Internet fraud is a type of fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace. It is, however, differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.
According to the FBI’s 2017 Internet Crime Report, the Internet Crime Complaint Center (IC3) received about 300,000 complaints. Victims lost over $1.4 billion in online fraud in 2017. According to a study conducted by the Center for Strategic and International Studies (CSIS) and McAfee, cybercrime costs the global economy as much as $600 billion, which translates into 0.8% of total global GDP. Online fraud appears in many forms. It ranges from email spam to online scams. Internet fraud can occur even if partly based on the use of Internet services and is mostly or completely based on the use of the Internet.
Nigeria is a renowned hotspot for internet scams. In the world rankings for internet fraud, Nigeria is ranked as number one and the rate at which people Nigerians are involved in internet scam better known as ‘Yahoo Yahoo’ is very alarming. It has gotten so bad that even young secondary school students now engage in the Yahoo scam.
The scariest part of it that even so called servants of God are now engaging in internet fraud. An Ilorin based 31-year-old Islamic scholar popularly called Afa who also doubles as a herbalist, named Jamiu Isiaka has been arrested after collecting N30million from a foreigner as fee to provide a license in Nigeria.
Jamiu impersonated the Group Managing Director of the Nigerian National Petroleum Corporation (NNPC), Dr Maikanti Baru, and the Special Adviser to the President on Media and Publicity, Femi Adesina, among other prominent citizens. The suspect, with others who are still at large, allegedly used the names of senior government officials to scam a South Korean national, Keun Sig Kim, under pretense of getting him an NNPC license that would enable him purchase a company.
According to the petitioner “I transferred $4,285.071 to the United Bank of Africa, account number 2107575870 in the name of one Jamiu Isiaka, an associate of Mr Shola Adeshina. “It is noteworthy that this account particulars have been provided severally for me to make transfer to.”
Isiaka, during interrogation with EFCC officials, claimed that he used the money to perform sacrifice on behalf of the petitioner. He claimed to have bought a vulture, elephant’s skin, elephant’s intestine, skull of a lion, liver of gorilla, among others. The suspect will soon be arraigned in court while efforts are ongoing to nab accomplices at large.
The target of ‘Yahoo’ boys are always foreigners who are often ignorant of the gimmicks played on them by these scammers and they end up falling for it. By the time they realize what’s going on, they would have lost a whole lot of money to the scammers. Advanced Nigerian groups have lately increased the amounts they make off with in each attack by targeting not just individuals but small businesses. The FBI estimates that between October 2013 and December 2016 more than 40,000 “business email compromise” incidents worldwide resulted in $5.3 billion in losses.
With so many many third parties, clients, languages, time zones, and web domains involved in daily business, it can be difficult for a company with limited resources to separate out suspicious activity from the expected chaos. Nigerian scammers will send tailored phishing emails to a company to get someone to click a link and infect their computer with malware. From there, the attackers are in no hurry. They do reconnaissance for days or weeks, using key loggers and other surveillance tools to steal credentials to all sorts of accounts, figure out how a company works, and understand who handles purchasing and other transactions.
Eventually the scammers will settle on a tactic; they may impersonate someone within the company and attempt to initiate a payment, or they might pretend to be a company the victim contracts with and send the target an innocuous-looking invoice to pay. If they’ve gained enough control of a system, attackers will even set up email redirects, receive a legitimate invoice, doctor it to change the banking information to their own, and then allow the email to reach its intended recipient. And the scammers rely on this sort of man-in-the-middle email attack for all sorts of manipulations.
Even though the attackers generally use cheap commodity malware, the groups tend to remain inconspicuous on victim networks, and have shown a willingness to abandon ideas quickly if they’re not working. One technique called “domain tasting” involves registering domains that look legitimate, trying to send phishing emails from them, and then moving on to a new domain if the phishes aren’t working.
Share your comments below let’s know your thoughts on this.