In 2013, two businessmen with various business operations in Kampala filed a case against a logistics firm. It email fraud case. This case was investigated for about two years. And this is one of the most common tricks used by attackers to defraud people.
How it was committed.
Because of the ability to purchase a domain, the fraudster was able to create a domain indicating he is responsible for shipping particular cargo and items from one country to another. He sent out an email to group of people. Of the many, two fell victim of it. It involved them to send money to a bank account registered in one of the local banks. It was on this basis they would be given their license and clearance to ship particular type of items.
How the investigation was done.
Using tools like on- line investigative tools for domain, the forensics investigators were able to retrieve an IP address which was linked to a particular company. The investigators went to the company and interviewed each of the five staff. They carried out search of the whole setup and covered source documents. These included payment papers for the purchase of the domain with a telephone number of the contact person.
The telephone number was tracked through telecom companies. The forensics investigators were able to get the particular individual of the phone. But it was not sufficient enough. The investigators had to recover the computers that were used.
With the use of the forensics accepted tools like ENACSE, FTK, investigators retrieved all the vital communication between fraudster and the victim. So that was how investigators were able to zero down to fraudster. The fraudster was sentenced to eight years in prison.
This case was under the Computer Misuse Act. Court orders were issued to assist investigators during cross examination. This is how the forensics investigators managed to beat the fraudsters.
Another fraud case scenario involved social media fraud majorly Facebook. Under social media fraud, most of the targets are charity organizations, churches and people running orphanage.
In this case, someone opened up an account in the name of one famous religious leaders. He informed fellowship organizations abroad see for monetary support. He opened a bank account using forged documents. He affiliated himself to a church. He had Facebook and Twitter pages. The fraudster got many followers and friends. He would post photos of the orphanages which are easy to get.
Using tools like Photoshop and CS InDesign, he cropped and put himself in photos pretending to be part of the team giving out aid. More money was sent to this person.
By time donors got to realize was when one of the agencies abroad requested to visit him. It became very difficult to see the actual person. In reality the orphanage was non- existing.
How the fraudster convicted.
The fraudster had registered the telephone numbers in different names. The beauty of it was the hand held device was able to be recovered. This was done using its International Mobile Equipment Identifier (IMEI). The hand held device led the forensics investigators to different people who were using this phone.
The bank account was inspected. Money was coming. The forensics team worked hand in hand with the bank so that anyone who comes to withdraw the money, they notify police. One individual was arrested.
On further investigations, this was a group of young people. This fraudster was common in town defrauding people through fake Facebook accounts.
In a nutshell, do not just believe what you have been sent is truly genuine. People are outside there to sniff any amount of money that is near to them. People want to assist. Fraudsters exploit this willingness and compassionate heart of others to delict money from them. Stay on the watch!
SOURCE: SUMMIT BUSINESS MAGAZINE. NET VOL. 09 ISSUE 05 October 2016.