June 27, 2007 9:27 AM PDT
eBay targets Romanian fraudsters
- Related Stories
Selling stuff online? Here comes the IRSApril 13, 2007
Bulgarian woman charged in eBay conspiracyMarch 27, 2007
eBay CEO: Phishers threaten user trustMarch 8, 2007
'Harry Potter' author fights e-book fraud on eBayMarch 1, 2007
FBI nabs phishers in U.S., Eastern EuropeNovember 2, 2006
Microsoft to buy antivirus software makerJune 10, 2003
Matt Henley, a member of eBay's Fraud Investigations Team, spoke about the campaign while taking part in a two-day workshop in Sydney, Australia, with representatives of local law enforcement agencies.
Henley is in town to discuss the latest online fraud techniques with representatives from the Australian Federal police, the High-Tech Crime Centre, the Australian Crime Commission, ACMA and all the state and territory police forces.
The e-commerce site's internal fraud team first took note of a higher-than-usual amount of fraudulent activity from Eastern Europe in 2005.
"A huge percentage of the fraud we were seeing was from Romania," Henley said.
While schemes varied, many of the suspects set out to commit fraud after approaching eBay users who had narrowly lost an auction.
"The fraudster can see that a user that didn't win was prepared to spend $145 on a particular item," Henley explained. "They would then attempt to contact the user off the eBay platform to offer them a second chance. The No. 1 goal of these fraudsters was to pull users off of eBay--away from our security cameras, so to speak."
The fraudsters would first have to guess the e-mails of the losing bidders--most commonly by combining their eBay username with popular Web-mail domains.
"It's very common that users have the same username for their eBay as their e-mail," Henley explained. The would-be scammers would have a certain level of success, he said, "simply by sending out 50 e-mails of the most common domain names--including the eBay user name at Gmail, Hotmail, Yahoo."
A dearth of knowledge and resources
The scale of the fraud was such that eBay formed a dedicated team to look into the issue, hiring a team of analysts and lawyers to work with victims and the Romanian authorities to come up with some solutions.
The team's initial assessment attributed the Romanian problem to two central issues--a technology knowledge gap and a lack of resources to tackle cybercrime.
"What we found is that there is a huge gap between generations in Romania," Henley said. "There are 25- to 30-year-old criminals that are among some of the brightest we've ever dealt with. But law enforcement officials and magistrates might have never even used a computer."
The U.S.-based eBay team first took an education role, running road shows for law enforcers, and conducting a two-day course with the National Institute of Magistrates in Bucharest in conjunction with credit card companies Visa and MasterCard.
Last year, eBay and Microsoft also sponsored a National Cybercrime conference in Romania, talking about the online fraud issue with 200 law enforcement agencies.
Next, eBay attempted to address resourcing issues to fight cybercrime in the small East European state. Romania tends to base its resource allocation on population, so most of its law enforcement efforts in the country had been concentrated on its capital, Bucharest.
"Whereas we found that most of the fraud is coming from towns with populations of 50,000 or 100,000," Henley said.
In some of these towns, the eBay team found backlogs of 200 eBay-related fraud cases.
"The police presence in these towns often didn't even have an Internet connection," Henley said. "Some were using the same Internet cafes as the criminals, which was of grave concern to us."
The Romanian Police Force thus became the lucky recipients of eBay-donated Internet connections, computer equipment and digital cameras.
Since the campaign began three years ago, Henley claims that eBay has helped the Romanian authorities make "several hundred arrests" related to online fraud.
"Prior to this, nobody was being arrested," he said. "At least now there is the knowledge that there is a risk associated with being involved in this fraud."
Henley is in no doubt that another country like Romania will prove attractive to online criminals, but for now is satisfied that there is no one country more problematic than another.
"The next (problematic) country will be wherever there is the same pattern--highly trained people with little opportunities to make money legitimately," he said.
Brett Winterford of ZDNet Australia reported from Sydney.
3 commentsJoin the conversation! Add your comment