Category: The Authorities

Hacking Group Sentenced

Five men have been found guilty of hacking into an e-mail account and attempting to steal more than £3 million from a London businessman.

All five suspects were convicted at Southwark Crown Court on Wednesday, 22 May at the end of a five-month trial following a complex investigation carried out by the Metropolitan Police Service’s Cyber Crime Unit over four years.

Anthony Oshodi,, Foyjul Islam, Mohammed Siddique, Mohammed Rafeek and Meharoof Muttiyan were found guilty of various counts including money laundering, false identification documents and possession of articles for use in fraud.

Oshodi fled three weeks into the trial but was convicted in absence.

The suspects carried out their scam by altering the email account of a single victim, enabling them to send emails without his knowledge and preventing him from viewing messages from his accountant and bank.

The group sent several emails from the victim’s account to his bank requesting payment be made to a number of people. Payment was requested through fraudulent invoices containing account numbers belonging to the suspects.

In one week, approximately £1.3 million was transferred into three accounts. The money was then transferred again to cover their tracks.

Detectives managed to identify each suspect through the examination of banking, phone and computer records. They pieced together key evidence of the money trail, patterns of communication and the ownership of individual devices linked to the offences.

Oshodi’s computer also contained copies of 1000 third party passports and bank cards which were used to create false identities.

Muttiyan acted as a primary money mule, transferring cash through the bank accounts of a petrol station, an insurance claims company, and a computer business owned by the group. Siddique organised the distribution of £600,000.

Rot in jail.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Nuisance Call Bosses Fined Up to £500,000

Estimates by telecoms regulator Ofcom show British consumers were bombarded with 3.9 billion nuisance phone calls and texts in 2018.

Company directors whose firms make unsolicited nuisance calls are now directly liable and could face fines of up to £500,000 under recent legislation from the Information Commissioner (ICO).

In the past some company directors had avoided company penalties for nuisance calls by going bankrupt and then starting a new firm under a different name. Once a company has been dissolved any penalties cannot be collectable.

Previously, it was only the businesses themselves that were liable for fines of up to £500,000 rather than individuals.

Andy Curry, of the nuisance call enforcement team at the ICO, said “It will mean we can recover the fine more easily and also make it much harder for unscrupulous operators to set up in business again.”

Last year, the ICO issued 26 penalties totalling £3.28 million for breaches of electronic marketing laws relating to nuisance calls and spam text messages, along with 10 enforcement notices.

Minister for digital and creative industries Margot James said: “We are determined to stamp this menace out and this new law is the latest in a series of measures to rid society of the plague of nuisance calls.”

If you have any experiences with nuisance callers – do let me know, by email.

Fightback Ninja Signature

Zain Qaiser Jailed

A Londoner named Zain Qaiser has been jailed for blackmailing porn users worldwide.

His jail sentence of six years and five months is a major success for the National Crime Agency and the court heard he is the most prolific cyber criminal to be sentenced in the UK.

Investigators have discovered about £700,000 of his profits – but his network may have made more than £4m.

Working from his bedroom at his family home in Barking, Qaiser began to make money through “ransomware” attacks when he was only 17 years old.

This is a form of attack in which a computer is hijacked (and often the files are encrypted) and frozen by  downloaded  software until the user pays a fee for its release.

Qaiser contacted the Russian controller of one of the most potent attack tools and agreed a split of his profits.

Over 18 months, the teenager posed as a legitimate supplier of online promotions and booked advertising space on some of the world’s most popular legal pornography websites. But each of the adverts that was promoted on the websites contained a malicious tool called the “Angler”.

Any visitor to the adult site who clicked on one of Qaiser’s fake adverts would trigger the download to their own computer of the attack kit.

The software would search for vulnerabilities and If the home computer was not protected with up-to-date anti-virus software, would deliver the ransomware that seized control of the device.

The ransomware then splashes a full screen message to the user, claiming to be from the FBI or Metropolitan Police or other law enforcement agency, accusing the user of breaking the law – warning them they faced up to three years unless they paid a fine of hundreds of dollars immediately in Bitcoin.

It was calculated that one of the fake adverts appeared on 21 million web browsers every month.

Quaiser spent almost £5,000 on a Rolex watch and £2,000 on a stay in a Chelsea hotel. He regularly spent money on prostitutes, drugs and gambling, including almost £70,000 in a casino.

When a Canadian company selling advertising space asked Qaiser to stop, he launched a massive cyber attack against it, causing hundreds of thousands of pounds worth of damage to the business.

