The U.S. is awash with scam text messages. Officials say it has become a billion-dollar, highly sophisticated business benefiting criminals in China. From a report: Your highway toll payment is now past due, one text warns. You have U.S. Postal Service fees to pay, another threatens. You owe the New York City Department of Finance for unpaid traffic violations. The texts are ploys to get unsuspecting victims to fork over their credit-card details. The gangs behind the scams take advantage of this information to buy iPhones, gift cards, clothing and cosmetics. Criminal organizations operating out of China, which investigators blame for the toll and postage messages, have used them to make more than $1 billion over the last three years, according to the Department of Homeland Security. Behind the con, investigators say, is a black market connecting foreign criminal networks to server farms that blast scam texts to victims. The scammers use phishing websites to collect credit-card information. They then find gig workers in the U.S. who will max out the stolen cards for a small fee. Making the fraud possible: an ingenious trick allowing criminals to install stolen card numbers in Google and Apple Wallets in Asia, then share the cards with the people in the U.S. making purchases half a world away.

Read more of this story at Slashdot.

"A 29-year-old man has been arrested on suspicion of starting the Pacific Palisades fire in Los Angeles that killed 12 people and destroyed more than 6,000 homes in January," reports the BBC. "Evidence collected from Jonathan Rinderknecht's digital devices included an image he generated on ChatGPT depicting a burning city, justice department officials said." Mr Rinderknecht had been living and working in California, and moved to Florida shortly after the fire, according to authorities. The initial blaze Mr Rinderknecht allegedly started on New Year's Day was called the Lachman fire. Although it was quickly suppressed by firefighters, it continued to smoulder underground in the root structure of dense vegetation, according to investigators, before it flared up again above ground in a windstorm [nearly a week later]... He lit it with an open flame after he completed a ride as an Uber driver on New Year's Eve, according to the indictment. Two passengers rode with Mr Rinderknecht earlier on New Year's Eve. One passenger told investigators he remembered the driver had appeared agitated and angry. Officials said they had used his phone data to pinpoint his location when the fire initially started on 1 January, but when they pressed him on details he allegedly lied to investigators, claiming he was near the bottom of the trail... The phone also showed that he repeatedly called 911 just after midnight on New Year's day, but could not get through because of patchy mobile reception on the trailhead. There was a screen recording of him trying to call emergency services and at one point being connected with a dispatcher. Mr Rinderknecht also asked ChatGPT: "Are you at fault if a fire is lift [sic] because of your cigarettes?" Investigators said the suspect wanted to "preserve evidence of himself trying to assist in the suppression of the fire". "He wanted to create evidence regarding a more innocent explanation for the cause of the fire," the indictment said... In July 2024, five months before he allegedly set the fire, Mr Rinderknecht asked ChatGPT to create an image of a "dystopian painting" that included a burning forest and a crowd of people running away from a fire, according to investigators. The announcement from officials suggests they retrieved data about Rinderknecht's iPhone. It says after walking up the trailer Rinderknecht "listened to a rap song — to which he had listened repeatedly in previous days — whose music video included things being lit on fire."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Register: London cops on Tuesday arrested two teenagers on suspicion of computer misuse and blackmail following a ransomware attack on a chain of London preschools. London's Metropolitan Police said the two men, both aged 17, were taken into custody during an operation at residential properties in Bishop's Stortford, Hertfordshire. The arrests followed a September 25 referral from the UK's Action Fraud reporting center detailing a ransomware attack on the preschools. While the Met police didn't name the schools, the timing of the referral coincides with a digital break-in at Kido International, a preschool and daycare organization that operates in the UK, US, and India. In a very aggressive -- and disgusting -- attempt to extort a ransom payment from Kido, the criminals published profiles of 10 children, including photos, names, and home addresses, along with their parents' contact details and in some cases places of work, threatening to expose more if the ransom demand wasn't met. A new crime crew calling itself the Radiant Group claimed responsibility for the attack, and posted the preschool's name, along with its pupils' profiles, as the first leak on its dark web site. The ransomware gang later deleted the kids' and parents' data, apparently under pressure from other criminals -- but not before some of the parents reported receiving threatening calls.

Read more of this story at Slashdot.

Police arrested 33-year-old Joseph Mayuyo after a series of online threats forced TikTok to evacuate its Culver City headquarters. TechCrunch reports: A press release from the Culver City Police Department says that TikTok employees reported receiving multiple threats, across various social media platforms, from 33-year-old Hawthorne resident Joseph Mayuyo. After an additional message threatened TikTok's Culver City headquarters, police say company security evacuated the office "out of an abundance of caution." Police then investigated Mayuyo's home, according to the press release. During the investigation, he allegedly posted additional threatening statements, including one declaring that he would not be taken alive. Detectives obtained search and arrest warrants, and they negotiated with Mayuyo for 90 minutes before he voluntarily exited his home and was taken into custody, the police department says. Business Insider reports that one TikTok employee described the threats as "really scary," while another was concerned that they seemed to specifically target the e-commerce department. Mayuyo's X account has reportedly been suspended for violating the platform's hateful content policy. A Medium account under his name published a post in July criticizing TikTokShop USA as a "scam."

