Terrorists: Credit Card Fraud… Quiet Epidemic
Terrorists and Credit Card Fraud…a Quiet Epidemic
By Dennis Lormel
A few weeks ago while conducting research for a client; I came across a newspaper article from Toronto that immediately caught my attention. It reported the arrest of four men on charges of debit and credit card fraud for possessing numerous gift cards containing bank account and debit information from individuals in the United Kingdom (U.K.). Further investigation found laptop computers and memory sticks containing bank information for thousands of U.K. bank customers. What resonated was the fact the four subjects were believed to be associated with the Liberation Tigers of Tamil Eelam (LTTE) aka, the Tamil Tigers.
In November, I was in Toronto and met with a credit card fraud expert. I inquired as to whether he observed a nexus between credit card fraud and terrorists. He stated that Canada had a credit card fraud problem involving the Tamil Tigers. I knew there was a concern about the Tamil Tigers in Canada but I hadn’t previously been aware of the apprehensiveness about their involvement in credit card fraud.
The arrest of the two U.K. subjects above reminded me of the massive credit and debit card fraud case in the U.K. involving up to 200 British petrol (gasoline) stations. The subjects in that case were alleged to be Tamil Tigers. They obtained credit and debit card information at gasoline pumps through the use of skimming machines. The loss was estimated to be as much as $72,000,000.
Unfortunately, this problem does not receive the attention it deserves. It’s reminiscent to the Nigerian credit card fraud problem in the late 1970s. When I was a young Agent with the FBI, I worked Nigerian frauds. Invariably whenever an arrest was made the Nigerian subject had stacks of fraudulent credit cards in their possession. It was a quite epidemic that was never adequately addressed.
We should be extremely concerned about the scope of the credit card fraud problem involving terrorists. There is limited or no empirical data to gauge the extent of the problem. However, there are compelling signs that an epidemic permeates. Looking back at three specific cases, we get a snapshot of how serious the problem is.
1. Ali Al Marri was arrested in Illinois in December 2001 for having lied to FBI Agents about having contact with facilitators of the 9/11 terrorist attack. At the time of arrest, Al Marri had 36 credit card numbers and account information in his possession. A subsequent search of his computer found he had compiled over 1,000 credit card numbers and other identifying information.
2. Imam Samudra was the mastermind of the Bali bombing. Following his arrest he wrote an autobiography about his jihadist life. He wrote a chapter entitled “Hacking, Why Not.” In it, he urged fellow Muslim radicals to take holy war into cyberspace by attacking U.S. computers. Samudra described America’s computer network as being vulnerable to hacking, credit card fraud and money laundering. The chapter did not focus on specific techniques. It focused on how to find techniques on the internet and how to connect with people in chat rooms to perfect hacking and carding skills. It was a course of study for aspiring hackers and carders. Samudra discussed the process of scanning for websites vulnerable to hacking and then went on to discuss the basics of online credit card fraud and money laundering. One of the concerns posed by Samudra’s book was that it could serve as a roadmap leading terrorists to more accomplished hackers.
3. In the case of Younes Tsouli, aka Terrorist 007, and his two associates, Waseem Mughal and Tariq al-Daour, investigators in the United States (U.S.) and the U.K. determined the trio used computer viruses and stolen credit card accounts to set up a network of communication forums and web sites that hosted everything from tutorials on computer hacking and bomb making to videos of beheadings and suicide bombing attacks in Iraq. These individuals were not murderous terrorists like Samudra, but were facilitators for individuals who were, making them every bit as despicable. They raised funds through massive credit card information theft and fraud, which were used to support the communications, propaganda and recruitment for terrorists worldwide, as well as to purchase equipment for Jihadists in the field. One expert described their activities as “operating an online dating service for al-Qaeda.” The three men pled guilty to inciting terrorist murder via the internet.
The above cases are particularly troubling because of the upward trend of terrorists communicating on and using the internet as a learning tool. In both the Samudra and Terrorist 007 cases, they left their successful tradecraft on web pages and in chat rooms for aspiring terrorists to learn and grow from.
Congress should address this issue. There needs to be a series of hearings to assess the scope of the problem and the potential solutions, including the development of detective and preventive mechanisms such as enhanced credit card information security features. As part of this process, Congress should request the Government Accountability Office to conduct an investigation to determine the level of vulnerability that can be quantified concerning terrorist related credit card fraud and credit information theft.
Government agencies possessing investigative and intelligence information about terrorist related credit card fraud should go back into their open and closed case files. They should collect, collate and assess all terrorist related credit card information. For example, when terrorists are arrested, how many credit cards or how much credit card account information do they possess? Where and how did they obtain the information? What patterns or trends can be identified?
Epidemics are not eliminated by inaction or ignorance. The Nigerian credit card fraud problems of the late 1970s and 1980s attests to this. Epidemics can only be treated and eliminated through detective and preventive treatment.
The paradigm of this article is FALSE:
ID THEFT AND CREDIT CARD FRAUD CAN BE STOPPED: