Over the years, the western world has grouped Nigeria among countries practicing all manners of online fraud such as website hacking, theft of credit cards, fraudulent transactions on the internet, among others.
Although Nigerians are bitter about the perception of the western world, the practice continues unabated and those few individuals involved in it appear to be catching fun through it, as there are no laws guiding against cyber attacks in the country.
Worried by the scenario, New Horizon a renowned Information Technology (IT) training institute, in conjunction with EC-Council had a one day seminar on IT security in Lagos at the weekend, with a view to making Nigerians and the Nigerian government understand the measures in combating online fraud through the application of cyber security in all forms of businesses, be it in oil and gas, telecom, financial institution, pension, et cetera.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organisation that certifies individuals in various e-business and information security skills. It is the owner and creator of the world famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT) programs, and as well as many others programs, that are offered in over 60 countries through a training network of more than 450 training partners globally.
EC-Council has trained over 80,000 individuals and certified more than 30,000 security professionals. Many of these certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. Federal Government via the Montgomery GI Bill, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). The United States Department of Defense has included the CEH program into its Directive 8570, making it as one of the mandatory standards to be achieved by Computer Network Defenders Service Providers (CND-SP), while New Horizon is known for IT training and certification programs across Nigeria and beyond.
Addressing a large audience at the seminar, President of EC-Council, Mr. Sanjay Bavisi emphasised on IT security training for Nigerians as a measure in understanding the technicalities in online fraud, in order to control the menace.
According to him, in order to fight cyber crime effectively, Nigerians need training in Project Management, Risk Management and must have better understanding in new technologies that has to do with cyber security.
Given the history of cyber security, Bavisi said technology grew from manual banking to electronic banking, to telecommunication, communication network such as Face Book, Twitter, Blackberry among others, but that at the initial growth level, people were not conscious of security until hackers started breaking into organisation’s websites with the motive of either stealing confidential data or corrupting the entire system. The challenges, he said prompted IT experts to start thinking of security, because of the huge financial loss involved in hacking.
Citing the September 11 Attacks on the World Trade Centre in America in 2001, Bavisi said the attack ignited very important questions in the hearts of the founders of EC-Council, Jay Bavisi and Haja Mohideen.
Shortly after the attacks, they researched the web for “Information Security” programs that would be able to provide Information Security professionals with the necessary tools and education that will help them avert a cyber war, should the need ever arise.
The results returned from the research were disappointing and that motivated them to form the International Council of Electronic Commerce Consultants, known as the EC-Council.
They soon gained the support of subject matter experts from all over the world that eventually led to the creation of various standards and certifications both in the electronic commerce and information security space.
Speaking on the disaster of online fraud, Bavisi said years ago, the Chinese hackers broke into the American White House and downloaded terabytes of information and that the United State Defence incurred cost of $100 million due to Chinese cyber attack in the first half of 2010. “Today China has fortified its security system and established information warfare units, which include 1,100 cyber-operation teams in Hainan Island alone,” he said, adding that Nigeria needs to train IT security professionals that will avert cyber attacks and online fraud. He promised to offer training for Nigerians whose organisation would be willing to allow their IT staff acquire IT security training. The one day seminar dwelt on security threats across the globe and the possible ways to put them under safe control.
Also in his contribution, Chief Executive of New Horizons, Mr. Tim Akano called on National Assembly members to as a matter of urgency, pass the law guiding the usage and safety of cyber space. He challenged David Mark led Senate to mark the sheets containing those guidelines with dispatch and pass it with dispatch, should Nigeria sustain cyber security.
Akano who blamed the situation that Nigeria has no cyber security law, said it would be difficult to achieve cyber security without cyber regulations.
The implication for not having cyber security law is that anybody can enter individual cyber space or that of organisations and steal all the information that have cost the organisations billions of naira to get and they will be legally helpless to fight their course since there is no law on cyber security, he said, while advising companies going for virtualisation, to first put security in place before acquiring the new technology.
According to him, EC-Council remained the most prestigious institution in the world on IT Security and electronic commerce and New Horizons is the most global training organistion with offices in 70 countries of the world. “Therefore when we combine our talents together we become a phenomenon. And that is what has happened in the industry today.”
Today, people are involved in all manners of online fraud, whereby fraudsters recruit victims from Western countries via chat rooms and dating websites, developing long-distance relationships with their victims to obtain personal details. After the victim accepts a marriage proposal from the scammer, items are bought online using credit card information stolen from other people and shipped to victims without their knowledge. The fraudsters then claim the goods were sent to the wrong address, and ask the victim to apply pre-printed labels to the packages and re-ship them to fraudsters’ real address.
Other forms of online fraud include purchase fraud, Counterfeit Postal Money Orders fraud, Automotive fraud, Real Estate fraud, among others.
Purchase fraud occurs when a criminal approaches a merchant and proposes a business transaction, and then uses fraudulent means to pay for it, such as a stolen or fake credit card. As a result, merchants do not get paid for the sale. Merchants who accept credit cards may receive a chargeback for the transaction and lose money as a result.
In the area of Counterfeit Postal Money Orders fraud, there has been a significant surge in the use of counterfeit postal money orders since October 2004. More than 3,700 counterfeit postal money orders were intercepted in America by authorities between October and December 2004. According to the United States Postal Service, the quality of the counterfeit postal money orders is so good that ordinary consumers can easily be fooled. The counterfeit postal money orders are presented for payment at banks and other financial institutions.
For the Online automotive fraud, a fraudster posts a nonexistent vehicle for sale to a website, typically a luxury or sports car, advertised for well below its market value. The details of the vehicle, including photos and description, are typically lifted from sites such as eBay Motors or Autoscout24. An interested buyer, hopeful for a bargain, emails the fraudster, who responds saying the car is still available but is located overseas.
For the Real Estate fraud, landlords placing advertisements on Craigslist or rent.com receive an e-mail response from a prospective renter from a foreign country. The first inquiry seems legitimate. The second usually comes with request for more information and an attachment from a fake company set up by the scam artist indicating that the person has won a part-time scholarship from the company. The scam comes with the third e-mail: a request for the victim’s name and address so that the “company” can send a cashier’s check to cover the rent and the person travel costs.
These and many more were the reasons New Horizons brought EC-Council to Nigeria to address cyber security, Akano said.