Top Insights into Cybercrime Investigations with Ken Gamble

Criminals feel safe hiding behind the internet. The ability to be anonymous makes them so bold that they even hire people and train them to be excellent salespeople, with the goal of taking your money. And many times they’re operating overseas, making it much harder for law enforcement to coordinate raids and arrests. All of these factors can make cybercrime investigations difficult. But unmasking and arresting these criminals isn’t impossible. See Cybercrime Investigations with Ken Gamble for a complete transcript of the Easy Prey podcast episode. Ken Gamble is a private investigator with over thirty-three years experience working all over the world. He has rescued kidnapped children from foreign countries, pursued large-scale cybercrime cases , served as a bodyguard, done corporate risk work for multinational corporations, and worked in over forty-five different countries. He has also built several companies over the years. An interest in cyber cases sparked near the dawn of the internet led him to his current venture: IFW Global, an independent international firm focused on investigating large-scale fraud. In 1995, Ken started working for Microsoft to investigate counterfeit Windows 95 programs. This investigation led him to look at the early internet. And he realized computers and the internet were going to attract so much crime. He was especially fascinated with how people hide behind websites and can set up false identities online . One of Ken’s first cybercrime investigations was for AOL. He tracked one of the world’s largest spammers to his hiding place in the Philippines and got him arrested. I saw this evolving [cyber] crime starting to happen, and I saw it at a very early stage. Ken realized quickly that there was no enforcement on the internet. It was, and still is, basically the Wild West. And as the internet got more sophisticated, so did the crimes, and there was still no global organization checking online fraud . That’s what led him to become one of the co-founders of the Internet Fraud Watchdog in 2007. Cybercrime is often an international crime. That makes cybercrime investigations and prosecutions much more challenging. If both the victim and the criminal are in the same country, often the legal system is willing to try. But once it goes international, then it requires international lawyers and international law enforcement, and it gets that much harder and more expensive to prosecute. The average scam uses twenty-five different jurisdictions. They have their fake company in one jurisdiction, their bank account in another, their IP address in another, and so on. The pieces of their crime are split up across so many jurisdictions that it’s extremely difficult to track or prosecute them. That’s why the internet has been so successful as a platform for criminals: Because they’re a jurisdictional nightmare. And some of the groups Ken investigates are sophisticated. In many high-tech, state-of-the-art criminal organizations, it’s impossible to track them electronically. The only way to take them down is with old-school detective work and physically infiltrating the organizations. The technology that lets people become anonymous online has become big business for criminals using it to hide themselves. But there are still ways to catch them. The criminal has to interact with the victim in some way, and that leaves some sort of footprints. Not all of these criminal organizations are state-of-the-art. And even in those that are, people can make mistakes. The bigger organizations have a lot of people working for them. Ken has cracked some cases because a low-level scammer forgot to turn on their VPN one day. The old days of following the money are gone. The whole fraud industry is set up so that the money doesn’t lead to the criminals. It only leads to money mules and money launderers. The launderers cash out the money and then transport it, sometimes physically, to the mastermind. You can’t trace that easily. You have to use other methods. The way this whole fraud industry is set up is that the money doesn’t lead directly back to the criminals, it leads to money launderers … the old days of following the money are gone. Ken and his team use a lot of sophisticated electronic tools and tracking software to track these criminals. But they also engage with the criminals. Many times, victims can re-engage with the fraudster. Especially if they say they want to send more money, the criminal will often respond. Ken’s team can then track those conversations and find jurisdictions. Because they’ve been doing this for so long, they also have a network of informants. It’s not unusual for these informants to give them information about where a group is operating. Sometimes it’s just a country; sometimes it’s as detailed as a specific office building. Most of Ken’s major cybercrime investigations successes have come through these insider informants. Insiders and informants reaching out to Ken and his team actually happens quite a lot. Much of this is because of the structure of many of these operations. A lot of the cybercrime Ken investigates are “boiler room” operations – call centers full of salespeople making calls to sell investments that don’t exist. These operations are profitable because once a victim is on the hook, they may throw hundreds of thousands of dollars into the investment. Sometimes people think they have a legitimate job and become whistleblowers when they learn the investments they’re selling aren’t real. Others are victims of a form of human trafficking . They’re lured to a foreign country, often in Southeast Asia, with a job offer, and the boss then takes their passport and forces them to scam people. Still others are initially attracted by the lure of making a ton of money, but their conscience later gets the