Nigerian Internet 419 on the Loose

Introduction  The general acceptable definition of Cyber-crime seems to agree on two key components; A) That it is Internet and Computer related. B) That it covers a broad scope of criminal activity. The Oxford Reference Online defines Cyber-crime as crime committed over the Internet. Cyber-crime is also refereed to as, "Computer crime." The Encyclopedia Britannica defines Computer crime as any crime that is committed by means of special knowledge or expert use of Computer technology.  The consensus is clear. These crimes have evolved from the advent of Internet and Computer technologies and the scope covers a large category of fraudulent criminal activities.





   Nigeria is entering the information technology age rather late in comparison to the Western world.  Access to Internet and Personal Computer technologies, started evolving in the late 1990's, and are currently beginning to witness accelerated growth.  With the growth of Computer technology in Nigerian business and personal life, so also is the increase in Computer based crimes originating from Nigerian, or aided by Nigerian citizens around the world. 





   This paper will adopt a working definition of Cyber-crime in Nigeria, as Internet and Computer aided criminal activity, originating from Nigerian Internet space, by Nigerians located in foreign Internet space or a collaboration of Nigerians locally and internationally.  The scope of these types of crime, are generally financial and economic crimes. In particular, 419 Email Fraud, Credit Card Fraud, and general fraudulent financial transactions.  Nigerian Specific Cyber-Crime Statistical ReviewTo assist in understanding Nigerian based Cyber-crime, a literature review of statistical facts needs to be articulated. Please note that several of the references used in this part of the presentation, are sources of International origin, the paper does not consider Cyber-crime data of Nigerian source as accurate, for the following reasons:Nigeria does not have a centralized government body that collects and publish Cyber-crime statistical report. Nigerian bodies such as the Central Bank, that publish reports on Internet based crimes, seems to hold a view, that represents the trend differently from the rest of the world.  For example, Joseph Sanusi, the current governor of the Central Bank, in a speech on anti-Money Laundering group in Lagos, on 3 June 2003, took a view  that stated, "when the technology was installed, an average of 150 complaints per day on 419 transactions were logged on the CBN's Web Site, following which information of the activities of the scam group and advice on what to do was given to the complainants.  The number has reduced to an average of 26 complaints of per day, as at the end of March 2003". (http://www.bis.org/review/r030606c.pdf)In a 1998 article by BBC News, titled, "Internet scam offers millions", Britain received approximately 50,000 scam letters. These letters came via the International Postal System.  The article specifically stated that "Over the last 10 years, Nigeria has been the principal base for such scam offers with more than 50,000 scam letters were read in Britain by the beginning of this year" (http://news.bbc.co.uk/1/hi/world/middle_east/228061.stm).  Several key Cyber-crime issues are important here: In the early part of the 1990's, International Advanced Fee Fraud originating from Nigeria to Britain was primarily received though the traditional Postal System. Given the cost of International Postal mailings, 50,000 mails is a significant number.  Granted, some of the 419 letters used fake stamps. Contrasting the above trend of traditional postal 419 operation, is a recent article by Reuters, published in July 2004. The article implied that 48% of global email was spam, costing organizations $2.5 million annually, the article further went to declare that, "Most of the nuisance mails were selling products, including financial services, 24 percent was pornography-related while 6 percent was fraud letters, such as a now well-known get-rich-quick scheme of mails purporting to be from Nigeria".(http://in.tech.yahoo.com/030715/137/260vv.html).  A reasonable implication of the volume of fraudulent email activity origination from Nigeria is the explosion of increase.  Nigeria now accounts for a significant proportion, of Email based Internet Cyber-crime.  This also indicates that with the increasing entry of Nigeria into the Internet sphere, so also is the increase of Cyber based crime.  The American Federal Bureau of Investigation, in its 2001 and 2002, Internet Fraud and Complaints Center report, issued rather alarming data, putting Nigeria at some of the forefront of certain types on Cyber-crime activity, "Nearly 43 percent of all reported Internet fraud comes from auction fraud, according to the Internet Fraud Complaint Center's annual data trends report. The IFCC, a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), today released an annual compilation of information on complaints received from victims and referred to law enforcement during its first full year of operation. Non-deliverable merchandise and non-payment accounted for 20.3 percent of complaints and Nigerian Letter fraud made up nearly 15.5 percent of complaints. Credit/debit card fraud and confidence fraud round out the top five categories of complaints referred to law enforcement during the year. Nigerian letter fraud ($5,575), identity theft ($3,000), and investment fraud ($1,000) complainants filed the highest median dollar losses"  (http://www.fbi.gov/pressrel/pressrel02/ifcc040902.htm).   The significant issue here are two critical points: Nigeria accounts for 15.5 percent of total reported Internet Crime activity to the American FBI, in 2002.Nigerian letter fraud accounts for the highest median loss. Overall, it appears that there is a now a significant presence of Nigerian based Cyber-crime activity that is global in nature, and accounting for a significant proportion of global financial loss. Tabular Depiction of Nigerian Cyber Crime Statistics  
Year Data and Source
1998   ·



