Tag: take-down

FBI Take Down 74 Business Email Scammers

The FBI call this scam “Business Email Compromise” (BEC).

It’s when a scammer gets the email address of a senior member of a business and impersonates them in emails asking for money to be transferred to an outside account and it is a very common and sadly quite lucrative scam.

It is a rapidly rising scam and estimated to cost business some hundreds of millions of dollars last year.

The FBI report that the elderly, art galleries and collectors, and real estate purchasers have also found themselves targets over the last few years.

The FBI worked with law enforcement agencies from four continents to takedown a ring of cybercriminals responsible for a series of business e-mail compromise schemes. According to the Department of Justice, the scams led to $14 million in phony wire transfers.

The exercise was called Operation Wire Wire and resulted in the seizure of $2.4M, 42 arrests across the United States, 29 in Nigeria, and three in Canada, Mauritius and Poland.

The FBI thanked the Nigerian Economic and Financial Crimes Commission, the Toronto Police Service, the Mauritian Attorney-General and the Commissioner of Police, Polish Police Central Bureau of Investigation, Indonesian National Police Cyber Crimes Unit, and the Royal Malaysia Police, for assisting them in the operation.

23 of the U.S. arrests were made in the state of Florida where individuals reportedly laundered roughly $10M from BEC scams. Another scam in Connecticut resulted in the loss of $2.6 million.

For one attack the FBI enlisted the help of the IRS’ Criminal Investigation unit. Those arrested – a pair of Nigerian nationals living in Texas – allegedly sent a real estate closing attorney an email asking for $246,000 be wired to their account. The victim lost $130,000 after the bank was notified of the fraud and froze $116,000.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature

US Government Takes Down PCCare247 Scammers


The US government set up a sting operation to gather evidence against a company called PCCare247 which was defrauding people.

The Scam

This is a variant on the classic windows support engineer scam.

A cold caller tells you your PC has a virus, offers to prove it then offers to fix it for several hundred dollars or equivalent  in the local currency.

This variant is that PCCare247 advertised heavily that they help people sort out PC issues, but when someone called then PCarre247 would find faults that didn’t exist and charge a lot of money to rectify the non existent problems.

The Sting

Agent  Sheryl Novick phoned PCCare247 . “I saw some sort of pop-up and I don’t know if there’s a problem,” she told a PCCare247 tech named Yakeen. He offered to check her computer for possible problems and he convinced her to download a piece of software that let him take control of her PC.

Yakeen ran Event Viewer on the PC – this always shows lots of errors but they are trivial and should be ignored.

“It has 30 errors,” he told her and that her PC had been hacked by someone who was committing cyber fraud using it and also that there was a virus on the PC.

Yakeen promised that he could “remove all the hackers, remove all the errors and the virus from the computer and recover all the data?” All Novick needed was $400.

Novick agreed to a lower price and provided her credit card.

Yakeen didn’t know that Novick was actually a Federal Trade Commission (FTC) investigator and she had recorded the entire encounter, which had been conducted using a clean PC located within an FTC lab.

PCCare247 used the cash from this scam to build more business, spending more than $1 million advertising accounts on Google. The money bought “sponsored search results” that appeared when users searched for terms, including “virus removal.”

The FTC obtained a restraining order (TRO) against PCCare247, which made it all but impossible to do business in the US. Most of the company’s cash had already been transferred to Indian banks, but the TRO did shut down the company’s domain name, local phone numbers, and credit card processing. New money would not be flowing.

Well done the FTC.