better of them. A lot of workers at the lower level in these operations struggle with their consciences. But some don’t care. And the higher-ups are void of emotions. It’s a business – the people in charge don’t get emotionally involved. They’re there to get money, and they don’t care if they have to harm someone, physically or otherwise, to do it. Some of them have put hits out on Ken over the years because they see him as a threat to their business. These fraudsters can sound really polished, polite, and convincing on the phone, but in reality they’re gangsters. These scammers advertise their criminal jobs on platforms like Craigslist. There aren’t a lot of clear warning signs that a job is actually for a criminal organization. All they advertise for is telemarketers or salespeople. This is especially common in Southeast Asia. There are certain Craigslist channels where the boiler rooms commonly operate. The jobs offer attractive commissions for sales or telemarketing work. Sometimes they offer working from home as well. These are all normal things you would see in a job ad . They don’t announce it’s criminal. They lure you in with something that sounds normal and reasonable. But there comes a point where the telemarketer realizes it’s fraud. These organizations are so bold that they may threaten you or your loved ones with harm if you say anything. Or they may say that you committed the fraud, so you’re part of the enterprise – if they go down, you go down, but if you stay involved they can protect you. There are hundreds and hundreds of these call centers that are committing large-scale financial crimes across the world. These operations actually have physical call centers in many parts of the world, and they often have local police on payroll. That’s why they prefer to set up in countries where they can manipulate law enforcement. Southeast Asia is a popular area because there’s a lot of corruption. It’s also easy to get officials to turn a blind eye to fraud. Nobody’s being murdered or physically harmed, they’re just cleaning out the finances of gullible investors. During his time doing cybercrime investigations, Ken has found some common warning signs that an investment is a fraud. Those can translate into steps you can take to avoid putting your money into a fake investment. First of all, never deal with someone unless you can get on a video call with them and talk face-to-face. Cybercriminals hide behind a mask of being anonymous. You can avoid that by asking for a video call. If they won’t show their face, don’t do any business with them. They may say it’s company policy or for security reasons. In that case, don’t do business with that whole firm. Ken has seen investors put tens of millions of dollars towards an investment without spending even $1,000 doing basic checks. They don’t do their due diligence before investing. Instead, they believe what they see on a website or read in press releases published by the criminals themselves. Once they believe they’re getting a good deal, they’re going to throw money at the opportunity that’s really fake. The most extraordinary thing that I see on a regular basis is a complete lack of due diligence. If every hopeful investor did just a few steps of due diligence, Ken would have many fewer cybercrime investigations to keep him busy. The first step of due diligence he recommends is finding out basic information about the company. Check the domain to see when it was registered and whether it’s been registered in the name of a company or a person. If the name is masked by a domain proxy provider, that’s a red flag. Why don’t they want you to know who owns it? Find out how long the company has been operating. Where is the company registered? Who are the directors? Who’s the company managing director or president? These are all questions you can ask the caller on the phone. In fact, one of the best ways to catch a scammer is to ask where the company is domiciled and where the offices are. A scammer won’t be able to answer any of these questions because the company isn’t registered and isn’t real. Any answer they give you will be verifiably false. These scammers calling you will lie to you. They have scripts and they’re trained to lie to gain people’s confidence. They script out objections you might have and practice convincing you to invest anyway over and over again. It’s all sales, and these criminals are very good at what they do. They’re some of the best salespeople on the planet. They are highly trained salespeople who are there for one purpose, and that is to get you to give them money. Along with doing your due diligence, you can watch for other warning signs as well. Initial Public Offerings (IPOs) of stock and offering stocks or shares at a discount are a huge warning sign of a scam. Share certificates are another common story, but they are easily verifiable. A lot of bigger companies don’t offer share certificates anymore. You can easily check with the company and verify whether the certificates exist. If they do exist, you can contact the company and ask if the firm contacting you is licensed to sell them. The number one red flag of a scam is if a company is unregulated. If they are unregulated, do not do any business with them. It’s not uncommon that scammers will “clone” a regulated firm. They will set up a name similar to the regulated one, then claim to be the real, regulated one and direct the victim to the real company’s website if they doubt their authenticity. The victim feels like they’ve done their due diligence. But when the scammer sends the victim a link to set up an online account and actually transfer the money, it’s not the real company’s domain name. The victim sends their money to a company that’s really a clone. Even when doing your investing due diligence, don’t forget to watch out for other signs of cybercrime, like