor’s email account, craft emails to the customer that looked like they are coming from the vendor, indicate that the ‘vendor’ had a new bank account, provide ‘updated’ bank account information and the money would be gone, at that point.”

They try to convince a recipient to wire money to the other side of the world or they go “phishing”, stealing a user’s identity and personal information for fraud.

Over Confidence

On Instagram, hushpuppi said he was a real estate developer, but the “houses” he talked about were actually codewords for bank accounts used to receive proceeds of a fraudulent scheme.

In April, hushpuppi renewed his lease for another year at the exclusive Palazzo Versace apartments in Dubai under his real name and phone number.

The FBI obtained records from his Google, Apple iCloud, Instagram and Snapchat accounts which allegedly contained banking information, passports, communication with conspirators and records of wire transfers.

I expect their many victims would be pleased for the criminals to rot in jail for a very long time.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

Government Cyberaware

https://www.ncsc.gov.uk/cyberaware/home

Cyber Aware gives the UK government’s tips on how to stay secure online.

  1. Create a separate password for your email and separate passwords for any important online accounts e.g. financial ones
  2. Make sure the passwords are strong e.g. use three random words hat no-one else could guess
  3. Saving your passwords in your browser means you wont need to remember so many different passwords
  4. Turn on two-factor authentication for important accounts where it is available
  5. Keep your devices up to date with latest security
  6. Backup all important files regularly. Most devices can do this automatically for you.

Your personal email account contains lots of important information about you and is the gateway to all your other online accounts. If you forget an account password, your email address is the means to reset that password and this makes your email password critical to you.

If your email account is hacked all your other passwords can be reset, so use a strong password that is different to all your others.

Weak passwords that can be guessed or are a word in the dictionary can be hacked quite easily.

The longer and more unusual your password is, the stronger it becomes and the harder it is to hack. The best way to make your password long and difficult to hack is by using a sequence of three random words you’ll remember and no-one else can guess.

You can make it even stronger b including special characters such as @£# etc.

Starting with your most important accounts (such as email, banking and social media), replace your old passwords with new ones.

Two-factor Authentication

2FA is a free security feature that gives you an extra layer of protection online and stops cyber criminals getting into your accounts – even if they have your password. It reduces the risk of being hacked by asking you to provide a second factor of information, such as getting a text or code when you log in, to check you are who you say you are.

Check if the online services and apps you use offer 2FA – it’s also called two-step verification or multi-factor authentication. If they do, turn it on.

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Online Dating Association

In summer 2013 a group of dating site providers in the UK created a body that would allow the sector to work together on standards and speak as one voice with regulators, law enforcement agencies and others.

These services wanted to take some shared responsibility for the wellbeing of the sector and its users – and not just rely solely on the law.

A Code of Practice and advice for the public on the best and safe use of services was published in December 2013. The Code was focused on:-

  • The clarity and honesty of the services offered
  • The protection of user’s personal information
  • The proper operation of services
  • The advice and help given to users to make dating as enjoyable and safe as possible.

The Online Dating Association intends for its materials to be used by any company for whom they are relevant, anywhere in the world in order to raise standards.

The Online Dating Association’s policy recommendations and complaint arbitration are designed to help  members build trust with consumers, so singles can join dating platforms with confidence and security.

The ODA screens members before and after they join to discourage misleading marketing ploys and unsavoury sales tactics in the dating industry.

Members that commit to the official Code of Practice endorse policies that support a healthy, secure, and friendly online atmosphere for singles. Since 2013, the Online Dating Association has promoted high moral standards for dating websites old and new, big and small, in the UK and abroad.

Fightback Ninja Signature

DMCA Badge

www.dmca.com

The Digital Millennium Copyright Act (DMCA) is a 1998 United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization.

It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to copyrighted works (commonly known as digital rights management or DRM).

DMCA are the guardians online of copyright material and are best known for being able to take-down websites where people have copied other’s content and not removed it when ordered to.

They claim to be protecting more than one million websites with their badge.

The DMCA Badge

A DMCA Badge is a seal of protection placed on a website that deters thieves from stealing the content.

With a registered badge, you have access to the tools, resources and support to swiftly takedown any website that steals your content.

Thieves don’t like that!

DMCA say that if your content is stolen while protected with their badge, they will do a takedown for no charge

A DMCA Takedown is when content is removed from a website at the request of the owner of the content or the owner of the copyright of the content. It is a well established, accepted, internet standard followed by website owners and internet service providers.

If you have any experiences with copyright theft and/or DMCA do let me know, by email.

Fightback Ninja Signature

Millions Suffer Identity Theft

2018 statistics on identity theft by country, according to Norton Lifelock.

Country

Cases of Identity Theft

USA 13,300,000
Canada 1,500,000
Mexico 6,100,000
U.K. 2,400,000
France 1,300,000
Germany 2,400,000
Italy 2,000,000
Australia 884,000
New Zealand 164,000
Japan 2,400,000

 

If you have suffered from identity theft – do let me know, by email.

Fightback Ninja Signature

Child Abuse Protection Online

Facebook, Twitter, Microsoft, Google and other tech companies agreed to British government demands that they do more to keep young people safe on their online services.

This is a set of voluntary guidelines created by the UK, the U.S., Australia, Canada and New Zealand and it includes measures to stop new and existing child abuse photos and films appearing online.

The guidance also specifies that the companies must prevent streaming of such material and to work with Police to identify offenders and further develop their technology to stay ahead of offender’s behaviour online.

The countries have been clear that if the voluntary guidelines do not work then legislation will follow.

This is a big step forward – shame it has taken the tech companies so long to reach this point.

Do enter your email address and click on the subscribe button on top right to keep up to date with new

Fightback Ninja Signature