WWW – the new frontier in fraud

Welcome to the latest frontier in white-collar crime, where just finding the criminals is often the greatest challenge.

Charges filed last week in Federal District Court in Manhattan in two seemingly unrelated cases give a small peek into the dark world of online crime, in which client information is swapped and the proceeds are sent over networks using new digital currency. As The New York Times reported, what may tie the cases together is a suspected link to the hacking of JPMorgan Chase’s network in 2014. In that incident, contact information for 83 million customer and small-business accounts was obtained, although the bank says that no financial information such as account numbers was taken.

The security breach appears to have some connection to hackers operating in Russia. That makes it more challenging to find the perpetrators because of that nation’s continuing political tensions with the United States. Who was behind the breach, and how the information might have been used, remains shrouded in mystery at this point.

The charges filed last week in the two cases make no mention of hacking into JPMorgan’s network, and it is unclear whether any of the bank’s client contact information was used or sold. But there are hints at how defendants in one case might have used the information from the breach.

The Justice Department charged three men with securities fraud, identity theft and money-laundering conspiracy related to manipulation of penny stocks in 2011 and 2012, in what are known as pump-and-dump schemes. Two of the defendants, Gery Shalon and Ziv Orenstein, are Israeli citizens. They were arrested there last week and are being held. The third defendant, Joshua Samuel Aaron, is an American citizen living in Israel who is thought to have been in Russia recently, but he has not yet been arrested.

The indictment is a bare-bones set of allegations that gives few details about how the shares were manipulated. A statement by Preet Bharara, the United States attorney in Manhattan, asserts that the defendants funneled “millions of dollars in unlawful proceeds through a web of international shell companies.” But the indictment itself has nothing about how much money they made from the scheme or the amount of losses that investors suffered. The money-laundering conspiracy references transactions totaling about $1 million, but little else about any connection to the penny-stock fraud.

The government’s filing is clearly a placeholder intended to allow the Justice Department to request the arrest of the three defendants by Israeli authorities and begin the extradition process. We can expect more details as the government supplies evidence to have Mr. Shalon and Mr. Orenstein sent to the United States, but those proceedings can be slow if the defendants fight extradition.

It may seem far-fetched that the JPMorgan breach figures into a penny-stock fraud. But a pump-and-dump scheme is built on the axiom attributed to P.T. Barnum that “there’s a sucker born every minute.” To make such a fraud work requires finding enough gullible investors to buy shares in thinly traded companies so that those who control the shares can sell their positions.

The indictment accuses the three defendants of sending out spam email that promoted the shares of various companies to generate buying interest. Because penny stocks are not followed by the major brokerage firms, it is easy to drive up the price through sham trading and false rumors and make the so-called suckers think that the price is escalating because of corporate developments. A price rise of just 50 cents from the pump can generate enormous profits when millions of shares are quickly dumped.

The lifeblood of this type of fraud is a fresh supply of potential customers, so gaining access to the JPMorgan customer contact information could be quite valuable. Prosecutors have not yet shown such a link between the security breach and the defendants. But it is a tantalizing possibility that customer information was used for something as prosaic as an old-fashioned penny-stock fraud.

The links between the pump-and-dump scheme and the JPMorgan attack grow with the second case filed last week in Manhattan against Anthony R. Murgio and Yuri Lebedev. That complaint accuses them of operating an illegal money-transfer firm called Coin.mx that converted Bitcoin, the digital currency, into cash for criminals. The Times described on Sunday how Bitcoin had become “a new preferred method for hostage takers” who seize computers and websites and then demand ransom payments in the form of the digital currency.

A memorandum from the Federal Bureau of Investigation written last year identified Mr. Murgio as having some link to the JPMorgan breach, although the details remain sketchy. In an interesting twist, Mr. Murgio and Mr. Levedev attended Florida State University with Mr. Aaron, the missing defendant in the penny-stock case who was last thought to be in Russia.

The penny-stock defendants are accused of using accounts for Cyprus-based shell companies to launder the profits from the stock sales. The complaint against the Bitcoin exchange defendants describes using accounts in Cyprus, Hong Kong and Eastern Europe for their transactions. Mr. Murgio is also accused of taking control of a credit union in New Jersey to process transactions, showing the vulnerability of domestic financial institutions to misuse.

This all may be just a grand coincidence, but it shows the web of connections in the world of online crime and the challenges that investigators face when they try to build cases. Digital currency can disappear in the blink of an eye and bounce through numerous accounts in places where there is little transparency. Penny-stock frauds can be conducted anywhere in the world as long as there is access to servers and email.

We have become accustomed to hearing about computer network attacks and identity theft involving a number of different companies. And the controversy about Bitcoin being involved for illegal transactions is nothing new.

Yet, unlike other types of white-collar crime such as insider trading, prosecutors are struggling to even identify suspects behind these attacks, let alone preventing them from being so profitable.

In the Old West, it was a matter of chasing down train robbers like Butch Cassidy and the Sundance Kid. Today, it requires penetrating the layers of secrecy provided by the Internet and countries that encourage bank secrecy. It is easy to see that a crime has taken place, but getting the robbers is more difficult than ever.

Peter J. Henning, a professor at Wayne State University Law School, is a co-author of “Securities Crimes (2d edition).” Twitter: @peterjhenning

© The New York Times 2015