ONLINE SCAMMERS REQUIRE PAYMENT VIA MUSIC APPLICATION GIFT CARDS

Complaints filed with Internet Crime Complaint Center (IC3) from 2017 show online scammers are asking victims to pay fraudulent fees using music application gift cards as part of multiple fraud schemes. These schemes include auction frauds, employment/opportunity scams, grandparent scams, loan frauds, romance scams, ransomware, tax frauds, and various other online schemes.

In this scam involving music application gift cards, the perpetrator directs the victim to a specific retailer to obtain music application gift cards of varying amounts. Once the victim has purchased the gift cards, the perpetrator directs the victim to reveal the numbers on the back of the cards and provide them to the perpetrator via telephone, email, text, or a designated website. Once the perpetrator obtains the music application gift card data, the perpetrator either continues to request additional funds through more gift card purchases or ceases all communication with the victim.

The financial impact to victims can range from hundreds to thousands of dollars. IC3 victim complaint data from January through June 2017 involving music application gift cards indicate that these scams have impacted hundreds of victims with reported losses exceeding $6 million.

This scam is also associated with other fraud scams involving victims having won a prize, needing to pay a tax debt, having qualified for a loan, or that a friend or relative is in trouble and needs a payment via music application or other prepaid gift card to assist.

GENERAL ONLINE PROTECTION TIPS

  • Recognize the attempt to perpetrate a scam and cease all communication with the perpetrator.
  • Research the subject’s contact information online (e.g., email address, phone number); other individuals have likely posted about the scam online.
  • Resist the pressure to act quickly. The perpetrator creates a sense of urgency to produce fear and lure the victim into immediate action.
  • Never give unknown or unverified persons any personally identifiable information (PII).
  • Ensure all computer antivirus and security software and malware protection are up to date.
  • If you receive a pop-up or locked screen, shut down the affected device immediately.
  • Should a perpetrator gain access to a device or an account, take precautions to protect your identity. Immediately contact your financial institution(s) to place protection on your account(s), and monitor your account(s) and personal information for suspicious activity.
  • Always use antivirus software and a firewall. It is important to obtain and use antivirus software and firewalls from reputable companies. It is also important to maintain both of these through automatic update settings.
  • Enable pop-up blockers. Pop-ups are regularly used by perpetrators of online scams to spread malicious software. To avoid accidental clicks on or within the pop-up, it is best to try to prevent them in the first place.
  • Be skeptical. Do not clickon any emails or attachments you do not recognize, and avoid suspicious websites.

If you receive a pop-up or message alerting you to an infection, immediately disconnect from the Internet to avoid any additional infections or data loss. Alert your local FBI field office and file a complaint at http://www.ic3.gov.
FILING A COMPLAINT
Individuals who believe they may be a victim of an online scam (regardless of dollar amount) can file a complaint with the IC3 at http://www.ic3.gov.

In reporting online scams, be as descriptive as possible in the complaint by including:

  • Name of the subject and company.
  • Email addresses and phone numbers used by the subject.
  • Web sites used by the subject company.
  • Account names and numbers, and financial institutions that received any funds (e.g., wire transfers, prepaid card payments).
    Description of interaction with the subject.
  • Complainants are also encouraged to keep original documentation, emails, faxes, and logs of all communications.

To view previously released PSAs and scam alerts, visit the IC3 Press Room at http://www.ic3.gov/media/default.aspx.

Alert Number

I-080117-PSA

Questions regarding this PSA should be directed to your local FBI Field Office.

Local Field Office Locations: www.fbi.gov/contact-us/field

Crime Ring Recruited Short-Term Visa Holders

 

International Fraud
Crime Ring Recruited Short-Term Visa Holders

 

10/25/13

 

The recruitment pitch to students on short-term visas must have seemed irresistible: give us your good name and some help in our fraud scheme, and we’ll put money—potentially thousands of dollars—in your wallet before your return trip home.

 

In charges unsealed late last month in San Diego, FBI agents and their law enforcement partners named dozens of young visa holders from former Soviet-bloc countries who took the bait and became willing co-conspirators in a range of elaborate fraud schemes. In four separate indictments, a federal grand jury laid bare how a Los Angeles-based Armenian crime ring ran scams in L.A. and San Diego that relied on a steady tide of accomplices whose time was short in the U.S. While the crimes themselves were not especially novel—identity theft, bank fraud, tax fraud—the explicit recruitment of co-conspirators with expiring visas was a twist.

 

“The J-1 visa holders are a commodity in these cases,” said Special Agent Davene Butler, who works in our San Diego Division. She described how a few masterminds enlisted young accomplices to do much of the legwork in their fraud schemes—opening bank accounts and securing apartments and post office boxes to route proceeds from bogus tax returns, for example. By the time a scam came to light, the “foot soldiers” holding J-1 and F-1 visas—which allow foreigners to study and travel in the U.S. for brief periods—would be long gone. “They were essential in the schemes,” Butler said.

 

The charges announced on September 26 named 55 individuals and followed a two-year investigation led by the San Diego FBI, local authorities, and the IRS, which paid out more than $7 million in bogus tax refunds. About half of those charged were arrested last month in a nationwide sweep, but more than 25 remain at large, including 24 who are believed to have left the country. The FBI is asking for the public’s help locating some of the suspects, including one of the crime ring’s main architects, Hovhannes Harutyunyan, 34, an Armenian whose last known address was in Burbank, California.

 

The charges show four primary schemes. Here’s how they worked:

 

  • Using stolen identities, the crime ring filed about 2,000 fraudulent tax returns claiming more than $20 million in refunds. J-1 students obtained addresses and bank accounts for the fraudulent refunds to be sent.
  • Conspirators set up bank accounts and began writing checks back and forth to create a good transaction history, which banks rewarded by shortening or eliminating holds on deposited checks. Then the so-called “seed” accounts wrote bad checks to 60 “bust-out” accounts, which paid out more than $680,000.
  • Conspirators obtained personal information about the identities and accounts of wealthy bank customers and disguised themselves as the account holders. They practiced forging documents and impersonating the account holders, and succeeded in obtaining $551,842. They laundered the money by purchasing gold with the stolen funds.
  • Conspirators obtained pre-paid debit cards in the names of identity theft victims and opened bank accounts in the names of visa holders who sold their account information before leaving the U.S. They then filed more than 400 fraudulent tax returns seeking more than $3 million.

 

“This investigation involved multiple complex fraudulent schemes resulting in significant losses to financial institutions and American taxpayers,” said San Diego FBI Special Agent in Charge Daphne Hearn.

 

Agent Butler said the charges and arrests send a message that these schemes are not without consequences. Those who have already fled won’t find it easy to get back to the U.S. “And they won’t be able to tell their friends that they can come to the U.S., commit fraud, get some quick cash, and that nothing will happen to them,” she said.

 

If you have any information about these cases, please contact the FBI at (858) 320-1800 or online at tips.fbi.gov.

Resource:

 

Courtroom for Sale Judge Gets Jail Time in Racketeering Case

Judge’s gavel over cash

Courtroom for Sale
Judge Gets Jail Time in Racketeering Case

09/19/13

In a case that exposed widespread corruption in a South Texas county’s judicial system—reaching all the way to the district attorney’s office—a former state judge was recently sentenced to six years in prison for taking bribes and kickbacks in return for favorable rulings from his bench.

Abel Limas, 59, a lifelong resident of Brownsville, Texas, served as a police officer and practiced law before becoming a state judge in Cameron County in 2001. He served eight years on the bench, during which time he turned his courtroom into a criminal enterprise to line his own pockets.

“The depth of the corruption was shocking,” said Mark Gripka, a special agent in our San Antonio Division who was part of the team that investigated the case. “What was more shocking was how cheaply Judge Limas sold his courtroom—$300 here, $500 there—in return for a favorable ruling.”

There was plenty of big money involved as well. Limas received more than $250,000 in bribes and kickbacks while he was on the bench. He took money from attorneys with civil cases pending in his court in return for favorable pre-trial rulings, most notably in a case involving a Texas helicopter crash that was later settled for $14 million. Referring to an $8,000 payment Limas received in that case, our investigators listened on the telephone as he described the cash to an accomplice as eight golf balls. “Their code language didn’t fool anybody,” Gripka said.

Evidence also showed that Limas made a deal with the attorneys in the helicopter crash case to become an “of counsel” attorney with the firm. He was promised an advance of $100,000 and 10 percent of the settlement—all while the case was still pending in his court.

 

Over a 14-month period beginning in November 2007, investigators used court-authorized wiretaps to listen to the judge’s phone calls. “That’s when we really learned the scope of what he was doing,” Gripka explained. The judge’s nearly $100,000 annual salary was not enough to support his lifestyle, which included regular gambling trips to Las Vegas.

In 2010, when Limas was faced with the overwhelming evidence against him, he began to cooperate in a wider public corruption investigation—and our agents learned that the Cameron County district attorney at the time, Armando Villalobos, was also corrupt. The investigation showed, among other criminal activities, that Villalobos accepted $80,000 in cash in exchange for taking actions that allowed a convicted murderer to be released for 60 days without bond prior to reporting to prison. The murderer failed to report to prison and remains a fugitive.

Limas pled guilty to racketeering in 2011. By that time, he had helped authorities uncover wide-ranging corruption in the Cameron County judicial system. To date, 10 other defendants have been convicted by a jury or pled guilty as part of the FBI’s six-year investigation, including a former Texas state representative, three attorneys, a former investigator for the district attorney’s office, and Villalobos, who is scheduled to be sentenced next month on racketeering, extortion, and bribery charges.

“During the course of this investigation, we interviewed over 800 people, including many local attorneys in Cameron County,” Gripka said. “We hope this case shows everyone that the government will not tolerate officials who violate the public trust. Fighting public corruption is a priority for the FBI,” he added, “and it is something we take very seriously.”

Resources
Press release

Extortion Scam Related to Delinquent Payday Loans

Washington, D.C. December 07, 2010

FBI National Press Office (202) 324-3691

The Internet Crime Complaint Center have received many complaints from victims of payday loan telephone collection scams. Callers IC3claim the victim is delinquent in a payday loan and must repay the loan to avoid legal consequences. The callers purport to be representatives of the FBI, Federal Legislative Department, various law firms, or other legitimate-sounding agencies. They claim to be collecting debts for companies such as United Cash Advance, U.S. Cash Advance, U.S. Cash Net, and other Internet check-cashing services.

According to complaints received from the public, the callers have accurate data about victims, including Social Security numbers, dates of birth, addresses, employer information, bank account numbers, and the names and telephone numbers of relatives and friends. How the fraudsters obtained the personal information varies, but in some cases victims have reported they completed online applications for other loans or credit cards before the calls started.

The fraudsters relentlessly call the victim’s home, cell phone, and place of employment. They refuse to provide any details about the alleged payday loans and become abusive when questioned. The callers have threatened victims with legal actions, arrests, and, in some cases, physical violence if they do not pay. In many cases, the callers harass victims’ relatives, friends, and employers.

Some fraudsters have instructed victims to fax a statement agreeing to pay a certain amount, on a specific date, via a pre-paid Visa card. The statement further declares the victim will never dispute the debt.

If you receive these calls, do not follow the caller’s instructions. Rather, you should:

Notify your banking institutions.
Contact the three major credit bureaus and request an alert be put on your file.
Contact your local law enforcement agencies if you feel you are in immediate danger.
File a complaint at http://www.IC3.gov.

Tips to avoid becoming a victim of this scam:

Never give your Social Security number—or personal information of any kind—over the telephone or online unless you initiate the contact.
Be suspicious of any e-mail with urgent requests for personal financial information. The e-mail may include upsetting or exciting but false statements to get you to react immediately.
Avoid filling out forms in e-mail messages that request personal information.
Ensure that your browser is up-to-date and security patches have been applied.
Check your bank, credit, and debit card statements regularly to make sure that there are no unauthorized transactions. If anything looks suspicious, contact your bank and all card issuers.
When you contact companies, use numbers provided on the back of cards or statements

http://www.fbi.gov/news/pressrel/press-releases/paydayloanscam_120710

Feds Indicated 5 For Data Breach Conspiracy

The US Attorney in New Jersey announced the indicated of five (5) individuals involve in major bank heists and data breaches against US Companies. These individuals appears to be Russians and Ukrainian nationals with the help of Albert “Soupnazi” Gonzalez, the ring leader. The press release is below.

___________________

FOR IMMEDIATE RELEASE
July 25, 2013

 Hackers Targeted Major Payment Processors, Retailers and Financial Institutions Around the World

NEWARK, N.J. – A federal indictment made public today in New Jersey charges five men with conspiring in a worldwide hacking and data breach scheme that targeted major corporate networks, stole more than 160 million credit card numbers, resulted in hundreds of millions of dollars in losses and is the largest such scheme ever prosecuted in the United States.

New Jersey U.S. Attorney Paul J. Fishman announced the charges today along with Special Agent in Charge James Mottola of the U.S. Secret Service (USSS), Criminal Investigations, Newark Division and Acting Assistant Attorney General for the Department of Justice’s Criminal Division Mythili Raman. The USSS led the investigation of the indicted conspiracy.

The defendants allegedly sought corporate victims engaged in financial transactions, retailers that received and transmitted financial data and other institutions with information they could exploit for profit. The defendants are charged with attacks on NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. It is not alleged that the NASDAQ hack affected its trading platform.

“This type of crime is the cutting edge,” U.S. Attorney Fishman said. “Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security.  And this case shows there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day.  We cannot be too vigilant and we cannot be too careful.”

“The defendants charged today were allegedly responsible for spearheading a world-wide hacking conspiracy that victimized a wide array of consumers and entities, causing hundreds of millions of dollars in losses,” Acting Assistant Attorney General Raman said. “Despite substantial efforts by the defendants to conceal their alleged crimes, the Department and its law enforcement counterparts have cracked this extensive scheme and are seeking justice for its many victims.  Today’s indictment will no doubt serve as a serious warning to those who would utilize illegal and fraudulent means to steal sensitive information online.”

“As is evident by this indictment, the Secret Service will continue to apply innovative techniques to successfully investigate and arrest transnational cyber criminals,” said Special Agent in Charge Mottola of the Newark Field Office. “While the global nature of cyber-crime continues to have a profound impact on our financial institutions, this case demonstrates the global investigative steps that U.S. Secret Service Special Agents are taking to ensure that criminals will be pursued and prosecuted no matter where they reside.”

According to the second superseding indictment unsealed today in Newark federal court and other court filings:

The five men each served particular roles in the scheme. Vladimir Drinkman, 32, of Syktyykar and Moscow, Russia, and Alexandr Kalinin, 26, of St. Petersburg, Russia, each specialized in penetrating network security and gaining access to the corporate victims’ systems. Roman Kotov, 32, of Moscow, also a hacker, specialized in mining the networks Drinkman and Kalinin compromised to steal valuable data. The hackers hid their activities using anonymous web-hosting services provided by Mikhail Rytikov, 26, of Odessa, Ukraine.  Dmitriy Smilianets, 29, of Moscow, sold the information stolen by the other conspirators and distributed the proceeds of the scheme to the participants.

Kalinin and Drinkman were previously charged in New Jersey as “Hacker 1” and “Hacker 2” in a 2009 indictment charging Albert Gonzalez, 32, of Miami, in connection with five corporate data breaches – including the breach of Heartland Payment Systems Inc., which at the time was the largest ever reported. Gonzalez is currently serving 20 years in federal prison for those offenses. The U.S. Attorney’s Office for the Southern District of New York today announced two additional indictments against Kalinin: one charges him in connection with hacking certain computer servers used by NASDAQ and a second indictment, unsealed today, charged Kalinin and another Russian hacker, Nikolay Nasenkov, with an international scheme to steal bank account information by hacking U.S.-based financial institutions.  Rytikov was previously charged in the Eastern District of Virginia with an unrelated scheme. Kotov and Smilianets have not previously been charged publicly in the United States.

Drinkman and Smilianets were arrested at the request of the United States while traveling in the Netherlands on June 28, 2012. Smilianets was extradited Sept. 7, 2012, and remains in federal custody. He will appear in District of New Jersey federal court to be arraigned on the superseding indictment on a date to be determined. Drinkman is in custody in the Netherlands pending an extradition hearing. Kalinin, Kotov and Rytikov remain at large. All of the defendants are Russian nationals except for Rytikov, who is a citizen of Ukraine.

The Attacks

The five defendants conspired with others to penetrate the computer networks of several of the largest payment processing companies, retailers and financial institutions in the world, stealing the personal identifying information of individuals. They took user names and passwords, means of identification, credit and debit card numbers and other corresponding personal identification information of cardholders. Conservatively, the conspirators unlawfully acquired more than 160 million card numbers through hacking.

The initial entry was often gained using a “SQL injection attack.” SQL, or Structured Query Language, is a type of programing language designed to manage data held in particular types of databases; the hackers identified vulnerabilities in SQL databases and used those vulnerabilities to infiltrate a computer network. Once the network was infiltrated, the defendants placed malicious code, or malware, on the system. This malware created a “back door,” leaving the system vulnerable and helping the defendants maintain access to the network.  In some cases, the defendants lost access to the system due to companies’ security efforts, but were able to regain access through persistent attacks.

Instant message chats obtained by law enforcement reveal the defendants often targeted the victim companies for many months, waiting patiently as their efforts to bypass security were underway. The defendants had malware implanted in multiple companies’ servers for more than a year.

The defendants used their access to the networks to install “sniffers,” which were programs designed to identify, collect and steal data from the victims’ computer networks. The defendants then used an array of computers located around the world to store the stolen data and ultimately sell it to others.

Selling the Data

After acquiring the card numbers and associated data – which they referred to as “dumps” – the conspirators sold it to resellers around the world. The buyers then sold the dumps through online forums or directly to individuals and organizations. Smilianets was in charge of sales, vending the data only to trusted identity theft wholesalers. He would charge approximately $10 for each stolen American credit card number and associated data, approximately $50 for each European credit card number and associated data and approximately $15 for each Canadian credit card number and associated data – offering discounted pricing to bulk and repeat customers. Ultimately, the end users encoded each dump onto the magnetic strip of a blank plastic card and cashed out the value of the dump by either withdrawing money from ATMs or making purchases with the cards.

Covering Their Tracks

The defendants used a number of methods to conceal the scheme. Unlike traditional Internet service providers, Rytikov allowed his clients to hack with the knowledge he would never keep records of their online activities or share information with law enforcement.

Over the course of the conspiracy, the defendants communicated through private and encrypted communications channels to avoid detection. Fearing law enforcement would intercept even those communications, some of the conspirators attempted to meet in person.

To protect against detection by the victim companies, the defendants altered the settings on victim company networks to disable security mechanisms from logging their actions. The defendants also worked to evade existing protections by security software.

*          *          *

As a result of the scheme, financial institutions, credit card companies and consumers suffered hundreds of millions in losses – including more than $300 million in losses reported by just three of the corporate victims – and immeasurable losses to the identity theft victims in costs associated with stolen identities and false charges.

The maximum potential penalties for each defendant per count are as follows:

Count(s) Defendants Violation Maximum Penalty/Count
1 All Conspiracy to gain unauthorized access to computers 5 years; $250,000 fine or twice the gain or loss from the offense
2 All Conspiracy to commit wire fraud 30 years; $1 million fine or twice the gain or loss from the offense
3-8 Drinkman
Kalinin
Kotov
Smilianets
Unauthorized access to computers 5 years; $250,000 fine or twice the gain or loss from the offense
9-11 Drinkman
Kalinin
Kotov
Smilianets
Wire fraud 30 years; $1 million fine or twice the gain or loss from the offense

U.S. Attorney Fishman credited the special agents of the U.S. Secret Service, Criminal Investigations, under the direction of Director Pierson, and special agents from the Newark Division, under the direction of Special Agent in Charge James Mottola, for the ongoing investigation leading to today’s charges.

The government is represented by Erez Liebermann, Deputy Chief of the New Jersey U.S. Attorney’s Office Criminal Division; Assistant U.S. Attorney Gurbir Grewal of the Computer Hacking and Intellectual Property Section of the Office’s Economic Crimes Unit; and Trial Attorney James Silver of the Department of Justice’s Computer Crime and Intellectual Property Section in Washington.

U.S. Attorney Fishman thanked the Department’s Office of International Affairs in Washington for their extraordinary support, as well as public prosecutors with the Dutch Ministry of Security and Justice and the National High Tech Crime Unit of the Dutch National Police. Fishman also acknowledged the U.S. Attorney’s Offices in the District of Kansas and the Northern District of Georgia for their valuable contributions in the development of the prosecution.

The charges and allegations contained in the indictment are merely accusations and the defendants are considered innocent unless and until proven guilty.

13-310

Defense counsel:

Vladimir Drinkman: Bart Stapert Esq., Amsterdam, Netherlands (for Netherlands-based proceedings)
Dmitriy Smilianets: Bruce Provda Esq., Queens, N.Y.

Drinkman, Vladimir Et Al., Indictment

WEBSITES POSTING MUG SHOTS AND EXTORTION

The IC3 has received hundreds of complaints from individuals claiming they located IC3their mug shots on 20 different websites, all of which allegedly use similar business practices. Some victims reported they were juveniles at the time of the arrests and their records were sealed. Therefore, their information should not be available to the public. Others stated the information posted on the sites was either incorrect or blatantly false.

Complainants who requested to have their mug shot removed, had to provide a copy of their driver’s license, court record and other personal identifying information. However, providing such information puts those at risk for identify theft.

Complainants were also subject to paying a fee to have their mug shot removed. Although they paid the fee, some of the mug shots were not removed. If they were removed, the mug shots appeared on similar websites.

If the victim threatened to report the websites for unlawful practice, the websites’ owners threatened to escalate the damaging information against the victim.

TECH SUPPORT CALLS PURPORTEDLY FROM A WIRE TRANSFER COMPANY

The IC3 has recently received complaints from businesses regardingIC3telephone calls from individuals claiming to be with a wire transfer company’s tech support. One complainant reported that the wire transfer company’s name was displayed on their caller ID. The callers instructed the victims to go to a particular website to run an application which allows the caller to remotely access the victim’s computer.

Once remote access was established, the victims were instructed to open their wire transfer program and log-in to their accounts, so the callers could update the system. The victims were then told to turn off their monitors, to avoid interference with the update.

The victims later discovered the subjects made wire transfers to NetSpend accounts. One victim noticed something downloading onto his computer once the caller gained remote access. This made the victim suspicious, so he turned off his computer. Later, he discovered the caller had loaded $950 on a prepaid credit card from the victim’s account.

Another victim reported money transfers were made to various states and individuals, but the caller reassured the victim that no transfers were actually being processed. No other details were provided.

ATTACKERS USE SKYPE, OTHER IM APPS TO SPREAD LIFTOH TROJAN

SC Magazine featured the following article on June 1, 2013IC3

Users receiving shortened URLs in Skype instant messages, or similar IM platforms, should be wary of a new trojan, called Liftoh.

So far, it has primarily infected users in Latin America, said Rodrigo Calvo, a researcher at Symantec.

When targeted, victims receive a message in Spanish containing a shortened URL. The messages appear as if they are coming from someone on the user’s Skype contact list who is linking to a photo. If clicked, the link redirects users to 4shared.com, which is hosting a URL, which initiates a weaponized zip file containing Liftoh. The trojan is capable of downloading additional malware.

The malicious URLs have been clicked on more than 170,000 times, according to Symantec.

Cyber Criminals Continue to Use Spear-Phishing Attacks to Compromise Computer Networks

06/25/13—

The FBI has seen an increase in criminals who use spear-phishing attacks to target multiple industry sectors. These attacks allow criminals to access private computer networks. They exploit that access to create fake identities, steal intellectual property, and compromise financial credentials to steal money from victims’ accounts.

In spear-phishing attacks, cyber criminals target victims because of their involvement in an industry or organization they wish to compromise. Often, the e-mails contain accurate information about victims obtained via a previous intrusion or from data posted on social networking sites, blogs, or other websites. This information adds a veneer of legitimacy to the message, increasing the chances the victims will open the e-mail and respond as directed.

Recent attacks have convinced victims that software or credentials they use to access specific websites needs to be updated. The e-mail contains a link for completing the update. If victims click the link, they are taken to a fraudulent website through which malicious software (malware) harvests details such as the victim’s usernames and passwords, bank account details, credit card numbers, and other personal information. The criminals can also gain access to private networks and cause disruptions or steal intellectual property and trade secrets.

To avoid becoming a victim, keep in mind that online businesses, including banks and merchants, typically will not ask for personal information, such as usernames and passwords, via e-mail. When in doubt either call the company directly or open your computer’s Internet browser and type the known website’s address. Don’t use the telephone number contained in the e-mail, which is likely to be fraudulent as well.

In general, avoid following links sent in e-mails, especially when the sender is someone you do not know or appears to be from a business advising that your account information needs updated.

Keep your computer’s anti-virus software and firewalls updated. Many of the latest browsers have a built-in phishing filter that should be enabled for additional protection.

If you believe you may have fallen victim to a spear-phishing attack, file a complaint with the FBI’s Internet Crime Complaint Center at www.ic3.gov/.

Nine Sentenced For Illegally Distributing Controlled Substances Over The Internet

The Internet
FOR IMMEDIATE RELEASE
March 27, 2013

SAN FRANCISCO – Nine defendants were sentenced over the last two days for their roles in illegally distributing controlled substances to customers who bought the drugs from illicit Internet pharmacies, United States Attorney Melinda Haag and Drug Enforcement Administration Acting Special Agent in Charge Bruce C. Balzano announced. The defendants were also collectively ordered to forfeit more than $94 million in illegal proceeds.

“Illegal Internet pharmacies bring significant harm to communities across the nation by making controlled substances available to teenagers, addicts, and others who are endangered when these drugs are obtained without proper medical supervision. Anyone who engages in this criminal activity can expect to be prosecuted and held accountable for their conduct,” stated U.S. Attorney Haag.

“Prescription drug abuse has risen to alarming levels, often times leaving a trail of devastation behind and negatively impacting our communities. The individuals sentenced this week were involved in online pharmacy schemes that were illegally distributing controlled substances. DEA will aggressively pursue all who choose profits over the health and safety of the public,” stated DEA Acting Special Agent in Charge Balzano.

Michael Arnold, 42, of Boca Raton, Florida, was sentenced to 5 years in prison for his role as the organizer and leader of the Pitcairn Internet pharmacy. From 2003 through 2007, Pitcairn sold more than 14 million doses of Schedule III and IV controlled substances, earning over $69 million in its four years of operation using websites such as ezdietpills.net, pillsavings.com, and doctorrefill.net. Arnold laundered Pitcairn’s illegal proceeds through accounts in at least eight different countries, including Switzerland, Liechtenstein, the Netherlands, Canada, Panama, the Bahamas, St. Kitts & Nevis, and Curacao. Arnold was ordered to forfeit $69,692,488.39.

