Crooks gamble on internet success
Hi-tech money laundering might seem like something from a James Bond film, but criminals are learning new ways to use the net
Last weekend I finally got around to watching the recent Bond movie Casino Royale. Super-stakes poker, nail gun fights, parkouriste leaps between construction cranes - what's not to like? And Daniel Craig is suitably sociopathic in the lead role. (Yes, I know that's not how female viewers view him.)
One interesting element of the plot was how answering your mobile phone became a way of identifying yourself in a crowd: script writers have absorbed the way that nowadays in our eyes, if you pick up when I dial, you're my target. Again and again, Bond found his quarry by calling them.
But if you thought the hi-tech, high stakes world Bond inhabits was entirely fictional, then it might be worth thinking about the three radicals who used online poker sites to launder the cash they'd garnered from innocent net users. They would then buy equipment for insurgents in Iraq - plane tickets, GPS devices, night vision goggles, sleeping bags, knives and tents.
You don't have to be a fan of George Bush to realise that equipping insurgents isn't a friendly act: many hundreds of innocent Iraqis are dying as a result of the brutality there every month. So while some of the people playing poker online were imagining that they were up against Le Chiffre ("four jacks, Mr Bond"), somewhere around the virtual table real money was being diverted to real bad guys.
The three men convicted last month - Tariq al-Daour, Waseem Mughal and Younes Tsouli - used Windows-based trojans to steal information such as credit card numbers, and then allegedly laundered them using thousand-dollar tabs through dozens of online gambling sites.
According to the Washington Post), "All told, al-Daour and other members of the group conducted 350 transactions at 43 different online wagering sites, using more than 130 compromised credit card accounts. It didn't matter if they lost money on their wagering. Winnings were withdrawn and transferred to online bank accounts the men controlled."
Betfair, one of the companies named by the Post, has strenuously denied that the men laundered any money through it, saying "they were unsuccessful: they were identified; accounts were closed; and all relevant information was shared with the police."
This method though is precisely what I've always suspected about how criminals could use such sites for money laundering: buy a stake with a stolen credit card and play, say, poker badly with it against your own credit card, with which you collect your money. I've previously been assured that gambling sites which operate in the UK are so tightly regulated that that's impossible.
Well, the trio who were convicted were operating out of the UK. So either that regulation isn't quite that tight, and some of the sites are liable to being used for fraud, or else the police were watching every single step of what they were doing, waiting for the moment to strike. Except, as you'll see, they probably weren't.
Their exploits demonstrate that the internet is now another place where the effects of the "war on terror" are felt. George Bush might entreat the American public to "stay the course" in Iraq, warning people that terrorists will "follow us home" if the US fails in Iraq. Doonesbury has already lampooned this daft statement, while Steve Bell is making much of the comparison Bush then made with Vietnam. (Why, oh why, didn't any of the White House Press Corps ask "What was it about your extensive experience in Vietnam that persuaded you this would happen, Mr President?")
Well, here's the news, George: they're already using the place that many people think of as a second home to fund attacks on their first one.
The use of online gambling sites for money laundering brings a new dimension to the problem. In their way, these sites are a microcosm of the internet; poker players say that if you look around the table and you can't see the fool, it's you. Online gambling is an entire industry dedicated to finding the bigger fool online.
But the internet has become like that in its entirety: if you aren't certain that your computer is secured against trojans, worms, and every new variety of virus, then criminals think you're the fool sitting up at the table. Even then you may not be safe: phishing emails, after all, target the Human 1.0 operating system, which still has a lot of bugs.
In the end, the trio weren't however captured by some brilliant surveillance of activity on online gambling sites, even allowing for Betfair's protestations. Instead, it came after a 19-year-old Swede of Bosnian origin, Mirsad Bektasevic, was caught: he had saved one of their numbers on his personal mobile phone.
A very Bond-ish twist, I think you'll agree.
