Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

Dragnet Snares 565 for Online Fraud

Global authorities cooperate in the most far-reaching enforcement action ever mounted against online fraud

Last week, the bogus "Sweepstakes Security Commission" was operating in full swing, merrily bilking unsuspecting consumers out of millions of dollars.

Today, the whole gang is behind bars.

In the largest and most far-reaching operation ever directed at mass-marketing fraud schemes, an international team of law enforcement agencies arrested some 565 suspected perpetrators, the U.S. Department of Justice said yesterday. The arrests, which took place in the U.S., Canada, Costa Rica, the Netherlands, and Spain, resulted from 96 separate investigations alleging more than $1 billion in fraud against more than 2.8 million victims.

The joint investigation, dubbed "Operation Global Con," came to completion last week when law enforcement agencies busted several "boiler room" sites for mass-marketing fraud in Costa Rica, including the operators of the nonexistent Sweepstakes Security Commission. The Costa Rican con artists were using VOIP and mobile phones to phish consumers, telling them they had won large sweepstakes prizes and then asking for "insurance fees" to protect their winnings.

Dozens of federal and local law enforcement agencies across the Americas and Europe linked up for Operation Global Con, using computer networks to create "virtual task forces." The huge initiative served notice to both online and offline criminals who have previously escaped through the cracks between agencies and jurisdictions.

"Mass-marketing fraudsters think they can use modern technology to operate from anywhere in the world with impunity," observed U.S. Attorney General Alberto Gonzales at a news conference. "The virtual task forces that we have built with Canada, Costa Rica, and the Netherlands provide a new model for us to bring these international con artists to justice."

The alleged perpetrators were arrested for a wide variety of schemes, including so-called "419" advance-fee schemes; foreign currency trading; bogus lottery, prize, and sweepstakes; offers of nonexistent investments; bogus offers of "pre-approved" credit cards or credit-card protection; and tax fraud. In addition to the criminal charges, the Federal Trade Commission brought 20 civil actions against 140 defendants in illegal fraud schemes.

— Tim Wilson, Site Editor, Dark Reading

Organizations mentioned in this story

  • Federal Trade Commission
  • Sun Microsystems Inc. (Nasdaq: SUNW)
  • U.S. Department of Justice

    Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Oldest First  |  Newest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 4/7/2020
    The Coronavirus & Cybersecurity: 3 Areas of Exploitation
    Robert R. Ackerman Jr., Founder & Managing Director, Allegis Capital,  4/7/2020
    'Unkillable' Android Malware App Continues to Infect Devices Worldwide
    Jai Vijayan, Contributing Writer,  4/8/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: Digitized COVID-19 Prevention
    Current Issue
    6 Emerging Cyber Threats That Enterprises Face in 2020
    This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
    Flash Poll
    State of Cybersecurity Incident Response
    State of Cybersecurity Incident Response
    Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-9499
    PUBLISHED: 2020-04-09
    Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal account, the attacker sends a specific DDNS test command, which may cause the device to go down.
    CVE-2020-9500
    PUBLISHED: 2020-04-09
    Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down.
    CVE-2020-10603
    PUBLISHED: 2020-04-09
    WebAccess/NMS (versions prior to 3.0.2) does not properly sanitize user input and may allow an attacker to inject system commands remotely.
    CVE-2020-10617
    PUBLISHED: 2020-04-09
    There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions prior to 3.0.2) to gain access to sensitive information.
    CVE-2020-10619
    PUBLISHED: 2020-04-09
    An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions prior to 3.0.2) control.