Qaiser initially denied the crimes and claimed he had been hacked, before pleading guilty to 11 charges – including blackmail, fraud, computer offences and possessing criminal property.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

HMRC Arrest Warrant Scam

Lots of scammers impersonate HMRC to call or text or email with messages about your needing to make instant payment against the amount you owe HMRC in unpaid taxes.

This new version of the scam involves automated calling systems, cloning of phone numbers and a call centre of criminals.

E.g. You receive an automated call (or maybe its recorded on your answer phone)

The message states that an arrest warrant had been issued under your name and you should press “1” to speak to the case officer or maybe the message directs you to call a specific number.

If you press or call the number you are put through to a call centre of scammers and you will be pressurised to make immediate payment to avoid being arrested.

The payment is likely to be iTunes vouchers. This may seem an odd choice, but once purchased – you just need to tell them the ID number for the vouchers and they can make use of them.

Obviously HMRC do not really accept payment in vouchers so this should warn any potential victims, but some people do pay up without thinking or checking.

The number is usually displayed on a person’s phone as 0300 2003300 – the official number of HMRC. On some phones, when the call comes through “HMRC” appears on their screen as if that is the genuine caller.

However, while the number appears to be a genuine it is in fact from fraudsters looking to trick unsuspecting victims out of their money.

Don’t assume anyone who has contacted you is who they say they are. If an email, phone call or text message asks you to make a payment, log in to an online account or offers you a deal, verify whether it’s real or just a clever scam.

How to Stay Safe Against These Scams

  1. Recognise the signs – Genuine organisations, such as banks and HMRC, will never contact you out of the blue to ask for your PIN, password or bank details
  2. Do not give out private information, reply to text messages, download attachments or click on links in emails you weren’t expecting
  3. Forward suspicious emails claiming to be from HMRC to [email protected] and texts to 60599, or contact Action Fraud on 0300 123 2040 to report any suspicious calls or use its online fraud reporting tool

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Google Fined 1.5 Billion Euros by the EU

The European Union has levied a third antitrust fine against Google.

EU antitrust commissioner Margrethe Vestager said that the technology giant had abused its dominant position by forcing customers of its AdSense service to sign contracts stating they would not accept advertising from rival search engines. “The misconduct lasted over 10 years and denied other companies the possibility to compete on the merits and to innovate.”

This brings the total in fines against Google by the EU to 8.2 billion Euros, but it’s also ends the last of the investigations that were in progress.

The third fine is lower than the previous two as Google actively worked with the European Commission to change its AdSense policies after the EU announced its case in 2016.

In 2006, Google started selling its AdSense for Search product. This let companies place a Google search box on their website. When a search is entered Google shows the results but also its adverts.

Google made customers sign contracts banning them from including rival search engines on their sites. In 2009, Google allowed the inclusion of rival search engines as long as Google’s was more prominent. In 2016, around the time the EU announced its case, the company removed these terms altogether.

Possibly, to avoid further anti-trust cases On Android phones, Google used to automatically install its own services (including Google search) but has recently switched to allowing users which services they want.

Today’s fine brings an end to EU’s current trilogy of open probes, the organization is still looking at a number of other areas of Google’s business and could open new cases in future.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

Facebook and Google Stopped $100 Million Fraud

A Lithuanian man, Evaldas Rimasauska, conned Google and Facebook into transferring over $100m into accounts he controlled.

He sent fake invoices to Google and Facebook between 2013 and 2015.

Mr Rimasauskas and his associates posed as Quanta Computer, a hardware company based in Taiwan that had done business with Facebook and Google.
M r Rimasauskas pleaded guilty to wire fraud in federal court in Manhattan, where Judge George B Daniels said the charge could carry as many as 30 years in prison and a fine up $1m or twice the crime’s proceeds.

In a statement, Geoffrey S Berman, the US attorney for the Southern District of New York, said: “As Evaldas Rimasauskas admitted today, he devised a blatant scheme to fleece US companies out of $100m, and then siphoned those funds to bank accounts around the globe.”

Mr Rimasauskas was extradited from Lithuania to the United States in 2017.

In a court appearance, Mr Rimasauskas said that he had knowingly participated in fraud and that his role was to set up the bank accounts to facilitate the scheme, Bloomberg reported.

After money was wired from the tech companies to the bank accounts in Cyprus and Latvia, the Justice Department said in its statement, Mr Rimasauskas “caused the stolen funds to be quickly wired into different bank accounts in various locations throughout the world, including Latvia, Cyprus, Slovakia, Lithuania, Hungary, and Hong Kong.”

In emailed statements Sunday, Facebook said the company had “recovered the bulk of the funds shortly after the incident and has been cooperating with law enforcement in its investigation”.

Google said it had “detected this fraud and promptly alerted the authorities. We recouped the funds and we’re pleased this matter is resolved”.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature