POLICE AND THIEVES: FAKE CARTRIDGE SELLERS, E-MAIL SCAMMERS AND CYBER-COPS

Top Story

FAKE CARTRIDGE SELLERS RUINING THE MARKET FOR LEGITIMATE PRODUCTS

Melanie Vermoter of Despec (an HP reseller) has a problem. People are selling cheap, fake ink-jet printer cartridges in some of her key markets and ruining her potential business. Do you buy those cheap cartridges to save money? It could prove a false economy as they have inferior ink that lasts a shorter time than their proprietary equivalent. And if if they make your machine break down, the presence of one of them could void your warranty.

The most common printer cartridge involves fraudulent inks. The HP proprietary ink cartridge 51645A is the most popular in the world and the fastest moving product in the market. The scammers take away an empty ink cartridge and fill them with inferior ink. More sophisticated fraudsters simply manufacture cheap copies. A fraudulent ink cartridge factory was uncovered in China which did the whole process and it was nearly impossible to tell the difference the fake and the real cartridge from outward appearances.

With a fraudulent ink cartridge the quality is very poor and there are often leakages which can damage the printer. Because the ink quality is lower the number of pages printed by the cartridge is very low.

Another scam worked by grey market resellers is to mix fake cartidges with real ones:80% original with 20% fakes. This often happens in Ghana and Nigeria where the grey market resellers have strong links with the USA and UK but stock also comes out of Dubai, Singapore and Russia.

A fraud prevalent in Nigeria involves the install by date. The fraudsters know that the cartridge will be valid 6 months after the install by date. They buy up expired cartridges, change the sell by date and sell them as news.

Toner cartridges are unlikely to be counterfeits because these are harder to produce and the turnover is not as high. The counterfeiters want to target fast-moving, high-value product and toner cartridges don’t offer the kind of price differential they want.

The value of ink-jet cartridges is ramped up when import duties are levied on consumables. As Vermoter observes:"There’s a duty exemption on hardware but it’s still levied on consumables. Duties on consumables are very high. It makes up about 20-35% on inks and toners. On the popular HP 51645A cartridge in Nigeria it’s 35% of the USD34 retail price. This level of duty actually encourages counterfeiting".

What about the high cost of the cartridge? "My margins are very low. I can’t lower the price."

And as Melanie Vermoter of Despec told us:"We are trying to grow a reseller base in Nigeria so that we know that they will only buy product through us".

The counterfeit market in Nigeria is probably somewhere between 80-85% of the total market. If it didn’t exist, the market in Nigeria would probably be worth USD80m.

But the fraudulent cartridge looks almost exactly the same as the HP branded product. With a fraudulent product, the key things to look for are:
- leaking ink
- tampered box
- the level indicator, a green line moving across a window. On fraudulent cartridges, there’s often a sticker across this window.

There are a number of anti-counterfeiting measures that have taken:
- Special seals that change colour when heated.
- Changes in the packaging
- New printers will have different cartridges that will cut the overall size of the market.

But as Vermoter herself is the first to admit:"With the high-grade counterfeiting it’s difficult to tell the difference and I’ve been fooled".

The Imaging Consumables Coalition of Europe (ICCE) MEA has an anti-counterfeiting team, usually people from legal backgrounds. They are based all over the world but they are actively targeting Africa as it has a bad reputation for counterfeiting along with the Far East and Russia.

Where there is money to be laundered, you find counterfeiters. As Vermoter points out: There is a problem with dirty money going into consumables. But successful operations have been carried out in Africa. We have even identified counterfeit manufacturing operations in Africa".

ICCE’s MEA (Middle East and Africa) campaign can be contacted via its website:

WHERE DO E-MAIL SCAMMERS COME FROM AND WHAT ARE THEY DOING

Africa is widely perceived as a hotbed of cyber-crime based on the proliferation of 419 scam e-mails but the reality is not as it might appear. Mark Davies of BusyInternet goes through the available figures and talks about his own experience of crime as a cyber-café owner.

There are very few sources of internet crime statistics but one of the largest available is the US-based Internet Fraud Complaint Centre run by the FBI. It reported USD17 million worth of fraud in 2001 which rose to USD54 million. This figure represents 75,000 complaints.

Of these, 48,000 are referred for action, a three-fold increase over the previous year. The average complaint was for a loss of USD299 and only 3.6% of all complaints are for losses of over USD5000. It should be stressed that these figures represent reported cases and as with all crime reporting it is the tip of the unreported iceberg.

The key categories of cyber-crime are as follows:
Internet Auction fraud (46%)
Non-delivery of merchandise (31%)
Credit card fraud (12%)

Credit card represents the lowest loss, the average being USD120 per transaction. The other seven top ten crimes represent only 6% of total complaints. "Nigerian Letter Scams" represent only 0.4% of the total but it has the highest average loss of USD5,400. Other crimes included: child pornography, unauthorised intrusion (hacking), communications, investment and identity fraud. 66% is perpetrated using e-mail and 19% using websites.

The geographic breakdown of where the fraud originated from was as follows:
United States 76%
50% from NY, IL, CA, TX
Nigeria 5.1%,
Canada 3.5%,
South Africa 2%
The 7.1% of fraud originating from two African countries is very high relative to the spread of the internet in both those countries.

All computers must have unique addresses and all e-mails contain this address. The role of a proxy to "mask" this unique address. For anonymity and fast access we use one public IP address and that address is registered to me. As the owner of one of the largest cyber-cafes in Africa (with 100 machines) we found ourselves encountering this world of cyber-crime when we started receiving letters and phone calls from merchants and the security companies employed by the larger sites. The e-mail below was a typical communication:

"My name is Ryan Edwards and I work for a company called Jump.ca in Regina, Saskatchewan, Canada. We offer internet sales to customer ranging from cell phones, laptops, PDAs and various other computer components. I have been receiving, over the past couple months, various orders for laptops purchased using stolen credit cards. I have obtained the IP address of these customers, and 2 of them come from the same IP address that your company controls. Below is a list of the IP addresses and dates that these purchases have been made".

The e-mail from Yahoo’s security consultant illustrate the scale of the problem:

"We actually just worked out a deal with a Florida ISP that service Ghana. It seems to balance legitimate users with making a significant impact on fraud. They are going to block their Ghana and Nigeria ports from accessing store.yahoo.com

All 20,000 Yahoo stores resolve to this IP address. Frankly, there is NEVER going to be a legitimate order coming from Ghana, going to a Yahoo store. Almost all of them don’t ship internationally anyway, and really, any order from Ghana is with a stolen credit card. The Ghana thieves have been focusing on Yahoo more because there are many unsophisticated store owners on Yahoo that don’t have the anti-fraud capabilities of an Amazon.com.

Please let me know what you think.

Rick Smith
Synergy Computing
Chef’s Resource"

When I started to investigate with other cafes and users it became clear that the problem was quite widespread According to Francis Quartey of IDN Ghana:" Yes this problem is particularly a challenging one for IDN, partly because we carry a lot of the high speed cafe customers. We have had problems with investigators serving us court summons; surveilling our Baltimore office;threatening letters from state security agents, and actually blockage of ip’s by our tier one ip provider".

The fraud goes by the name of Saakawa. There are active groups operating out of cybercafes. They are often young, intimidating, difficult to manage: often they are characterised locally as "nima boyz". It’seen as a rite of passage, as much as economic endeavor.

The scam is very simple. Thieves get credit card numbers. These are often obtained from: online generators; stolen from other retail environments (hotels); Stolen from the post; using keystroke loggers and by tricking you (fake websites; Paypal & Citibank). They place online orders and these are shipped to friends in US then on to Africa.

Much of the cyber crime comes from merchants not following verification procedures. They should match the name, number and address of the online buyer but smaller, naïve merchants have flawed verification procedures.

There is no incentive for credit card companies to prevent this kind of fraud. The cardholder doesn’t pay (maybe up to USD50). The issuing bank/Visa doesn’t pay. The merchant/seller pays (PLUS transaction charges). Online Merchants are being put out of businesses as the card companies can take up to six months to question a charge. Most refund the total cost of charge to cardholder.

The originating ISPs, cybercafes (countries sometimes) are being blocked And the cybercafes become magnet for embezzlers. It intimidates both staff and other customers of cybercafes and the cybercafe owners themselves are often threatened by the criminals if they confront them. Often Africa is blacklisted and it misrepresents the majority of African internet use to other countries.

There are a number of measures that might be taken to stop this kind of fraud:
- Verification ­ know the customer & match them to their account
- Blocking ­ stop all shopping altogether (BusyInternet’s approach) but this is not available to all cybercafes with less tech skills / infrastructure
- Supervision ­ post notices, police the cafes
- Create pre-paid alternatives or e-commerce centers
- Legal framework ­ have clear legislation and penalties & enforcement
- Sensitize local communities and elders to educate the youth
- Create employment opportunities for young people & pay them adequately

AFRICA’S POLICE FORCES BEGIN TO GEAR UP TO FIGHT CYBER-CRIME

It took developing country police forces a number of years to get geared up to fight cyber-crime. No wonder then it is taking Africa time to put in place police expertise to fight cyber crime. News Update talked to Amos Onyancha, one of the continent’s new breed of cyber-cops about the work being undertaken in Kenya and through an Interpol working group at a continental level.