   Britain received 50,000 Letterhttp://news.bbc.co.uk/1/hi/world/middle_east/228061.stm).  
2004(Reuters) ·



   48% of global email is Spam, ·



   6% is Nigerian Emailhttp://in.tech.yahoo.com/030715/137/260vv.html)  
2001and 2002 (FBI)·



   15.5 % of Internet Fraud report were Nigerian 419, ·



   Median Loss for 419 was  highest at  $5,575 http://www.fbi.gov/pressrel/pressrel02/ifcc040902.htm  
2003 (Verisign) ·



   Nigeria is 3rd in the world in the total Number of fraudulent, internet transactions, with 4.81% or world Internet fraud http://www.verisign.com/corporate/briefing 
2003 Verisign ·



   Nigerian Ranks #1, based on the rate of fraudulent activity as a result of total transaction http://www.verisign.com/corporate/briefing 
2003 Verisign ·



   There is a correlation between IP addresses of Countries involved in fraudulent activity, and other malicious internet traffic http://www.verisign.com/corporate/briefing 
2002American  National Fraud Information Center·



   Nigerian Money Offers 4% of total Internet fraud  http://www.fraud.org/2002intstats.htm 
2002American  National Fraud Information Center·



   Initial Contact for total Internet crime ·



   WWW = 94% ·



   Mail = 6%http://www.fraud.org/2002intstats.htm 
  
Year Data and Source
2000Hacking A former Computer science student pleaded guilty Thursday to going on a hacking spree against private and government targets, including the military and NASA. Ikenna Iffih, 20, who studied at Northeastern University, could have faced up to 20 years in prison, but under a plea agreement will serve no more than six months. Sentencing was set for October. Iffih, who was born in Nigeria, could also be deported. http://www.newsbits.net/2000/20000629.htm 
List of 419 Fake Bank Sites composed by Scamorama http://www.cu-bk.com/ (Credit Union Bank CI [Cote d'Ivoire] ) --> transferred to http://www.creditunionbankci.com/ http://www.sprintsecuritiesbv.com
http://www.lyonaise.com
http://www.firstpacific-fc.com/
http://www.primroseventures.8m.net/
Universal Securities BV (Netherlands)
CRUBANK CORPORATION OF BAHAMAS
Monarch International Bank
DBS Bank (fake?)
www.guaranteefinanceltd.com
www.drc-ng.com/ (impersonating the Central Bank of Nigeria)
BiaoBank
Kapital Securities
CrownSecuritiesBV.com
e-litebv.com
www.equitafinance.biz
http://www.alliedcharteredbanks.com/
www.swisscarribean.com
http://www.allstatestrustbank.com/ (apparently impersonating a real bankhttp://www.scamorama.com/bankscam.html  
October, 2003 Financial fraud is Nigeria's fifth-largest source of business income, according to published reports(Note: source of published reports not provided in article)http://Computercops.biz/article3439.html  
February 24 2003 A Czech pensioner who had been defrauded by a criminal gang operating the notorious Nigerian e-mail scam has been arrested on suspicion of shooting dead a Nigerian diplomat, according to reports. Michael Lekara Wayid, Nigeria's consol in the Czech Republic, was shot and killed at the Nigerian embassy in Prague on Wednesday, and an embassy clerk was also injuredhttp://www.asia.cnet.com/newstech/systems/0,39001153,39115781,00.htm  
1998 To circumvent the expense of mailing the letters, these criminal enterprises use counterfeit postage, costing the Nigerian Postal Service (NIPOST) hundreds of thousands of dollars each year in lost revenuehttp://www.usps.com/websites/depart/inspect/pressrel.htm  


