Pages

Thursday, November 28, 2024

Ross Meurant: Finding Fraudsters in Crypto Currencies

Don’t call them scammers.  They are criminal fraudsters.

National (NZ government coalition partner) have decided to appoint an “Anti-Scam” Minister Mr Bayly.  Ironically, on a radio platform 19 Nov 2024, Hon Bayly appeared to “absolve” social media from any liability for scamming.  

Recently, Australian banks have begun to shut out crypto currencies (1) (2) which appears to be a policy in conflict with the electioneering pledges of President elect Donald Trump.

What is Crypto Currency? 

Cryptocurrency or crypto a so-called replacement for the cash system i.e. internationally embraced fiat money, which replaced barter.

Crypto, is a digital currency designed to work through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it.

Transactions are recorded as new units of currency and are generated by the computational solution of mathematical problems, which operates independently of a central bank used for online transactions between individuals.

Individual crypto ownership records are stored in a digital ledger or wallet, which is a computerized database securing transaction of records, controlling the creation of additional coins, and verifying the transfer of ownership.

With a physical wallet, individuals can hold fiat currency or bank and credit cards, which enable access to funds. A crypto wallet doesn't hold hard currency e.g. bank notes, but rather holds the credentials i.e. codes, needed in the form of private keys to access the blockchain for a given cryptocurrency e.g. Bitcoin.

A crypto currency “wallet”, identifiable via the web page of a legitimate provider of crypto wallet “sales” (3), will validate the sale/transaction, but will not identify where that wallet and perpetrator may be.

Given the obstacles to be overcome, searching for the perpetrator, offers to recover stolen funds, is not a realistic outcome, and may be tantamount to another scam.

The victim will get an apology, but no compensation.  

Cryptocurrency Fraud.

Three players are involved in Crypto Fraud: The Victim; the Perpetrator of the fraud and – the Facilitators.

The Victim.

In most cases, victims contribute to the success of the theft of their money, by their own foolishness.  That is, being “sucked in” by some criminal who sells them a fraudulent offer to buy crypto via a wallet – which is issued in good faith by a provider e.g. Bitcoin, to the fraud perpetrator – and not to the victim.

Despite victims contributing to the crime; this fact should only go to mitigation, not absolution or render the criminal fraud down to a non-crime.  The NZ Crimes Act, does not provide defence of absolution to a perpetrator - nor to a facilitator (i.e. Party to the crime), merely because the victim was “stupid”.

The Perpetrator.

In most cases, the perpetrator will telephone the victim who will have responded via an advertisement found on his/her computer.  The ensuing conversations encourage the victim to give the perpetrator, access to their bank accounts from which they steal money and/or, who entice victims to send their money to an account of, ostensibly, a genuine crypto currency seller, but which is an account operated by the perpetrator.

The Facilitator/s.

Financial Institutions.

All financial institutions have a duty of care to have correctly identified who owns the accounts, in compliance with the requirements of international banking code KYC – “Know you Client/Customer” and other international anti-money laundering protocols.

Failure of Financial Institutions to apply a level of care i.e. Duty of Care, to the standard expected under KYC may amount to contributory negligence.

Once money has been moved from a victim’s account, by the perpetrator, a crime has been committed.   Money laundering laws then apply. KYC and other international criminal laws and protocols must be applied by all financial institutions.

This KYC duty not only applies to bank accounts used by victims – i.e. to notice unusual movement of funds from a client’s account (e.g. 10 consecutive daily transfers of $20K), but also, to the banks whose clients accounts are those into which the stolen money is transferred (e.g. $20k x 10 consecutive days), from which money is moved to a different local bank, and then transferred off shore to more bank accounts.

In one case, an Australian victim was conned into transferring money to the account of a fraudster i.e. perpetrator in another bank in Australia, who within seconds, transferred that stolen money to a bank account in Hong Kong, where within minutes, the stolen money was moved outside of the “jurisdiction”.

In this case the Hong Kong bank completed its account opening process and KYC to their satisfaction – yet the account holder’s physical address did not exist and that any council utilities documents produced for verifications, were also false or were nor presented. It appears axiomatic, that due diligence enquiries were via a desk top, rather than a physical visit.

In the case identified, a large volume of funds was laundered through this account off shore –with no possible opportunity of recovery because the account holder in Hong Kong was fictitious. This flow on effect of moving money among banks, elevates and expands the duty of care banks should be applying to accounts held by them.

Some readers may well have encountered frustrating delays when trying to remit funds offshore - e.g. a couple of thousand dollars abroad to a relative in need of help. 

These examples of vigilance over petty transfers, does however, serve as some evidence that banks do undertake due diligence on overseas transfers, and therefore any criticism of them missing movement of monies by fraudsters – is – “Unfair”.

Caller ID Spoofing.

Telecommunication providers – allowing fraudsters to contact victims via telephone numbers but which cease to exist – sometimes within minutes of a fraud having been committed, are also subjected to KYC.

The fact that a perpetrator can by the unauthorised use of someone’s number, or via a phone number purchased on the “Dark Web”, then use the numbers obtained as their front access to engage victims, may however, raise the issue of liabilities of telco providers. (4)

Telcos do receive payment for calls made by perpetrators via the above-described activities.  These payments are settled on the telecoms international wholesale market where the various carriers purchase volume in minutes and bandwidth. 

For example, a call from a BT customer in London to your mobile, might go from BT to an AT&T station in England, then across to the USA by satellite, then down to a station near LA and then on the Southern Cross submarine cable to Sydney where it’s handed to Telstra. Telstra then switch it to their mobile network who can send it to your mobile identifier called an IMEI. Your number might be registered with Optus so Optus receive and then terminate the call to you. 

A lot of switching going on and each carrier along the way clips the ticket from the receiving carrier with the terminating carrier getting a small settlement. This is done via the international telecoms wholesale market where each buy and sells millions of minutes and truckloads of data bandwidth, to other carriers. 

Furthermore, networks are now largely web based so voice and data are transmitted in data packets but there are still data volume settlements as described in the older technologies. 

Bottom line is that the ability to trace the true origin is technically possible if there was full cooperation from the other carriers along the chain. 

Internet.

Internet platforms e.g. Facebook – which hosted adverts showing high profile persons, such as the adverts portending to show the New Zealand Prime Minister and a profile New Zealand woman (presumably without their knowledge) prompting sale of cryptocurrency, must give rise to a duty of care upon the social platform, to confirm the content is valid.

The same social media displayed a former Australian Prime Minister (presumably without his knowledge), also promoting cryptocurrency.

Negligence by facilitators failure to apply due diligence to a level or standard, when actions and circumstances of the perpetrator’s activities are such that they reasonably, should have been detected by security algorithms within the facilitator’s realm of responsibility, is potentially grounds for filing claims for negligence and damages.

Remedies.

Find the perpetrator?

Research suggests that most crypto scamming businesses are linked to major crime syndicates domiciled in Tajikistan, Russia, Malta, Vietnam, Cambodia, Myanmar and China; where co-operation from government security agencies is unlikely and asking questions as to the whereabouts of perpetrators when visiting these locations, may not be, a safe way to travel.  

Canada, USA also come under the radar with South Korea and Israel emerging prime recipient countries.  Bucharest in Romania has been identified as a recent recipient.

Sue the facilitators?

Trouble with this option is, Justice is Money: Just Money.

Facilitators, as described above, are Big Commercial Operators – with lots of money.

Scammed victims – often elderly who have been baffled by modern technology – losing their life savings - don’t have the money to file their claim against these Monoliths for: (a) compensation of money stolen from their accounts (b) collateral damage e.g. forced to sell one’s house to get the finance to survive (c) legal costs of hiring a lawyer to lead the case in Court.

In Brevi: Victims simply don’t have the money to get Justice via our Courts.

Ross Meurant BA MPP.  Company Director. Founder of GENA which specialises in Cryptocurrency Fraud www.gena.co.nz  Former Police Inspector, Member of Parliament & Honorary Consul.  

(1)   https://thepaypers.com/cryptocurrencies/hsbc-australia-blocks-payments-to-crypto-exchanges--1269319

(2)   https://news.bitcoin.com/another-big-4-australian-bank-blocks-payments-to-high-risk-crypto-exchanges/#google_vignette

(3)   https://www.binance.com/en/wallet/account/main/deposit/crypto/BTC 

(4)  https://www.idcare.org/fact-sheets/caller-id-spoofing#:~:text=You%20may%20never%20know%20that,you%20of%20being%20a%20scammer

6 comments:

Anonymous said...

Best account I have read on this increasingly persuasive crime.

Anonymous said...

This is very instructive Ross. It exposes fraudsters but also exposes police for failure to track the criminals all the way. Your article does say tracking the perpetrator is very difficult and dangerous but you make the point that if there was co-operation by facilitators and police who knew what they were doing, locating a preparator is possible. Highly likely in my view, a "party" to these crimes is resident in New Zealand. - right under the noses of the police.

I.C. Clairly said...

Fractional reserve banking is one of the biggest scams ever perpetrated, yet because the practice of creating money out of thin air and lending it at interest using real assets as collateral has been normalized and made "respectable" under law, most people don't even realize how they are being shafted.

The fiat currency banking system hates independent decentralised crypto because it cannot take a cut, which is why they want it banned or regulated.

ross meurant said...

I C Clairly, I concur. Extending the overdraft at the top end is ok but not at my level. However, the article is not about which form of currency is best, its about theft of cryptocurrency - which has taken the stage from bank robberies for bank notes (as was the fashion when I was a front line cop).

Anonymous said...

Trump is in the process of deregulating the banks, along with deregulating crypto, and merging the two. This process is being weaponized as to “mainstream” cryptocurrencies. This process is a bridge, nothing more, to the new tokenized singular system.

ross meurant said...

It has occured that Trump's initiative to "embrace" crypto is but a Trojan Horse: once he's inside the fort....crypto will be made (to steal Clairly's description of fiat money) "respectable" i.e. Under Government Control,