Charles Arthur
Friday August 31 2007
Guardian Unlimited
© Guardian News and Media Limited 2007
Hi-tech money laundering might seem like something from a James Bond film, but criminals are learning new ways to use the net
Last weekend I finally got around to watching the recent Bond movie Casino Royale. Super-stakes poker, nail gun fights, parkouriste leaps between construction cranes - what's not to like? And Daniel Craig is suitably sociopathic in the lead role. (Yes, I know that's not how female viewers view him.)
One interesting element of the plot was how answering your mobile phone became a way of identifying yourself in a crowd: script writers have absorbed the way that nowadays in our eyes, if you pick up when I dial, you're my target. Again and again, Bond found his quarry by calling them.
But if you thought the hi-tech, high stakes world Bond inhabits was entirely fictional, then it might be worth thinking about the three radicals who used online poker sites to launder the cash they'd garnered from innocent net users. They would then buy equipment for insurgents in Iraq - plane tickets, GPS devices, night vision goggles, sleeping bags, knives and tents.
You don't have to be a fan of George Bush to realise that equipping insurgents isn't a friendly act: many hundreds of innocent Iraqis are dying as a result of the brutality there every month. So while some of the people playing poker online were imagining that they were up against Le Chiffre ("four jacks, Mr Bond"), somewhere around the virtual table real money was being diverted to real bad guys.
The three men convicted last month - Tariq al-Daour, Waseem Mughal and Younes Tsouli - used Windows-based trojans to steal information such as credit card numbers, and then allegedly laundered them using thousand-dollar tabs through dozens of online gambling sites.
According to the Washington Post), "All told, al-Daour and other members of the group conducted 350 transactions at 43 different online wagering sites, using more than 130 compromised credit card accounts. It didn't matter if they lost money on their wagering. Winnings were withdrawn and transferred to online bank accounts the men controlled."
Betfair, one of the companies named by the Post, has strenuously denied that the men laundered any money through it, saying "they were unsuccessful: they were identified; accounts were closed; and all relevant information was shared with the police."
This method though is precisely what I've always suspected about how criminals could use such sites for money laundering: buy a stake with a stolen credit card and play, say, poker badly with it against your own credit card, with which you collect your money. I've previously been assured that gambling sites which operate in the UK are so tightly regulated that that's impossible.
Well, the trio who were convicted were operating out of the UK. So either that regulation isn't quite that tight, and some of the sites are liable to being used for fraud, or else the police were watching every single step of what they were doing, waiting for the moment to strike. Except, as you'll see, they probably weren't.
Their exploits demonstrate that the internet is now another place where the effects of the "war on terror" are felt. George Bush might entreat the American public to "stay the course" in Iraq, warning people that terrorists will "follow us home" if the US fails in Iraq. Doonesbury has already lampooned this daft statement, while Steve Bell is making much of the comparison Bush then made with Vietnam. (Why, oh why, didn't any of the White House Press Corps ask "What was it about your extensive experience in Vietnam that persuaded you this would happen, Mr President?")
Well, here's the news, George: they're already using the place that many people think of as a second home to fund attacks on their first one.
The use of online gambling sites for money laundering brings a new dimension to the problem. In their way, these sites are a microcosm of the internet; poker players say that if you look around the table and you can't see the fool, it's you. Online gambling is an entire industry dedicated to finding the bigger fool online.
But the internet has become like that in its entirety: if you aren't certain that your computer is secured against trojans, worms, and every new variety of virus, then criminals think you're the fool sitting up at the table. Even then you may not be safe: phishing emails, after all, target the Human 1.0 operating system, which still has a lot of bugs.
In the end, the trio weren't however captured by some brilliant surveillance of activity on online gambling sites, even allowing for Betfair's protestations. Instead, it came after a 19-year-old Swede of Bosnian origin, Mirsad Bektasevic, was caught: he had saved one of their numbers on his personal mobile phone.
A very Bond-ish twist, I think you'll agree.
Charles Arthur
Friday August 31 2007
Guardian Unlimited
© Guardian News and Media Limited 2007
