Published: July 09, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
We’re always hearing about cybercrimes of all kinds, with some more devastating than others. But make no mistake, the countless victims worldwide would agree all these crimes are painful in their own way. As cybercrime history shows, catching the bad guys isn’t easy, and justice for the hackers behind these crimes is a rare event – but not today! Below are some of the investigation results thanks to national and international law agencies and their combined efforts.
Thanks to law enforcement efforts by the FBI and the Naval Criminal Investigative Service (NCIS), former U.S. Marine, Johao Chavarri, 25 was arrested and charged with sextortion crimes during 2019-2021, while on active duty. According to the Department of Justice, Chavarri pleaded guilty to three online sexual harassment and blackmail charges. Also considered cyberstalking of his female victims, the ex-Marine faces up to five years for each of the three charges. He’s awaiting sentencing this Fall by a federal district court judge.
Chavarri convinced his victims to send explicit pictures and videos of themselves to him online. When the women stopped doing so, serious threats toward them began. According to the DOJ, “Chavarri threatened his victims and their friends and family that he would ruin their lives.”
How to avoid becoming a victim: Make sure you know who you’re communicating with on the other end of the phone or text message or in any virtual environment. While it’s never a good idea to send explicit photos or videos online, it’s always a good idea to get to know the person on the other end of the line. Never send money or financial information to someone you haven’t met in person.
The FBI and DOJ, Netherlands, and Belgium authorities shut down several illegal websites including weleakinfo, IpStress, and OVHBooter. The charges were for selling stolen personal information on websites.
Website weleakinfo was shut down in the U.S. for selling stolen personal information (PII) for use in further cyberattacks. Seven billion hacked records were found for sale on the website, stolen from over 10,000 data breaches. The hijacked PII included names, passwords, email addresses, and phone numbers, all for sale on the website, with the option to subscribe to the illegal service. Two other websites linked to weleakinfo, IpStress and OVHBooter, were also shut down and arrests made by authorities in the Netherlands and Belgium as part of the FBI’s investigation.
How to avoid becoming a victim: Work closely with your payment card companies and report any stolen numbers and any potential fraudulent charges. If your password has been stolen, change it immediately and use strong passwords, as well as multifactor authentication whenever possible.
Nigerian authorities and law enforcement in 11 countries arrested and charged three Nigerian nationals. They were using the infamous Agent Tesla malware for Business Email Compromise (BEC) attacks throughout Southeast Asia. Arrests were made in Nigeria, with one perpetrator found guilty of three counts of financial fraud. The remaining two offenders are currently on trial.
BEC attacks in general cost businesses in the U.S. $1.8 billion in 2020. The international operation in this case, dubbed “Killer Bee,” included collaboration between Interpol and law enforcement agencies in 11 countries.
How to avoid becoming a victim: Ensure antivirus is on all devices and is kept updated. Avoid clicking links and attachments in email messages, especially if you are not expecting them or you aren’t sure who sent them. Verify financial transactions with the requestor or have multiple checks before performing them; even if the requestor is the CEO.
The Dutch Police and law enforcement in 11 countries is involved in and ongoing investigation to identify individuals involved in using a strain of FluBot malware for internet crimes.
FluBot, the longtime foe of Android smartphones everywhere, had a strain interrupted. Earlier this year, the Dutch Police announced the infrastructure takedown of the FluBot strain, making it inactive and no longer a threat to Android smartphones. FluBot is one of the fastest spreading mobile malware. It uses SMS texts to steal passwords and other PII from the victim and their contacts stored on their phone to spread.
How to avoid becoming a victim: Ensure antivirus is on all devices and is kept updated. Avoid clicking links and attachments in email messages, especially if you are not expecting them or you aren’t sure who sent them.
In a collaboration between Nigerian authorities and private sector, Interpol Africa, partnership with cybersecurity firms Group-IB, Unit 42, and Trend Micro, an unnamed mastermind behind international cybercrime ring was charged with mass phishing and social engineering campaigns targeting businesses and private individuals.
Dubbed Operation “Delilah,” the international effort spanned four continents and lasted one year. A spokesperson for Interpol and the Nigerian Police Force says, “The arrest is testament to the perseverance of our international coalition of law enforcement and private-sector partners in combating cybercrime…”
The spokesperson added “I hope the results of Operation Delilah will stand as a reminder to cybercriminals across the world that law enforcement will continue to pursue them, and that this arrest will bring comfort to victims of the suspect’s alleged campaigns…”
How to avoid becoming a victim: Again, ensure antivirus is on all devices and is kept updated. Avoid clicking links and attachments in email messages, especially if you are not expecting them or you aren’t sure who sent them. Because social engineering is not always from afar, make sure visitors to the office are always escorted, they have signed in and out, and you have verified their need to be in your facility.
It’s clear the continued cooperation between local and international agencies is key to catching cybercriminals. And as the above cases show, it works.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com