The Kenyan Cyber-Crime Unit has four people working for it: one attached to Central Bank Fraud and three members of CID. All four have computing experience with the Central Bank staff member having an MA in Computing. Both the Central Bank and the Treasury have this experience in their IT departments.

They are using existing criminal law to prosecute crimes perpetrated using a computer that include:
- Fraud
- Unauthorised access or access using a supervisor’s password
- Interceptions ­ rerouting money transfers
- Diverting funds from Telkom Kenya and Kenya Power bills.

There are no existing laws to cover things like 419 scams and child pornography. The Economic Crime Bill is currently going through the Kenyan Parliament.

According to Amos Onyancha of the Unit: "We realised the need for specialisation (to tackle this kind of crime) in CID. We needed to tackle economic crimes like cheque and card fraud and the Director thought it would be a good idea to set up a section to deal with cyber-crime."

Kenya has set up a national task force to track these kinds of crimes working with the private sector including companies like Kencell, Safaricom and a number of ISPs. As Onyancha told us: "We asked them to come up with a monitoring task force as security levels are very poor. What the Nigerians can do using hacking is very serious and we have Nigerians (of this kind) here in Kenya."

As elsewhere, there is a shortage of computer forensic expertise: "Another problem is the experts we have. They can be ICT experts but do they have the forensic knowledge to be witnesses in court?"

"At present I take the Court to the site and explain the processes to them so that they can see it being done. At least then they’ve seen what’s happening even if they can’t always understand the technologies."

Current cyber crimes being experienced in Kenya are: hacking; software piracy (which is widespread); and stolen credit card numbers: "We even have people using fake swipe cards to defraud ATMs. It’s easier to use a computer to carry out a crime than it is to go car-jacking."

"We had a case of a Nigerian guy who used waiters in a hotel to get credit card numbers in order to clone cards. He’s gone before the magistrate and we’ve got the machines, the scanners, modem and computer." The Unit is in regular contact with Visa and Mastercard and both send personnel to give evidence in cases that come before the courts.

The African Working Party on Information Technology Crimes has been set up under the auspices of Interpol. There is already a European Working Party and they are an acknowledgement that cyber crimes are cross-border crimes. Fourteen countries are members including: Tanzania, South Africa, Kenya, Ghana Cote D’Ivoire, Zimbabwe, Malawi, Burundi and Rwanda. Nigeria are not currently represented which seems a curious oversight on the part of their government.

The working party wants to come up with common ways of investigating computer and IT-enabled crimes. It is also trying to harmonise laws on the subject in the region so that offences in all states are common. A key part of the working party’s work is to get African countries to sign up to the Budapest Cyber-Crime Covention. It provides definitions of all computer-related crimes and acts as a guide to legislation. It also discusses: restitution and confiscation, jurisdictions, extradition. Most countries don’t know what the Convention entails and thus far only four countries have signed including Senegal and South Africa.

"One of the problems is jurisdiction. Cyber-crimes go beyond borders. It often takes time to convince other jurisdictions to extradite a person. Often criminals of this kind are ahead of the Government. Unless the issue of extradition is tackled, this kind of crime will flourish. Electronic crime takes seconds whereas extradition takes a very long time. The Budapest Convention is the basis for addressing this problem."

According to Interpol’s strategic goals described in the Interpol High Tech Crime Strategy, representatives of the academic sector attended this meeting as well. The current chairman is D.C. Myburgh from the National Computer Crime Unit of South Africa, Vice-Chairmen are Isaac Prah, Head of the ICT Unit in Accra, Ghana and Dominic Kisavi, Deputy OC Cyber Crime Unit Nairobi, Kenya.

The Technical Advisor to the Working Party is Professor Dana van der Merwe from the Department of Criminal and Procedural Law of the University of South Africa in Pretoria.

The group agreed unanimously on following objectives for the African Working Party on Information Technology Crime:
* Developing and making expertise available for combating IT crime in the region and inter-regional
* Develop and enhance partnerships with organizations, which deal with IT crime
* Establish, co-ordinate and promote the use of best practices in investigation and prevention of IT crime
* Increase information flow within the regional Computer Crime units
* Promotion of operating procedures standardization in the African region

The following initial projects were agreed upon:
* Project on legislation and comparative law existing in African countries with a view to have more African states co-signing and/or ratifying the Council of Europe Cybercrime Convention,
* Project on combining existing training courses in the African region countries and customise it to the regional needs
* Project on threat assessment and gap analysis concerning serious IT crimes

The last meeting was held from 10 to 11 June 2003 in Accra, Ghana and the next meeting will take place in Nairobi in February 2004.