Christopher Napoli, 46, of Newtown Square, Pennsylvania, was sentenced to 4 years in prison for his role as the founder and leader of the Pharmacy USA/ SafescriptsOnline (“Safescripts”) Internet pharmacy. From November 2004 through December 2006, Safescripts sold more than 13 million doses of Schedule III and IV controlled substances, earning more than $24 million in its two years of operation. Napoli paid affiliates located in foreign countries, including Argentina, India, the Dominican Republic, Panama, Latvia, Lithuania, Romania and Poland to market drugs to potential customers using websites and call centers that placed outbound calls pushing the sale of the drugs listed on the Safescripts website. Napoli was ordered to forfeit $24,609,611.48.

Daniel “DJ” Johnson, 40, of Pekin, Illinois, was sentenced to 3 years in prison for his role as the software developer and manager for Safescripts. From his father’s business, Internet Commerce Corporation, Johnson assisted Napoli with the day-to-day operation of Safescripts, managing the maintenance and development of the software and hardware used to process drug orders, as well as the relationships between Safescripts at the brick-and-mortar pharmacies that filled the drug orders and shipped the pills to customers. Johnson was ordered to forfeit $835,540.

Jeffrey Herholz, 45, of Fayetteville, North Carolina, was sentenced to 2 years in prison for his role as the owner and operator of Kwic Fill, a brick-and-mortar pharmacy located in Fayetteville, North Carolina, that filled drug orders exclusively for Internet pharmacies, including Pitcairn and Safescripts. From February through April 2006, Kwic Fill shipped more than 7 million doses of Schedule III and IV controlled substances to customers located in all 50 states. Kwic Fill earned more than $3 million in criminal proceeds in its three months of operation. Herholz was ordered to forfeit $3,386,829.

Joseph Carozza, 67, of West Orange, New Jersey, was sentenced to 2 ½ years in prison for his role as one of the doctors who reviewed drug orders for Safescripts. Customers who wished to purchase controlled substances from Safescripts selected their drug of choice from a list of available options, answered a 23-question on-line questionnaire, and provided a credit card number and shipping address. After reviewing the questionnaire, Carozza clicked a button to “approve” or “deny” the drug order without meeting with or speaking to the customer who placed the drug order. The evidence at trial showed that Carozza approved more than 184,000 drug orders for Safescripts during an eleven-month period, once approving more than 12,000 orders in a single day. Carozza was ordered to forfeit $400,067.

Arnold and Herholz were convicted of conspiracy to distribute and possess with intent to distribute Schedule III and IV controlled substances, in violation of 21 U.S.C. § 846, and conspiracy to launder money internationally, in violation of 18 U.S.C. § 1956, on March 1, 2012, after a four-week jury trial.

Napoli, Johnson and Carozza were convicted of conspiracy to distribute and possess with intent to distribute Schedule III and IV controlled substances, in violation of 21 U.S.C. § 846, on November 15, 2012, after a six-week jury trial. Napoli and Johnson were also convicted of conspiracy to launder money, in violation of 18 U.S.C. § 1956.

Evidence at trial established that more than 90% of the drugs sold by Pitcairn and Safescripts were Schedule III and IV controlled substances. The drugs were primarily diet pills, such as phentermine and didrex, and anti-anxiety drugs known as benzodiazepenes, such as Xanax, Valium and clonazepam. All of these drugs carry a potential for addiction and may be dangerous if not taken under proper medical supervision.

Also sentenced were:

Salvatore Lamorte, 54 of Freehold, New Jersey, was sentenced to 1 year and 1 day in prison. Lamorte pled guilty to conspiracy to distribute and to possess with intent to distribute Schedule III and IV controlled substances, in violation of 21 U.S.C. § 846, and conspiracy to launder money internationally, in violation of 18 U.S.C. § 1956, based on his role as a recruiter and consultant who located brick-and-mortar pharmacies willing to fill drug orders for illegal Internet pharmacies. Lamorte was ordered to forfeit $2,011,927.

Jeffrey Entel, 43, of Lake Placid, Florida, was sentenced to 13 months in prison. Entel pled guilty to conspiracy to distribute and possess with intent to distribute Schedule III and IV controlled substances, in violation of 21 U.S.C. § 846. Entel owned and operated Groupo Call Center in the Dominican Republic, a call center that placed out-bound calls soliciting drug orders for Safescripts. Entel was ordered to forfeit $3,856,453.

Dino Antonioni, 45, of Miramar, Florida, was sentenced to 9 months of imprisonment followed by 9 months of home confinement. Antonioni pled guilty to conspiracy to distribute and to possess with intent to distribute Schedule III and IV controlled substances, in violation of 21 U.S.C. § 846, based on his role as the pharmacist for a brick-and-mortar pharmacy that filled drug orders for illegal Internet pharmacies. Antonioni was ordered to forfeit $300,000.

Darrell Creque, 63, of Clayton, North Carolina, was sentenced to 4 years of probation. Creque pled guilty to conspiracy to distribute and to possess with intent to distribute Schedule III and IV controlled substances, in violation of 21 U.S.C. § 846, based on his role as the pharmacist for Kwic Fill. Creque was ordered to forfeit $23,865.

