An Australian Federal policeman looks at a computer during the arrest of the self-proclaimed leader of the international hacking group LulzSec, the collective that claimed responsibility for infiltrating and shutting down the CIA website, in this photo released by the Australian Federal Police on April 24, 2013. Police said the 24-year-old IT worker, who held a position of trust at an international company, was arrested in Sydney on Tuesday evening and charged with hacking offences that carry a maximum penalty of 10 years. Glen McEwen, manager of cyber crime operations at Australian Federal Police, said the man was detained at work, where he had access to sensitive information from clients including government agencies. REUTERS/Australian Federal Police/Handout (AUSTRALIA - Tags: CIVIL UNREST POLITICS) ATTENTION EDITORS - FOR EDITORIAL USE ONLY. NOT FOR SALE FOR MARKETING OR ADVERTISING CAMPAIGNS. THIS IMAGE HAS BEEN SUPPLIED BY A THIRD PARTY. IT IS DISTRIBUTED, EXACTLY AS RECEIVED BY REUTERS, AS A SERVICE TO CLIENTS

Pretoria - A global multimillion dollar cyber crime syndicate - operating mainly from Sunnyside - was bust by the Hawks and their US counterparts this week.

Investigations by the Hawks and US Immigration and Customs’ Homeland Security Investigations directorate led to the arrest of 24 people spread across three countries, including 12 in South Africa, for cyber fraud.

US Homeland Security claims the West African transnational organised crime ring is behind numerous complex financial fraud schemes.

The fraud includes internet dating, reshipping scams, work-at-home scams and other financial and credit card fraud.

The 12 suspects arrested in the city appeared in the Pretoria Magistrate’s Court on Wednesday on charges of fraud and theft. They will be extradited to the US to be prosecuted in Mississippi.

Hawks spokesman Captain Paul Ramaloko said they were remanded in custody until the extradition application has been completed.

When the 11 Nigerian nationals and a South African woman were arrested earlier this week, computers, laptops, cellphones and notebooks were seized.

Police said Nigerian nationals were also arrested in Canada, Indianapolis and Atlanta. Seven American citizens were also arrested in New York, Georgia and Indiana, among other places.

The probe into the crimes was initiated by Homeland Security Investigations in 2011 after a woman was scammed on an online dating website.

She received a package from her suitor and was asked to reship it to Pretoria. A police investigation found the package had been bought using stolen personal information and fraudulent credit card information. Once the shipped packages arrived in Pretoria, the suspects advertised them on the internet for sale.

Some of the companies that lost money in the scams include the US Postal Service, DHL and Federal Express.

Homeland Security Pretoria attache Abraham Lugo said: “Our collaboration with the SAPS, Interpol and other government agencies, will increase public awareness of these crimes.

“Hopefully it will prevent people from falling victim to these schemes in the future.”

Cyber crime expert Beza Belayneh said online banking and dating are two of the biggest threats for local internet users to be scammed.

“There is a huge need for online banking and syndicates from West Africa and Eastern Europe target users. There needs to be a concerted effort from the public and private sector to try to solve the issue.

“We have policies and legislation around cyber crime, but they are hard to enforce.

“We need to have more awareness and education for internet users. We also need better prosecution for the crimes.”

Belayneh said it was easier for big companies to deal with the crimes than individuals.

“A lot of research is being done on the cost of the crimes but most of it is not reported. It is a silent epidemic, so we are not certain of the magnitude,” he said.

Eric Tamarkin, a consultant at the Institute for Security Studies, said South African policy makers should develop a cogent and multi-layered response to cyber crime. “The government should allocate clear cyber-security responsibilities to particular entities. The cabinet took a step in that direction by approving the Cyber Security Policy Framework on March 11, 2012. It identifies areas of responsibility for government departments and tasks the State Security Agency with overall accountability for the development and implementation of cyber-security measures.”

It was important to have 24/7 cyber-watch centres, he said. While the government has not yet sponsored watch centres, banks have funded the SA Banking Risk Information Centre (Sabric) to track and respond to cyber crime in the sector.

“South Africa should also develop robust Computer Emergency Readiness Teams to respond to cyber incidents, provide technical assistance to hacked businesses and disseminate timely notification on current and potential threats.

“Currently, the Computer Security Incident Response Team only offers limited assistance on cyber-security issues to government entities.

“To keep up with evolving and sophisticated cyber crime threats, law enforcement, prosecutors and public sector cyber professionals must receive training on current trends and techniques,” he said.

Meanwhile, eBay said it will be asking eBay users to change their passwords because of a cyber-attack that compromised a database with encrypted passwords and other non-financial data.

After conducting extensive tests on its networks, eBay said it had no evidence of the compromise resulting in unauthorised activity for users.

eBay had also found no evidence of any unauthorised access to financial or credit card information, which is stored separately in encrypted formats.

However, passwords changes were a best practice and would help enhance security for eBay users.

eBay users will be notified via e-mail, site communications and other marketing channels to change their passwords.

In addition to asking users to change their eBay passwords, the company has also urged eBay users who used the same password on other sites to change those passwords too. The same password should never be used across multiple sites or accounts.

Pretoria News