pressure to act right away and domain names that are just slightly different from real domains. Ken has said before that these cybercriminals are sophisticated, but he can’t overstate that fact. Not only that, but they are wealthy enough to purchase their own infrastructure in many places. Many cryptocurrencies, like Bitcoin , are actually traceable on the blockchain. But once it’s taken out at exit points, it’s much harder to trace. The big criminal groups are so sophisticated that they buy their own crypto exchanges in less-regulated countries. They will also buy banks , VoIP companies, telecommunication companies, and more. If you try to do cybercrime investigations through these entities, it will tip off the masterminds immediately. [Cybercrime] is becoming so sophisticated that the average government law enforcement agency is left in the dark. Because they’re so powerful and sophisticated, community law enforcement often isn’t able to help. These criminals are making hundreds of millions of dollars just in profits. And they’re engaging in all kinds of criminal activity, not just fraud. Law enforcement has traditionally classified fraud as a low-risk, low-level offense. But some of the biggest criminal groups in the world are raising money through fraud because it’s high-profit and low-risk. If a cybersecurity investigation can identify the offenders, unveil their identities, and prosecute them, you have a significant chance of getting at least some of your money back. Criminals hide behind the fact that they’re not identified. Ken has found a niche market in asset recovery and the ability to prosecute people and have them arrested. When Ken started arresting people, he found they were desperately trying to pay their way out of prison. In some of his earlier cases, focusing on asset recovery, he managed to get some criminals to settle their cases by paying back millions of dollars to their victims. Once he’s identified offenders, he can have their assets frozen and go after them with civil lawsuits and court orders. It worries them. He’s told some of them as they’re dragged off in handcuffs that the only way to get him off their back is to pay his client back. Unfortunately, this doesn’t work as well in countries where fraud is acceptable. Some governments, like South Africa, have a fantastic restitution process already set up in their justice system. But some companies, especially many in Southeast Asia, are more favorable to the criminal. But once you kick in the door with police and arrest them, you have a lot of leverage against them, and most have money to pay. Ken has used this kind of leverage very effectively against some criminal groups. In others, he’s won civil proceedings, gotten judgments, and taken money back through court orders. It does work, but it’s costly, and there’s a lot of work involved. The only way to get recovery from these people is to take the fight to them. That’s what we do. Ken wishes he could do more for the people who aren’t wealthy – people who have lost their life savings, but don’t have enough money to pay his fees. Financial crime is devastating. It’s the worst kind of crime because when you lose your financial freedom or the ability to retire happily, it can leave you in absolute ruin. Ken considers it one of the most devastating crimes against humanity. Some people say victim deserve it because they were greedy. But a lot of victims Ken has dealt with didn’t want to invest to get rich. They invested because they wanted to do their best for their kids, help their children pay for college, or to take a risk because they wanted their kids to have something better. Many victims are investing to help other people, not for themselves. Sure, some victims are greedy, and in a way irresponsible for not doing their due diligence. But mostly it’s parents who invest in what looks like the deal of a lifetime to help their children. Ken used to do undercover cybercrime investigations in the Philippines, and one of the things he did was go to bars where the boiler room workers drank. One he talked to was an American from Florida. The man, very drunk, broke down in tears. He knew he was stealing people’s dreams, and he felt really bad about it. And this was coming from a professional con man! They know the devastating effect that it has. At the end of the day, these criminals have to carry that on their conscience. Most of these people do have a conscience. They know what they’re doing is a crime, and they know it has devastating effects. The narrative of blaming greedy investors is actually part of the training they’re given. It’s a way to justify it to themselves and deal with the guilt. It’s amazing to see how scams have morphed from the old days of faxes and letters. Not too long ago, scams started with a letter in an envelope and would go on for weeks or months. Now the same scams are still happening, but at exponential speeds – sometimes a matter of hours. If things are moving fast, whether it’s financial, romantic, or anything else, take a step back. If you’re thinking about investing, take a step back. Talk to anyone, even just a family member, about what you’re thinking about doing to get a second opinion. And especially for investing, do your due diligence. If it’s unregulated, if they can’t tell you about the business, if they’re selling you stocks at a discount, don’t go near it. Simple due diligence will save you an enormous amount of money, grief, and heartache. You can save yourself from financial ruin by taking a deep breath and thinking about what you’re going to do. Find the red flags and you can save yourself. Learn more at IFW Global on their website, ifwglobal.com . They also have an inquiry form. If you have questions or want advice about scams, or if you lost money and want to know your recovery options, they’re more than happy to help.