Some of the alleged crooks who caused the most damage online are still on the run, years after their indictments, commanding big rewards for tipsters.
You know the scheme—you get a message on your computer saying you have a virus, and if you buy this antivirus software for just $50, you will be free.
But the virus isn’t real, the antivirus software doesn’t work, and you just gave $50 to cyber crooks.
The two men who “pioneered” this kind of scareware are wanted for their alleged crimes, the FBI says, but six years after their indictment, they are still on the loose.
Daniel Sundin and Sam Jain, as the Federal Trade Commission calls them in court documents, ran a company called Innovative Marketing, Inc. Their real names are Bjorn Daniel Sundin and Shaileshkumar P. Jain, according to the FBI, and they allegedly scammed internet users in more than 60 countries out of more than $100 million between 2006 and 2008.
Listed as five-foot-ten and 136 pounds on the FBI’s most wanted cyber criminals page, Innovative Marketing’s Chief Technology Officer Sundin would be slight-of-build, a 38-year-old last pictured with red hair and a goatee.
His partner, company CEO Jain is said to be 46 years old, with black hair and brown eyes, stating 5’8 and 175 to 180 pounds.
Where are they now?
Though the FBI said Jain lived in the U.S., Innovative Marketing was registered in Belize and with a subsidiary in Ukraine.
Jain was believed to be in Ukraine, reported Reuters after the indictment in 2010, and Sundin in Sweden.
But finding them—and others like them—isn’t easy, Reuters said in its article.
“Police have had limited success in cracking down on the scareware industry,” according to Reuters. “Like Innovative Marketing, most rogue internet companies tend to be based in countries where laws permit such activities or officials look the other way.”
The former head of the computer crimes unit at the U.S. Department of Justice told Reuters that law enforcement in the U.S., Western Europe, Japan and Singapore are willing to help with these kinds of cases, but many others are not.
“In the rest of the world, it’s hit or miss,” Mark Rasch said to Reuters. “The cooperation is getting better, but the level of crime continues to increase and continues to outpace the level of cooperation.”
The Ukraine subsidiary of Innovate Marketing at last shut down, but there was suspicion that it was still operating from somewhere else, perhaps under a new name, according to Time.
Research Dirk Kohlberg with cybersecurity company McAfee told Time, “If you have a business and you’re making hundreds of millions, why would you just give it up?”
Rewards
The FBI is offering reward of up to $20,000 for information leading to the arrest and conviction of Sundin, and also for Jain.
But some wanted cyber suspects are commanding higher bounties.
You can receive up to $50,000 for helping catch and convict Carlos Enrique Perez-Melara, who allegedly ran a cyber spying operation from his home in California.
The FBI said Perez-Melara ran a website called “Email PI” and “Lover Spy” in 2003 that claimed to help people “catch a cheating lover” by sending the suspected cheat an e-card with spyware in it. Open the card, and your computer would be infected. The site could then gather up your keystrokes, your passwords, the sites you visit and e-mails you send and receive.
He was charged in 2005, but he left his San Diego home and was last seen in El Salvador, according to the FBI.
Fake cars
An American soldier wants to sell you his car online because he is overseas, but he just needs you to wire the money to his brother. A widow in Utah is selling you her late husband’s mint-condition car at an amazing price, but can you just wire the money to her attorney?
These are some of the hallmarks of car scams that have stolen thousands of dollars from car-buyers in the U.S. And there will be up to $1 million in reward money for information leading to the arrest and conviction of Nicolae Popescu, said to be part of a group that masterminded a massive, sophisticated online car rip-off.
Popescu and his group, based in Romania, posted fake car ads on sites like Cars.com and AutoTrader.com, according to CNN. Their cohorts used fake passports to open up bank accounts in the U.S, the FBI said.
“These ‘sellers’ sent fraudulent invoices, that appeared to be from legitimate online payment services, to the victim buyers, with instructions for payment to bank accounts held by other conspirators in the United States,” the FBI said.
The group made off with $3 million in victim money, reported CNN.
He was indicted with Internet crimes and was issued an arrest warrant in 2012, but is still wanted, according to the FBI.
“Lucky”
One of the most famous cyber suspects on the FBI’s list is Evgeniy Mikhailovich Bogachev, also known as “lucky12345” and “slavik.”
Finding him could earn a tipster up to $3 million in rewards, the most ever for a U.S. cyber crime case, according to the BBC.
Bogachev was involved in a scheme that secretly installed malware called “Zeus” onto people’s computers, the FBI said.
“Zeus” allowed Bogachev and his cohorts to first steal bank account numbers, passwords and PINs, and ultimately steal more than $100 million from their victims, according to the FBI.
“The FBI thinks Bogachev owns the largest army of slave computers in the world: the GameOver Zeus botnet,” reported CNN. “When Zeus malware lands on a computer, it steals bank account numbers, passwords — anything you need to hijack a bank account.”
Bogachev was incited in 2012 and 2014, but is still wanted, the FBI said.
“He was last seen in Russia, where he is believed to remain at large,” reported the BBC. “Arresting him may be difficult, as the US does not have an extradition treaty with Russia.”
His last known home—Anapa, Russia, on the coast of the Black Sea. The FBI said he enjoys boating and may travel the Black Sea in his boat, hiding out, perhaps along Anapa’s sandy beaches and under its sunny skies.