| | | Effective PR

Hotmail.com current favourite of internet fraudsters

Editorial Staff

Internet fraudsters migrate from service to service, using the safety and security provided by anonymous e-mail services. A review of fraudulent accounts at a number of sites has shown that the current favourite is hotmail.com. Nigel Morris-Cotterill, a money laundering risk management strategist, calls for proper policing of free e-mail accounts and domain registrations, saying that the present free-for-all should end.

Services such as hotmail.com are so huge that many website owners are unable to block the creation of accounts opened using that domain for fear of losing real business.

However, the cost of keeping fraudulent accounts out of websites - where the fraudsters use services such as forwarding pages or comments pages to promote their fraudulent activities - is rapidly rising.

The current favourite, a review of websites within The Anti Money Laundering Network reveals, is hotmail.

Nigel Morris-Cotterill, Head, The Anti Money Laundering Network (our parent company), says "our logs show dozens of fraudulent accounts are opened at both our professional and direct-to-public websites using the same e-mail addresses at hotmail.com. One, www.financialcrimeforum.com, has had more than two dozen fraudulent accounts created in the past 48 hours. Records show that the same account information is used to open accounts at a number of our sites. This leads to a cost that cannot be recovered."

On Morris-Cotterill's group sites, fraudsters do not have access to any information that is not already publicly available but they are able to complete forms and waste the website owner's time and resources; they are also able to post messages and in some cases forward pages with their own fraudulent messages attached.

"Our terms of access say that it no one may create an account for the purposes of marketing any goods or services. Therefore the creation of such accounts constitutes illegal access to our site. However, records show that many of the accesses are through what appear to be slave machines - the IP addresses used by the fraudsters are inconsistent across our sites, even for the same user. This pattern is not readily explained by the change of IP addresses for dynamic IP: for example, as more and more internet users have "always on" connections, their IP addresses remain the same for several days, at least. Their connections are kept alive by the use of wifi for mobiles and with services such as Whatsapp checking in every few minutes, the connection never appears, to the ISP, to be unused," said Morris-Cotterill.

For business to business services, this is not an issue, says Morris-Cotterill because businesses will often not deal with anonymous senders, but for websites targeted at individuals, who do not have personal domain names, businesses find it difficult to block free e-mail services.

"We have, across all of our sites, blocked many free and anonymous services so that users of them cannot register accounts. Hotmail.com had fallen out of favour with fraudsters and so we had allowed it access. But now it's become a problem and so it is again blocked. For websites such as "GoodByeOldFriend.Com this limits our potential customer base. However, ironically, it also limits the number of fraudulent tributes that can be posted and, therefore, cost substantial management time to repair," said Morris-Cotterill

Morris-Cotterill said that the incidence of fraudulent accounts originating at some top level domains means that a threat assessment must be made: is the number of potential customers originating in some areas sufficient to justify the time spent in management?

"The problem is exacerbated by domain registration processes which require no or insufficient identification of domain registrants," he continued. "for example, we now block all incoming mail and account registration from all .info, and .cc domains. We are looking at adding to that list. But ubiquitous TLDs such as .com cannot, obviously, be blocked. We notice a significant increase in .com addresses that have been created solely for fraudulent purposes."

Morris-Cotterill says that the system is in need of a serious overhaul. "Right now, businesses are suffering ever-increasing costs not only from spam which has had all the attention from governments but also from fraudsters opening accounts at websites and using them for criminal purposes. It is not right that those costs should fall on millions of, often small, businesses. Currently, the only option is for website owners to form their own view as to fraudulent domains, using internet based tools and search engines to identify fraudulent domains and/or users. That is very time consuming.

"The United Nations is considering control of various aspects of the internet but it is missing the critical point: the current system not only allows, it actively facilitates anonymous and fraudulent use. Even in countries where a business name must be registered in order to be legally used, there is rarely any provision for the attaching of a domain to a legal business and for that information to be publicly available. Indeed, anonymising services are commonplace."

This, Morris-Cotterill emphasises, is not only a matter of concern to commerce: it's a matter of national security. "Everyone in the intelligence community knows that the simplest way for criminals, including money launderers and terrorists, to interact yet stay below the radar is for an e-mail to be created in an anonymous webmail account and then put in the drafts folder only to be opened by the intended recipient. Because the mail is not sent, it does not pass through any monitoring systems. In short, it's an electronic drop box accessible from anywhere in the world."

"It is time, for the good of society, for anonymous e-mail accounts to be outlawed worldwide: there is a body with power to begin to implement this - The Financial Action Task Force which oversees the global development of counter-money laundering and anti-terrorist financing laws. By definition, where criminals are using free and anonymous e-mail accounts for profit, there is a direct money laundering connection. The connection to terrorism has already been formally established."

Further, says Morris-Cotterill, it is necessary for the protection of society - and to reduce costs to businesses - that there should be a mechanism for immediately shutting down, without warning but with an appeals procedure, domains that are used for fraudulent activity, including cybersquatting. There should also be a vetting process to ensure the legitimacy of new domains. Morris-Cotterill argues that the focus of government has so far been on the use of services such as free and anonymous e-mail and fraudulent web sites but that the burden of trying to police the activities of criminals and preventing their activities has fallen on businesses. That burden, he says , should fall on the service providers and on those who sell domains. He points out that banks and other financial institutions. have to monitor accounts for suspicious use: the technology can, with a little modification, be applied to free e-mail accounts and even to SMS services, he says.

"Will this make domain purchase more expensive and mean that e-mail accounts have a charge? Yes, and it is right that it should be. The current free-for-all is prejudicing legitimate business interests - businesses have to race with criminals to claim their domain names in new TLDs before fraudsters and domain squatters get their hands on them, often holding companies to ransom. Add in that criminals register "near-enough" domain names and then fill them with - in one case involving a major bank - gruesome pornography, it's not only expensive, it's a major risk to the reputation of an entirely innocent business. The internet is too mature and to all-pervasive to be run like a frontier town, all to often for the benefit of the bandits," Morris-Cotterill concluded.


Nigel Morris-Cotterill is Head, The Anti Money Laundering Network, our parent company (www.antimoneylaundering.net). In the mid-1990s, he published the widely cited paper "The Use and Abuse of the Internet in Fraud and Money Laundering" . He is also author of "How Not To Be A Money Launderer" and "Sun Tzu and the Art of Litigation." See www.countermoneylaundering.com