These convictions were the result of a lengthy investigation by the Drug Enforcement Administration, San Francisco Field Division’s Financial Investigative Team. The prosecution is part of the Northern District of California United States Attorney’s Office’s Health Care Fraud program and was initiated as an investigation with the Organized Crime and Drug Enforcement Task Force. Substantial assistance was provided by the North Carolina Board of Pharmacy. Assistant United States Attorneys Kirstin Ault, Thomas Stevens, and Tracie Brown, with assistance from Denise Oki, Maryam Beros, Rawaty Yim, and Rayneisha Booth, prosecuted this case on behalf of the United States.

USDOJ: Attorney’s General Office

 

Greenwing Capital Management LLC

Local Man Indicted in $13 Million Investment Fraud Scheme

U.S. Attorney’s Office February 28, 2013
  • Middle District of Louisiana (225) 389-0443

BATON ROUGE, LA—United States Attorney Donald J. Cazayoux, Jr. announced today that a federal grand jury returned an indictment on February 27, 2013, charging James R. Holdman with 18 counts of mail fraud for his role in executing a fraudulent investment scheme.

According to the indictment, Holdman operated a hedge fund called Greenwing Capital Management LLC. As the owner and operator of the fund, Holdman solicited and received millions of dollars in investment funds from the victim investors. The indictment alleges that from approximately February 2008 to October 2008, Holdman concealed a failed investment plan by falsely representing to the victim investors that their investments were earning positive rates of return when, in fact, Holdman had lost over 98 percent of their funds.

The indictment alleges by making these false representations, Holdman was able to conceal his failed investment plan and defraud the victim investors into keeping their remaining money with Greenwing Capital or investing more money in it, thereby allowing Holdman to continue receiving money in the form of fees for his own personal use and benefit. In order to continue to conceal his fraud, Holdman continued to put the victim investors’ money at risk in an attempt to recoup his losses.

FBI Special Agent in Charge Michael J. Anderson stated, “Those individuals who prey on a vulnerable investing public, especially during such challenging economic times, will continue to be held fully accountable.”

U.S. Attorney Donald J. Cazayoux, Jr. stated, “Prosecuting those who commit investment fraud in the district will continue to be a priority as we strive to protect the public and to deter wrongdoers.”

The case is being prosecuted by Assistant U.S. Attorney Shubhra Shivpuri. The joint investigation is being conducted by the Federal Bureau of Investigation, the Louisiana Office of Financial Institutions, the Texas State Securities Board, and the Securities and Charities Division of the Mississippi Office of the Secretary of State.

An indictment is a determination by a grand jury that probable cause exists to believe that offenses have been committed by a defendant. The defendant is presumed innocent until and unless proven guilty at trial.

Source: Department of Justice – FBI

 

Maryland Man Indicted on Securities Fraud

Maryland Man Indicted on Wire Fraud, Securities Fraud, and Other Charges for His Role in a Ponzi Scheme
Scam Involved Nearly $25 Million in Losses

U.S. Attorney’s Office February 28, 2013
  • District of Columbia (202) 514-7566

WASHINGTON—Garfield M. Taylor, 54, of Rockville, Maryland, has been indicted on wire fraud, securities fraud, and other charges stemming from a Ponzi scheme that resulted in investors losing nearly $25 million that they invested with Taylor and companies he controlled.

The indictment, returned by a grand jury in the U.S. District Court for the District of Columbia, was announced by U.S. Attorney Ronald C. Machen, Jr. and Valerie Parlave, Assistant Director in Charge of the FBI’s Washington Field Office.

Taylor was arrested today and pled not guilty at his arraignment. The indictment was returned February 21, 2013, and unsealed today. Taylor was indicted on seven counts, including charges of wire fraud, securities fraud, and the unlawful sale of unregistered securities. The indictment includes a forfeiture allegation calling for Taylor to forfeit proceeds from the crimes.

According to the indictment, Taylor devised and employed a scheme from in or about September 2006 through in or about September 2010 in which he convinced investors to invest with him by promising them substantial returns on their investment, telling them that he used a sophisticated securities trading strategy that protected against loss, and claiming that he had a proven track record of using this strategy effectively.

During the course of this scheme, however, Taylor never used the trading strategy that he told investors that he would use. With the investments he did make during this period, Taylor either lost money or made minimal profits far below what was needed to pay the amounts he owed. The only way that Taylor was able to pay the substantial interest rates he was paying during this period was to use portions of the principal invested by new investors to pay amounts that were owed to earlier investors.

In one example cited in the indictment, in or about April 2010, Taylor used approximately half of an investor’s $425,000 investment to pay interest and principal that was due to earlier investors, rather than using those funds to invest in securities, as he had promised to do. Taylor paid only a portion of the interest payments he was required to pay the investor, before telling the investor that, because of trading losses, he was unable to make any more interest payments or to return the investor’s principal.

The indictment further alleges that in the course of trying to convince investors to invest with him, Taylor told certain investors that amounts invested with him were insured against loss and that Taylor maintained an account with reserve funds to offset any losses to investors should Taylor actually lose their investment through bad investment decisions. But neither insurance nor an account to reimburse Taylor’s investors existed.

At the time of the scheme’s collapse, Taylor owed investors nearly $25 million just to cover the principal he was contractually required to return to them.

An indictment is merely a formal charge that a defendant has committed a violation of criminal laws and is not evidence of guilt. Every defendant is presumed innocent until, and unless, proven guilty.