Read more of this story at Slashdot.

alternative_right shares a report from the Smoking Gun: Minutes after vandalizing 17 cars in a Missouri college parking lot, a 19-year-old sophomore had a lengthy ChatGPT conversation during which he confessed to the crime, asked about the possibility of getting caught, and wondered, "is there any way they could know it was me," according to a police probable cause statement. Ryan Schaefer was arrested yesterday and charged with felony property damage for a rampage early Sunday at a Missouri State University parking lot. Investigators allege that Schaefer shattered car windows, ripped off side mirrors, dented hoods, and broke windshield wipers during the 3 AM spree. When confronted with surveillance footage and other evidence, Schaefer said that he could see the resemblance between the suspect and himself. At that point, Schaefer reportedly consented to a search of his iPhone. A subsequent review of the device revealed location data placing Schaefer "at or near the scene of the crime," as well as a "troubling dialogue exchange this defendant seems to have had with artificial intelligence software installed on his phone," prosecutors reported. The incriminating ChatGPT conversation can be found here.

Read more of this story at Slashdot.

Charlie Javice, founder of college financial-aid startup Frank, was sentenced to over seven years in prison for defrauding JPMorgan by inflating user numbers before the bank's $175 million acquisition. CNN reports: Javice, 33, was convicted in March of duping the banking giant when it bought her company, called Frank, in the summer of 2021. She made false records that made it seem like Frank had over 4 million customers when it had fewer than 300,000. Addressing the court before she was sentenced, Javice, who was in her mid-20s when she founded the company, said she was "haunted that my failure has transformed something meaningful into something infamous." Sometimes speaking through tears, she said she "made a choice that I will spend my entire life regretting." Judge Alvin K. Hellerstein largely dismissed arguments by Javice's lawyer, Ronald Sullivan, that he should be lenient because the negotiations that led to Frank's sale pitted "a 28-year-old versus 300 investment bankers from the largest bank in the world." Still, the judge criticized the bank, saying "they have a lot to blame themselves" for after failing to do adequate due diligence. He quickly added, though, that he was "punishing her conduct and not JPMorgan's stupidity." Javice was among a number of young tech executives who vaulted to fame with supposedly disruptive or transformative companies, only to see them collapse amid questions about whether they had engaged in puffery and fraud while dealing with investors.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: A Chinese national has been convicted following an international fraud investigation which resulted in what's believed to be the single largest cryptocurrency seizure in the world. The Metropolitan Police says it recovered 61,000 bitcoin worth more than $6.7 billion in current prices. Zhimin Qian, also known as Yadi Zhang, pleaded guilty on Monday at Southwark Crown Court of illegally acquiring and possessing the cryptocurrency. A second person appeared in court on Tuesday to admit to their role in the scheme. Malaysian national Seng Hok Ling, of Matlock, Derbyshire, pleaded guilty at Southwark Crown Court of entering into a money laundering arrangement on or before April 23, 2024. According to the charge, he had been dealing in cryptocurrency on Qian's behalf, "knowing or suspecting his actions would facilitate the acquisition or control of criminal property by another." Between 2014 and 2017 Qian led a large-scale scam in China which involved cheating more than 128,000 victims and storing the stolen funds in bitcoin assets, the Met said in a statement. It said the 47-year-old's guilty plea followed a seven-year probe into a global money laundering web which began when it got a tipoff about the transfer of criminal assets. Qian had been "evading justice" for five years up to her arrest, which required a complex investigation involving multiple jurisdictions, said Detective Sergeant Isabella Grotto, who led the Met's investigation. She fled China using false documents and entered the UK, where she attempted to launder the stolen money by buying property, said the Met. "By pleading guilty today, Ms Zhang hopes to bring some comfort to investors who have waited since 2017 for compensation, and to reassure them that the significant rise in cryptocurrency values means there are more than sufficient funds available to repay their losses," said Qian's solicitor Roger Sahota, of Berkeley Square Solicitors. "Bitcoin and other cryptocurrencies are increasingly being used by organised criminals to disguise and transfer assets, so that fraudsters may enjoy the benefits of their criminal conduct," added deputy chief Crown prosecutor, Robin Weyell. "This case, involving the largest cryptocurrency seizure in the UK, illustrates the scale of criminal proceeds available to those fraudsters."

Read more of this story at Slashdot.