Nigerian Based Cyber-Crime, What Is It? Initially, although very effective, most of the Cyber-crime activities originating from Nigeria seem to follow a pattern of technology use that was not highly sophisticated.  Most of the Cyber-crime activity took the form of direct 419 Email.  Where the 419 Operator, mails a 419 letter via Email and schemes to extort money.  According to an USA, States Department report, there can be several types of variations of this type of Internet based Advanced Fee Fraud, they include: A)

The transfer of money from over invoiced contracts. B)

  Contract Fraud, (C.O.D delivery of goods and service). C)

Conversion of Hard Currency (Hard money). D)

Sale of Crude oil at bellow market price. E)

  Purchase of Real Estate. F)

  Disbursement of Money from wills. G)

Threat scam. H)   Clearing House. Source: http://www.state.gov/www/regions/africa/naffpub.pdfInternet Based Auction: More recently, the sophistication of Nigerian based Cyber-crime is beginning to take more complex technological use forms. Nigerian based Internet Fraud has now spread to Internet Based Auction sites and into Internet based buying in general.  In another article by Ina Steiner  "According to investigators, the con artists target individuals selling merchandise over the Internet, specifically large-ticket items such as collector cars, motorcycles and boats. The buyer, who is from Africa, emails the seller to express an interest in the item and states that the method of payment will be a U.S. bank cashier's check." Fake financial institution Web Sites : In yet another article by the International Chamber of Commerce (ICC), fake financial institution Web Sites are now another variation of Nigerian based Cyber-crime.  The article pointed that, "ICC's Commercial Crime Services has warned investors to beware a new twist on the Nigerian 419 Advance Fee Fraud after a number of fictitious banking web sites were discovered to be falsely aligning themselves with respectable offshore financial institutions.  These fraudulent websites and unlicensed banking operations are attempting to cash in on a current cyber-phenomenon in which confidence tricksters pose as Nigerian politicians to solicit funds - or "advance fees" - for massive bank transfers which subsequently never happen"   Email harvesting Software: It seems that the technological capacity of Cyber-crime operators originating from Nigeria or collaborated by Nigerians abroad is on the increase. The criminals are now using, Email harvesting Software, and designing authentic looking Banking Web Sites.  What started as Postal letters, Faxes, evolved to Emails, has now taken the form of International Banking Web Site duplication. In addition, the increase in technological Cyber-crime capacity seems to correlate with an increase of Technological and Internet based Infrastructure in Nigeria.    Characteristically, the general view is that Nigerian Cyber-crime operators, seem to be more focused at Internet crimes that reap financial and economic gains directly.  Traditionally, Nigerian Cyber-crime activities appear to be only limited to money fraud Internet based crimes.  There are no substantiated reports of Nigerian based Internet hacking, or Nigerian manufactured Viruses and Trojans that have been released to the Internet currently.  However, as a note of caution, an article by Carolyn Duffy Marson, titled, "VeriSign correlates hacker, fraud activity", sheds some lights of possible correlation effects of Cyber-crime activities.  Verisign, a leading Internet Security firm, in the USA, seems to take a different view by stating, "What VeriSign has found is that the same IP addresses that are involved with viruses, worms and distributed denial-of-service attacks are also involved with online ID and credit card theft, VeriSign Chairman and CEO Stratton Sclavos says. Sclavos lists Nigeria, Romania, Russia, Estonia, Bulgaria and India as the countries where most of the Internet's dangerous traffic is originated."  What is not clear, in the Verisign statement, is the true characteristic of Nigerian specific Internet traffic and the relationship of the correlation to other forms of Internet crime, such as; viruses and worms. It is not impossible that the correlation is a result of proxy fraudulent traffic, re-routed via the Internet Infrastructure in Nigeria, because of a lapse in Internet Security at most of Nigerian Internet Infrastructure.   Nevertheless, the indication by Verisign Corporation raises another critical possibility.  The potential that; not only are Nigerians involved in Internet crime activity, but also that Nigeria, might have become the clearinghouse that International virus and Trojan hackers use to infect the larger Internet sphere.  In short, if the Verisign analysis is correct, Nigeria has also become the hub for launching malicious Internet attacks against International Information resources.   The Impact Of Cyber-Crime On Nigeria The impact of Cyber-crime on Nigerian citizenry, is already having detrimental impacts. Global anti corruption bodies, such as Transparency International   and the FATF, have listed Nigeria as one of the most corrupt countries in the world.  Private companies around the world are beginning to take steps geared at blocking email traffic originating from Nigeria.  Nigerian financial instruments are now accepted with extreme due diligence around the world.  Some International Banks have completely denied access to their Web Sites if the traffic originates from Nigeria.  It is becoming foreseeable, that Internet Crimes activities originating from Nigeria begins to have drastic economic and financial impact, International Banks often delay Nigerian Financial transactions, pending proper verification, and foreign investors often consider, Nigeria, as an unattractive market.   Another predictable outcome of the impact of these types of technological crimes is the way it might hinder technological development within Nigeria.  For one, Information technology relies on a high degree of Information accuracy and trust, with Internet information flow originating from Nigeria having criminal characteristics, the international information technology community may have no choice but to perceive the integrity of Nigerian Information flow as questionable.  Several private American Companies have blocked entire Internet network segment traffic originating from various parts of Nigeria.  In short, Nigeria is being black listed; our Internet access is becoming a leper.
 The Nigerian Cyber-crime Peer to Peer Model "Online criminal organization will tend to de-emphasize formal, hierarchical organizational structures. At the same time, it will emphasize a broader, lateral contextual structure. Online criminal organization has no reason to be circumscribed, in its membership or in its operations, by national, territorial boundaries or by cultural differences because cyber criminals, like all citizens of the cyberworld, share a culture that transcends national borders and context. So, as opposed to the localized, rigid, and often provincial hierarchical organizations that have so far characterized criminal groups, regional, or even global, coalitions will develop." [1]  In a 1996, USA Congressional Hearing on Intelligence and Security, Jonathan Winer, Deputy Assistant Secretary for International Narcotics and Law Enforcement Affairs, described Nigerian International Crime Enterprise as, "Our law enforcement agencies attest that Nigerian criminal enterprises are organized and active in at least 60 countries around the world. They are adaptable, polycrime organizations."[2] Specifically to Nigerian 419 criminal organizational structure, one sees a loose and informal constitution.  Nigerian Cyber criminals, largely consist of individuals or small lateral groups, involved in poly Advanced Fee Fraud activities.  They are generally not constituted of complex hierarchical structures.  For example, Nigerian Cyber Criminals are generally not multi-layered organizations; rather peer relationships of unemployed or other criminally motivated individuals.  For example; to commit Internet Auction fraud, an individual or small group, might get a copy of banking documents used to falsify the Internet Auction transaction from a peer relation working in a bank. The small group or individual might even have the victim call an authentic banking phone number. Another peer relation might validate the forged banking document, while positioned at an authentic bank.  These relationships are short term and temporary.  The effect of Nigerian peer relationship on the Internet, are like the, "swarming model" of Military Warfare described by John Arquilla and David Ronfeldt[3]. The Nigerian Cyber-cafe is being used as the, "omni directional" platform to defraud the Internet.  Peer relationships collaborating to commit Internet based Advanced Fee Fraud are attacking the Internet like independent ant colonies.  This is why we see, Nigeria, a Country of very low Internet Technological entry, committing a very large percentage of Internet crime.  In an Internet Fraud report prepared by the FBI and National White Color Crime Center, we see that, "Nigerian Letter fraud made up 15.5% of complaints. Credit/debit Card fraud and Confidence fraud (such as home improvement scams and multi-level marketing) round out the top five categories of complaints referred to law enforcement during the year"[4].  Thus, we see the informal structure of the Nigerian  crime Organization ,   transnational jurisdictional boundaries of the Internet,  and the ineffective Nigerian government policy to combat Cyber-crime activities,  creating  a very  conducive environment for the Nigerian Cyber criminals to operate. The peer-to-peer structure allows the criminals to propagate the crime in sparse criminal arrangements, the transnational jurisdiction of the Internet limits effective international prosecution, and a lack of effective Nigerian government policy,   all have contributed to creating a field day environment for thieves.  The Internet is becoming Nigerian Crime friendly.   Figure 1.0 (Swarming Model)[5]