This case is being investigated by the FBI’s Washington Field Office. It is being prosecuted by Assistant U.S. Attorneys Matt Graves, Lionel André and Catherine K. Connelly, with assistance from Litigation Technology Specialist Joseph Calvarese and Paralegal Specialists Tasha Harris and Lenisse Edloe.

New Variation on Telephone Collection Scam Related to Delinquent Payday Loans

02/21/12—

The Internet Crime Complaint Center (IC3) continues to receive complaints scamalertfrom victims of payday loan telephone collection scams. As previously reported in December 2010, the typical payday loan scam involves a caller who claims the victim is delinquent on a payday loan and must make payment to avoid legal consequences.

Callers pose as representatives of the FBI, “Federal Legislative Department,” various law firms, or other legitimate-sounding agencies and claim to be collecting debts for companies such as United Cash Advance, U.S. Cash Advance, U.S. Cash Net, or other Internet check-cashing services. The fraudsters relentlessly call the victim’s home, cell phone, and place of employment in attempts to obtain payment. The callers refuse to provide information regarding the alleged payday loan or any documentation and become verbally abusive when questioned.

The IC3 has observed variations of this scam in which the caller tells the victim that there are outstanding warrants for the victim’s arrest. The caller claims that the basis of the warrants is non-payment of the underlying loan and/or hacking. If it’s the latter, the caller tells the victim that he or she is wanted for hacking into a business’ computer system to steal customer information. The caller will then demand payment via debit/credit card; in other cases, the caller further instructs victims to obtain a prepaid card to cover the payment.

The high-pressure collection tactics used by the fraudsters have also evolved. In one recent complaint, a person posed as a process server and appeared at the victim’s job. In another instance, a phony process server came to a victim’s home. In both cases, after claiming to be serving a court summons, the alleged process server said the victim could avoid going to court if he or she provided a debit card number for repayment of the loan.

If you are contacted by someone who is trying to collect a debt that you do not owe, you should:

  • Contact your local law enforcement agencies if you feel you are in immediate danger;
  • Contact your bank(s) and credit card companies;
  • Contact the three major credit bureaus and request an alert be put on your file;
  • If you have received a legitimate loan and want to verify that you do not have any outstanding obligation, contact the loan company directly;
  • File a complaint at www.IC3.gov.

Lawyers’ Identities Being Used for Fake Websites and Solicitations

09/14/12

A recent scam has surfaced in which the identify of a Texas attorney, who had scamalertnot practiced in years, was used to set up a fake law firm website using the attorney’s maiden name, former office address, and portions of her professional biography. Other attorneys have complained about the use of their names and professional information to solicit legal work.

All attorneys should be on the alert to this scam. If you become aware of the same or a similar situation involving your name and/or law firm, you should immediately report the incident to local authorities, your state Bar, and the FBI at the Internet Crime Complaint Center.

Additionally, be sure to closely monitor your credit report or bank accounts to ensure that your identity is not the only thing being stolen.

If you have been a victim of an Internet scam or have received an e-mail that you believe was an attempted scam, please file a complaint at http://www.IC3.gov.

Extortion Scam Related to Delinquent Payday Loans

Extortion Scam Related to Delinquent Payday Loans

Washington, D.C. December 07, 2010
  • FBI National Press Office (202) 324-3691

The Internet Crime Complaint Center has received many complaints from victims of payday loan telephone collection scams. Callers claim the victim is delinquent in a payday loan and must repay the loan to avoid legal consequences.

The callers purport to be representatives of the FBI, Federal Legislative Department, various law firms, or other legitimate-sounding agencies. They claim to be collecting debts for companies such as United Cash Advance, U.S. Cash Advance, U.S. Cash Net, and other Internet check-cashing services.

According to complaints received from the public, the callers have accurate data about victims, including Social Security numbers, dates of birth, addresses, employer information, bank account numbers, and the names and telephone numbers of relatives and friends. How the fraudsters obtained the personal information varies, but in some cases victims have reported they completed online applications for other loans or credit cards before the calls started.

The fraudsters relentlessly call the victim’s home, cell phone, and place of employment. They refuse to provide any details about the alleged payday loans and become abusive when questioned. The callers have threatened victims with legal actions, arrests, and, in some cases, physical violence if they do not pay. In many cases, the callers harass victims’ relatives, friends, and employers.

Some fraudsters have instructed victims to fax a statement agreeing to pay a certain amount, on a specific date, via a pre-paid Visa card. The statement further declares the victim will never dispute the debt.

If you receive these calls, do not follow the caller’s instructions. Rather, you should:

  • Notify your banking institutions.
  • Contact the three major credit bureaus and request an alert be put on your file.
  • Contact your local law enforcement agencies if you feel you are in immediate danger.
  • File a complaint at www.IC3.gov.

Tips to avoid becoming a victim of this scam:

  • Never give your Social Security number—or personal information of any kind—over the telephone or online unless you initiate the contact.
  • Be suspicious of any e-mail with urgent requests for personal financial information. The e-mail may include upsetting or exciting but false statements to get you to react immediately.
  • Avoid filling out forms in e-mail messages that request personal information.
  • Ensure that your browser is up-to-date and security patches have been applied.
  • Check your bank, credit, and debit card statements regularly to make sure that there are no unauthorized transactions. If anything looks suspicious, contact your bank and all card issuers.
  • When you contact companies, use numbers provided on the back of cards or statements

Federal Bureau of Investigation [FBI] – Payday Loans Warning