Australian Cyber-Cops Target Romanian Scammers

Australian victims of online scammers are sending millions of dollars each month to criminal gangs in countries such Romania, Nigeria, Ghana, Malaysia and even the UK and US.

The scams take a wide variety of forms, including the manipulation of ATMs to expose account details of cash withdrawals, as well as creating fake profiles on dating sites to prey on vulnerable individuals. Even the infamous 419 advanced-fee fraud is still hooking significant numbers of victims Down Under.

"This is the most challenging aspect of crime in the history of policing and it's not going to change in the short term," said Detective Superintendent Brian Hay, who heads up the Queensland Police's Fraud and Corporate Crime Group.

Hay has become a familiar face on TV news over the past five years as his department has led a charge to educate the Aussie public and build closer ties with foreign police forces.

Speaking at the annual Australian Computer Emergency Response Team (AusCERT) conference last week, Hay revealed that Queensland Police, along with the Australian Federal Police (AFP), have inked an agreement with the Romanian Police Force to share information on suspects' tactics, and their victims, in order to make arrests and try and retrieve losses.

This builds on similar agreements that already exist with organisations such as the Nigerian Economic and Financial Crimes Commission (EFCC), which has been on-going since 2008 and has resulted in prosecutions and seen funds seized from Nigerian criminals returned to some of their victims.

Romanian scammers have been making headlines since late last year when it became clear that they had managed to steal around AU$30m from more than 30,000 Australian credit card accounts, using a sophisticated attack that exploited vulnerability in some point-of-sale terminals.

"There was a vulnerability in Australian point-of-sales systems, which was identified by that (Romanian) gang. There were upgrades to the point-of-sale terminals and that vulnerability was removed. It doesn't exist anymore," said Brad Marden, the AFP's National Coordinator for Cyber Crime Operations

Romanian Police Deputy Director Virgil Spiridon was invited to the AusCERT 2013 conference by the AFP, to report on progress made in tracking down the criminals.

"Unfortunately we have to recognise that Romanian criminals commit these kinds of crimes internationally - not only in Australia. Australia is a country they are interested in because they are looking for new markets," Spiridon said.

According to Hay, foreign criminals are exploiting Australians on a massive scale and the most effective way to fight back is to encourage cooperation.

"What we tend to see is the transnational crimes groups -- such as the Romanians -- come into this country and go from state to state, city to city, ripping off ATMs, cashing in that money and sending it overseas," continued Hay.

"The answer is a combined effort where law enforcement sits with academia, industry, policy makers and the cyber security community, to develop strategies that make a difference," he said.

The fight against online scammers has been ongoing for almost a decade for Hay, who said he first became aware of the problem when he came across a case where a self-employed man had driven his car off a cliff after losing all his money to Nigerian advanced fee fraud.

Hay initiated an investigation and looked at records of funds being sent to Nigeria from Australia.

"We contacted 139 people and asked them why they were sending money to Nigeria. 134 were victims and had lost in excess of AU$18.2m. Some had been sending money in excess of 10 years and not one had made a complaint to the police," Hay told delegates.

He said when the exercise was repeated three years later he discovered that for every dollar going to Nigeria; there was another AU$1.04 going to one of 41 different countries.

Hay introduced delegates to one victim of Nigerian scammers, identified only as Jill, and challenged the audience to accuse her of being greedy or stupid.

Jill said her scam started in September 2005 when she was contacted by someone pretending to be the Commissioner of Health in Nigeria, who was apparently looking for Australian companies to renovate some hospitals in Lagos. The potential profit in the deal was a cool $1m.

She described how after they had gained her trust, they kept saying the deal was being held up by government bureaucracy and expensive certificates or licences were required before the deal could be completed.

"There is always a certificate you have to pay for - it will cost you $26,000 or $18,000. The last certificate I 'needed' was a government tax in Ireland for $94,000," she told delegates.

At this point, Jill was suspicious and contacted the officials in Ireland, who clarified that no such tax existed.

"If you are connected to the internet and you speak English, you have a serious problem. Canada has a massive problem, as does the US and the UK," added Hay.


By Mun Kotadia


« Crowdsourcing- The Good, The Bad, And the Uglords


Overcoming the Enterprise Networking Challenge Through Smart Investments »


Do you think your smartphone is making you a workaholic?