An Internet scam that lures would-be foreign investors into fraudulent schemes by posing as U.S. government regulators and Internet sites has prompted a warning from the North American Securities Administrators Association (NASAA), which warns investors are losing billions every year.
The NASAA highlighted an uptick in phony correspondence used by criminals to gain access, information and cash.
“The U.S. securities markets are known around the world for being among the safest and most fair, due in no small part to the rigorous and efficient regulatory systems in place here,” NASAA president and New Jersey Securities Bureau chief Franklin Widmann said in a statement. “Con artists are trying to cash in on our good name abroad to lure unsuspecting investors into risky penny stocks and advance fee schemes.”
Fooled by Phantom Regulators
Warning that several fake regulators have come to the attention of state securities regulators, NASAA said the “phantom regulators” claim to be based in the U.S. and often target overseas investors.
The association indicated some of the Web sites used in the scams look legitimate — including listed addresses and telephone numbers — but have no affiliation with real regulatory agencies as claimed. Some of the phony regulatory bodies reported were: the Regulatory Compliance Commission; the International Regulatory Commission; the International Compliance Commission; the International Shareholder Protection Division and the International Exchange Regulatory Commission.
“These Web sites offer nothing more than fancy window-dressing to lure investors into buying worthless securities from unlicensed stockbrokers,” Widmann said, referring to supposed verification of the brokers through the bogus regulatory bodies and sites.
Malicious Market Opportunity
Webroot Vice President of Threat Research Richard Stiennon told TechNewsWorld the universe of Internet users, particularly newcomers and less sophisticated users, are providing plenty of opportunity for Internet scammers.
“Scamming is filling every single available niche of a new market opportunity,” he said, indicating that with nearly 300 million new users per year, there is ample opportunity to use advanced social engineering to trick unwitting users.
Stiennon added that once again, social engineering — which is basically using false identity and information to trick users into downloading, donating or investing — are being used to target individual organizations.
The security expert downplayed user education, and stressed the only solution to the growing scams was harsher pursuit and penalties for offenders and international cooperation on the matter.
Making Millions, More to Come
Verisign/iDefense Intelligence Team senior engineer Ken Dunham told TechNewsWorld that so-called 419 attempts — a reference to the Nigerian e-mail flavor of fraudulent e-mail — are on the increase, as is the sophistication of such efforts, which amount to phishing or other financial ripoffs online.
“They used to be all similar in terms of tone and technique,” he said. “But now there are many different types of more targeted and sophisticated attacks taking place because they’re making millions on it.”
Dunham added despite some prosecutions and other actions aimed at holding such scammers accountable, the incidence of Internet scams is still definitely increasing.
“We expect to see more of that and the social engineering techniques are becoming increasingly strong and difficult to decipher,” Dunham said.