   





   Diagram of West African Criminal Activities[6]















   Note:Diagram does not include money-laundering We will soon begin to see other forms of traditional Nigerian crime migrate to the Internet.  Not only is the use of the Internet capable of committing crimes such as unauthorized access to Internet based information, it is also used to commit crimes such as Money Laundering, Credit Card Fraud, prostitution, harassment, gambling, etc. Dr Peter Grabosky, of the Australian Institute of Criminology, attest to this fact by stating, "There is evidence of telecommunications equipment being used to facilitate organized drug trafficking, gambling, prostitution, money laundering, child pornography and trade in weapons (in those jurisdictions where such activities are illegal). The use of encryption technology may place criminal communications beyond the reach of law enforcement. The State of the Law on Cyberjurisdiction and Cyber-crime on the Internet"[7] Although these types of crimes might not yet be prevalent in the Nigerian Cyber-crime arena, we can begin to predict that it is coming.   As technological advances begin to reach Nigeria, we might begin to see Nigerian based Internet blackmail, prostitution, Internet aided illegal drug trafficking, and much more.  The Nigerian Internet traffic, might just become like the Nigerian passport, as the International community might be forced to implement cautionary technological measures to repel Nigerian Internet traffic.  [1] See, Brenner, S., W., Organized Cyber-crime?  How Cyberspace May Affect the Structure of CriminalRelationships, http://www.jolt.unc.edu/Vol4_I1/Web/Brenner-V4I1.htm. http://www.jolt.unc.edu/Vol4_I1/PDF/Brenner-V4I1.pdf[2] See, http://www.fas.org/irp/congress/1996_hr/h960911w.htm[3] See, http://www.sci.fi/~fta/swarming.htm[4] See, http://www.ifccfbi.gov/strategy/IFCC_2001_AnnualReport.pdf, Page 3.[5] See diagram at , http://www.sci.fi/~fta/swarming.htm[6] See, Http://www.iss.co.za/Pubs/ASR/10No4/Shaw.html, Mark Shaw, Research fellow at the South African Institute of International Affairs[7] See, http://www.aic.gov.au/conferences/transnational/grabosky.pdf, Page 4  BOOK PROMOTION To experience what it is like to be a victim of the Nigerian black currency "wash-wash" scam, read Brian Wizard's novel, Nigerian 419 Scam "Game Over!" To further your education on 419 scams, also read Brian Wizard's FREE, albeit promotional, 419 E-book, "Beware of the Reload!" Both stories are available at http://www.brianwizard.com.
Femi Oyesanya is a US-based IT Professional can be reached oyesanyaf@nigeriavillagesquare.com



1
Re: Nigerian Internet 419 on the Loose
Unknown posted on 08-10-2010, 23:46:42 PM
So are u ppl hacker or not
1
Please register before you can make new comment