An anonymous reader quotes a report from CBS News: A pair of e-commerce entrepreneurs who bought a number of well-known retail brands -- including RadioShack, Modell's Sporting Goods and Pier 1 Imports -- out of bankruptcy are accused of running a Ponzi scheme. The Securities and Exchange Commission on Monday accused Alex Mehr and Tai Lopez, founders of the Miami-based Retail Ecommerce Ventures (REV), of defrauding investors out of approximately $112 million. Through their holding company, Mehr and Lopez acquired distressed brick-and-mortar companies in order to turn them into successful, online-only brands. Dress Barn and Linens 'n Things were also among their acquisitions. [...] The SEC's suit alleges that between 2020 and 2022, Mehr and Lopez, "made material misrepresentations" to hundreds of investors about the bankrupt retailers they had acquired. For example, to entice individuals to invest in their acquisitions, they said their portfolio companies were "on fire" and that "cash flow is strong." They also told prospective backers that money raised for a company would only be invested in that specific firm. That proved not to be the case, according to the SEC's lawsuit, which was filed Monday in the U.S. District Court for the Southern District of Florida. "Contrary to these representations, while some of the REV Retailer Brands generated revenue, none generated any profits," the suit states. "Consequently, in order to pay interest, dividends and maturing note payments, Defendants resorted to using a combination of loans from outside lenders, merchant cash advances, money raised from new and existing investors, and transfers from other portfolio companies to cover obligations." The SEC alleges that at least $5.9 million of returns paid to investors were actually Ponzi-like payments funded by other investors, as opposed to companies' profits. Additionally, the federal regulatory agency claims that Mehr and Lopez allocated $16 million worth of investments for their own use, according to the filing.

Read more of this story at Slashdot.

Amazon will pay $2.5 billion to settle Federal Trade Commission allegations that it duped users into paying for Prime memberships, the regulatory agency announced Thursday. CNBC: The surprise settlement comes as Amazon and the FTC were just three days into the trial in a Seattle federal court. Opening arguments took place on Tuesday. The lawsuit, filed by the FTC in June 2023 under the Biden administration, claimed that Amazon deceived tens of millions of customers into signing up for its Prime subscription program and sabotaged their attempts to cancel it. Three senior Amazon executives were at risk of being held individually liable if the jury sided with the FTC. Amazon will pay a $1 billion civil penalty to the FTC and will refund $1.5 billion to an estimated 35 million customers who were impacted by "unwanted Prime enrollment or deferred cancellation," the agency said.

Read more of this story at Slashdot.

It was "little more than empty fields" five years ago — but it's now "a vast, heavily guarded complex stretching for 210 hectares (520 acres)," reports the Guardian, "the frontline of a multibillion-dollar criminal fraud industry fuelled by human trafficking and brutal violence." Myanmar, Cambodia and Laos have in recent years become havens for transnational crime syndicates running scam centres such as KK Park, which use enslaved workers to run complex online fraud and scamming schemes that generate huge profits. There have been some attempts to crack down on the centres and rescue the workers, who can be subjected to torture and trapped inside. But drone images and new research shared exclusively with the Guardian reveal that the number of such centres operating along the Thai-Myanmar border has more than doubled since Myanmar's military seized power in 2021, with construction continuing to this day. Data from the Australian Strategic Policy Institute (Aspi), a defence thinktank in Canberra, shows that the number of Myanmar scam centres on the Thai border has increased from 11 to 27, and they have expanded in size by an average of 5.5 hectares a month. Drone images and photographs of KK Park and other Myanmar scam centres, Tai Chang and Shwe Kokko, taken by the Guardian in August show new features and active building work... Myanmar's military junta has allowed the spread of scam centres inside the country as these criminal enterprises have become an essential part of the country's conflict economy since the coup, helping it rise to the top of the global list of countries harbouring organised crime. According to Aspi's analysis, Myanmar's military, which has lost huge swathes of territory since the coup and is struggling to retain its grip on power, cannot take meaningful measures against the scam compounds without endangering its precarious relations with the crucial armed militias who are profiting from them. While 7,000 people were freed from the compounds earlier this year, "Thai police estimated earlier this year that as many as 100,000 people were held inside Myanmar scam centres," the article notes. Elsewhere the Guardian reports that "The centres are run by Chinese criminal gangs," and describes people who unwittingly came to Thailand for customer service jobs, only to be trafficked to Myanmar's guarded "cyberslavery compounds" and "forced to send thousands of messages from fake social-media profiles, posing as a rich American investor to swindle US real estate agents into cryptocurrency scams." Since 2020, south-east Asia's cyber-slavery industry has entrapped hundreds of thousands of people and forced them to perform "pig butchering" — the brutal term for building trust with a fraud target before scamming them. At first, the industry mostly captured Chinese and Taiwanese people, then it moved on to south-east Asians and Indians — and now Africans. Criminal syndicates have been shifting towards scamming victims in the US and Europe after Chinese efforts to prevent its citizens being targeted, experts told the Guardian. That has led some trafficking networks to seek recruits with English-language and tech skills — including east Africans, thousands of whom are now estimated to be trapped inside south-east Asian compounds, says Benedikt Hofmann, the UN Office on Drugs and Crime's representative for south-east Asia and the Pacific. Thanks to long-time Slashdot reader mspohr for sharing the article.

Read more of this story at Slashdot.

The Washington Post covers "a string of false reports of active shooters at a dozen U.S. universities this month as students returned to campus." The FBI is investigating the incidents, according to a spokesperson who declined to specify the nature of the probe. While universities have proved a popular swatting target, the agency "is seeing an increase in swatting events across the country," the FBI spokesperson said... Local officials are frustrated by the anonymous calls tying up first responders, straining public safety budgets and needlessly traumatizing college students who grew up in an era in which gun violence has in some way shaped their school experience... The recent string of swattings began Thursday with a false report to the University of Tennessee at Chattanooga, quickly followed by one about Villanova University later that day. Hoaxes at 10 more schools followed... Villanova also received a second threat. As the calls about shootings came in, officials on many of the campuses pushed out emergency notifications directing students and employees to shelter in place, while police investigated what turned out to be false reports. (Iowa State was able to verify the lack of a threat before a campuswide alert was sent, its police chief said. [They had a live video feed from the location the caller claimed to be from.]) In at least three cases, 911 calls reporting a shooting purported to come from campus libraries, where the sound of gunshots could be heard over the phone, officials told The Washington Post... Although false bomb reports, shooter threats and swatting incidents are not new, bad actors used to be more easily traceable through landline phones. But the era of internet-based services, virtual private networks, and anonymous text and chat tools has made unmasking hoax callers far more challenging... In 2023, a Post investigation found that more than 500 schools across the United States were subject to a coordinated swatting effort that may have had origins abroad... [In Chattanooga, Tennessee last week] a dispatcher heard gunfire during a call reporting an on-campus shooting. "We grabbed everybody that wasn't already out on the street and got to that location," said University of Tennessee at Chattanooga Police spokesman Brett Fuchs. About 150 officers from several agencies responded. There was no shooter. The New York Times reports that an online group called "Purgatory" is "suspected of being connected to several of the episodes, including reports of shootings, according to cybersecurity experts, law enforcement agencies and the group members' own posts in a social media chat." (Though the Times, couldn't verify the group's claims.) Federal authorities previously connected the same network to a series of bomb scares and bogus shooting reports in early 2024, for which three men pleaded guilty this year... Bragging about its recent activities, Purgatory said that it could arrange more swatting episodes for a fee. USA Today tries to quantify the reach of swatting: Estimated swatting incidents jumped from 400 in 2011 to more than 1,000 in 2019, according to the Anti-Defamation League, which cited a former FBI agent whose expertise is in swatting. From January 2023 to June 2024 alone, more than 800 instances of swatting were recorded at U.S. elementary, middle and high schools, according to the K-12 School Shootings Database, created by a University of Central Florida doctoral student in response to the Parkland High School shooting in 2018.tise is in swatting... David Riedman, a data scientist and creator of the K-12 School Shooting Database, estimates that in 2023, it cost $82,300,000 for police to respond to false threats. Thanks to long-time Slashdot reader schwit1 for sharing the news.

Read more of this story at Slashdot.

Davis Lu, a former Eaton Corporation developer, has been sentenced to four years in prison for sabotaging his ex-employer's Windows network with malware and a custom kill switch that locked out thousands of employees once his account was disabled. The attack caused significant operational disruption and financial losses, with Lu also attempting to cover his tracks by deleting data and researching privilege escalation techniques. BleepingComputer reports: After a corporate restructuring and subsequent demotion in 2018, the DOJ says that Lu retaliated by embedding malicious code throughout the company's Windows production environment. The malicious code included an infinite Java thread loop designed to overwhelm servers and crash production systems. Lu also created a kill switch named "IsDLEnabledinAD" ("Is Davis Lu enabled in Active Directory") that would automatically lock all users out of their accounts if his account was disabled in Active Directory. When his employment was terminated on September 9, 2019, and his account disabled, the kill switch activated, causing thousands of users to be locked out of their systems. "The defendant breached his employer's trust by using his access and technical knowledge to sabotage company networks, wreaking havoc and causing hundreds of thousands of dollars in losses for a U.S. company," said Acting Assistant Attorney General Matthew R. Galeotti. When he was instructed to return his laptop, Lu reportedly deleted encrypted data from his device. Investigators later discovered search queries on the device researching how to elevate privileges, hide processes, and quickly delete files. Lu was found guilty earlier this year of intentionally causing damage to protected computers. After his four-year sentence, Lu will also serve three years of supervised release following his prison term.

Read more of this story at Slashdot.