Free E-Mail Scam Alert

There's a famous line in the movie Jerry McGuire where Tom Cruise's character says "Show me the Money!"  In online investigations, I prefer the line "Show me the Data!" This morning I was doing just that and found an interesting cluster of badness. Dr. Elizabeth Gardner at UAB leads our Forensic Sciences program in the Department of Criminal Justice.  She and I have partnered on many projects in the past by mixing our expertise.  She's a forensic drug chemist, and I chase bad guys on the Internet.  8-).  Our current project follows up on some of the work we shared with the BBC Click episode "Can Technology Solve the Opioid Crisis? " Last night we threw 586 Opioid and Fentanyl selling websites into our clustering-by-location program that Zack Knight (one of my student malware analysts) had developed for another project.  Our goal was to find clusters of drug-selling websites "in the same place" and then use other tools to explo

Earlier this week I was chatting with one of the top experts on Russian Cybercrime (who has asked to remain anonymous here).  We were discussing the news that was released on 24MAR2020 that the FSB had raided 62 addresses in 11 regions of Russia arresting cybercriminals for their involvement in the online sales of stolen credit cards. There are some GREAT videos of the FSB in action ... this first one from Gazeta.ru Click image to play According to the Gazeta articles, the FSB arrested 30 members of an online hacking group, including programmers from Ukraine and Lithuania.  Twenty-five were charged with "Illegal circulation of a means of payment," which in Russia is a violation of Section 2 of Article 187.  Region15.ru adds that the raids were conducted at 62 different addresses, including operations in Crimea, North Ossetia, Kaluga, Leningrad, Moscow, Pskov, Samara and Tambov, Moscow, St. Petersburg, and Sevastopol. A second video from Kuban.kp.ru shows

For years I have been encouraging people to report their instances of Cybercrime to the FBI's Internet Crime & Complaint Center, IC3.gov.  Based on the number of reports, people are finally doing just that.  The growth in reporting over the last two years is remarkable -- driven in part by the desperation people are facing regarding two major cybercrime trends:  Ransomware and Business Email Compromise.  State and local authorities seem powerless to do anything about either of these, so finally they are encouraging (and in many cases helping) to get these crimes reported to the IC3, where we can use pattern matching to identify trends that reveal top criminals. ic3.gov annual report Comparing 2015 to 2019, cybercrime reports are up 61% ... with 467,361 complaints received just in calendar 2019.  An average of 1280 complaints per day!  But while the NUMBER of complaints has gone up by 61%, the dollars lost in those complaints has more than tripled!  While Ransomware

The darkweb child sexual exploitation video site, "Welcome to Video", first came onto Law Enforcement's attention as a result of a case in the UK, where a geophysicist Matthew Falder was arrested.  When the National Crime Agency was looking into his hard drive, they found he had been a member of "Welcome to Video" which at the time used the  dark  web address mt3plrzdiyqf6jim .onion.  Anyone visiting that website recently would have seen this banner instead: Law enforcement actually got the website through a silly webmaster error.  One of the webpages on the website linked some of its component files by the server's IP address instead of its onion URL address.  The IP address, 121.185.153.45, was a Korea Telecom address.  They got the owner's address details and were able to confirm his identity. After establishing undercover addresses, searches on the website for some common child sexual exploitation searches, and received indications that there

Operation: ReWired announced on September 10, 2019 On September 10, 2019, the Department of Justice announced that 281 arrests related to Business Email Compromise had been made, with 74 of those arrested being in the United States.  It will take some time to track down the names of all of those arrested, as many of the arrests were overseas.  Twenty-three US Attorneys Offices participated in the Operation, although only five sets of arrests were discussed in the Department of Justice Press Release about Operation ReWired .  While we work to obtain the rest of the information, we'll go ahead and share some details from those already made public in the Press Release. Chicago Business Email Compromise: Stokes & Ninalowo defraud Energy Company and Community College of Millions  The first case involves two major BEC scams that followed the same mold.  The FBI says that an "un-named Community College" with about 15,000 students was doing business with a constr