As an investigator I have seen many cases come and go. One in particular was a case involving a fraud of a foreigner that had sent money to the US. Upon learning that he was scammed he hired our firm to find the perpetrator of the scam so that he could press charges. I remember the amount of the loss was right around $300K USD we figured and local law enforcement called the Federal Bureau of Investigation as well as the US District Attorney for the district and I remember the response quite well. $300,000.00 was not enough money to justify an investigation. This was back in 2009. Now I can tell you that in 2007 $250,000.00 was enough to spawn a full FBI investigation because I was a consultant to one of these investigations so sometime between 2007 and 2009 the rules apparently have changed.
This is troublesome at some point because our tax dollars go toward the salaries and support of these Government operations. Criminals are starting to realize that the Federal agencies won't come after them if they keep the target number under a certain amount. Several exceptions appear to exist and that is when a story gets media coverage and could be damaging to a larger company we see activity out of these agencies. Also when it comes to banking, healthcare or other high profile attacks the FBI seems to spring into action.
We all understand that the FBI cannot and will not investigate every single crime or case that comes there way. And we get it. Investigations take time, money and resources to carry out and they are working with a limited budget as are the rest of us. So that brings us to our next story:
We have been watching closely several news stories that have hit the wires the past few months. Several of these stories are clearly indicating the many telecom companies are eating the cost of large bills and reporting theft of service issues.
"Hackers targeted the phone system at Bob Foreman’s architecture firm in Georgia, making $166,000 in calls in one weekend. "
It appears as though this activity is being conducted by hackers whom are getting a cut of the money from these premium dial service operators. Not a bad way to fund a black budget. While we are not saying that this type of activity is being conducted by official channels it's quite odd that given the scope of the attacks and multiple reports of this type that it would not spur some sort of interest.
We are keeping an eye on this one also. The Communications Fraud Control Association reports that this particular type of fraud cost consumers over $4 billion USD annually. That's not chump change. It shouldn't matter if these attacks are small in stature because of the shear number of attacks that are taking place.
Next time you see a charge for a phone sex or psychic line through your PBX and you know your end users are not calling, have a reputable firm inspect your PBX system. This should be a part of your auditing plan. SLC Security Services has engineers on staff that are highly skilled at securing PBX systems. With over 20 years of experience in this area and being an investigative company we have been involved in our fair share of investigations. Not once have we seen any law enforcement traction on this issue and that should change. You don't have a clue as to whom these fraudulent calls for funding and it could be a backdoor for funding terrorist activity, organized crime or other nefarious operations.
"That money was allegedly directed to a Saudi Arabian militant group that U.S. officials say financed the 2008 Mumbai terrorist attack. AT&T eventually reimbursed all consumers."
REFERENCES:
http://newswire.net/newsroom/news/00085638-phone-hackers-stealing-billions-are-difficult-to-catch.html
http://www.nytimes.com/2014/10/20/technology/dial-and-redial-phone-hackers-stealing-billions-.html?_r=0
http://www.financialexpress.com/news/foreign-internetbased-phone-hackers-target-businesses-mumbai-terror-link-emerges/1300423
http://boss.blogs.nytimes.com/2014/10/20/today-in-small-business-how-hackers-can-stick-businesses-with-huge-phone-bills/
http://www.thefiscaltimes.com/2014/10/20/5-Billion-Phone-Hacking-Scam-Too-Small-Nail-FCC
No comments:
Post a Comment