There is no question that President Trump had the power to ask Bharara and dozens of other U.S. Attorneys who were holdovers from the Obama administration to go. But Bharara expected to stay, especially since Trump asked him to do so.
Bharara’s name has appeared on the PP Blog many times. In fact, something he once said became a source of great (and ongoing) editorial inspiration for peeling back layers of the HYIP onion.
You see, back in 2009, Bharara tied an HYIP scheme to a case of terrorism financing. This was the case against Abdul Tawala Ibn Ali Alishtari, also known as Michael Mixon. He was accused of operating an investment fraud known as FEDI and moving money with the belief he was purchasing night-vision goggles and other equipment for a terrorist camp in Afghanistan.
It turned out that online marketers interested in commissions pushed FEDI to Americans, Canadians and others, not knowing its operator was interested in helping dark forces kill people en masse.
How many other schemes could be sponsoring terrorism or fueling organized crime remains an open question. There are thousands of dark possibilities to mull, some of them (like FEDI and Profitable Sunrise) cloaked in light. HYIP schemes are ground zero for fake news.
Knowing Preet Bharara was on the job always was a comforting thought. He brought FEDI to justice and, for example, made sure Liberty Reserve could not continue to launder billions of dollars for HYIP fraudsters and other criminals. (Did you know that one of the Liberty Reserve figures prosecuted by Bharara was a shill on the TalkGold Ponzi forum?)
Bharara’s work, of course, was hardly limited to unmasking financial fraudsters.
It is disheartening to think that the Trump administration is bemoaning “fake news” in one breath and firing the exposer of FEDI’s fake news in the next.
Lots of purveyors of FEDI-like “programs” are online right now. They are delivering fake news through millions of column-inches and through terabytes of video.
News came early this morning that the SEC had moved against Traffic Monsoon, calling it a Ponzi scheme. Both the “program” and alleged operator Charles Scoville were charged civilly yesterday in Utah federal court with securities fraud and selling unregistered securities to unaccredited investors.
Scoville also was the braintrust behind AdHitProfits, a Ponzi-board “program” in part targeted at people who also were targeted in the egregious 2013 Profitable Sunrise cross-border scam in which millions of dollars appear to have vanished overseas.
As the PP Blog reported on June 2, 2013 (italics added):
A spammer hit a Profitable Sunrise Facebook site yesterday with five drive-by offers for “AdHitProfits.” All five of the machine-gunned theft bids claimed the same thing: “make money every half an hour…100% commission let your money grow for you at high speed.”
The AHP “program” also is being pitched on the Ponzi boards, with the thread-starter at MoneyMakerGroup bragging that “Payza, []STP & Liberty Reserve Accepted !!”
LibertyReserve was described last week by federal prosecutors in New York as a criminal enterprise that had laundered more than $6 billion for Ponzi schemers, credit-card fraudsters, identity thieves, investment fraudsters, computer hackers, child pornographers and narcotics traffickers.
In its complaint against Traffic Monsoon and Scoville, the SEC says PayPal restricted Traffic Monsoon during the winter, in January 2016.
Our research shows that Scoville then turned to Payza for the heavy lifting and that Payza attended a Traffic Monsoon event in May 2016, during the spring and while funds in PayPal had been frozen by PayPal.
From the SEC complaint (italics added):
After the PayPal freeze, Scoville began using other payment processors more extensively: Solid Trust Pay, headquartered in Ontario, and Payza, headquartered in London with offices in New York. He has also used an account at JPMorgan Chase to receive investor funds.
Zeek used both SolidTrustPay and Payza, as did the AdSurfDaily Ponzi scheme before it.
Traffic Monsoon’s haul appears to have exceeded $200 million, potentially making it one of the largest advertising “revshare” schemes of all time. As things stand, it is larger than other well-known revshare frauds such as AdSurfDaily ($119 million) and Banners Broker ($156 million). Some of the Banners Broker cash reportedly ended up in KulClub, yet another Ponzi-board MLM scheme.
Ponzi-board schemes are eviscerating wealth globally. It is not unusual for such schemes to use multiple payment processors and to target vulnerable population groups. Agencies from the U.S. Department of Homeland Security have been involved in a number of major investigations of Ponzi-board “programs.”
It is unclear if DHS or other U.S. agencies with the power of arrest are involved in a Traffic Monsoon probe. History has shown, however, that when the SEC brings a civil case, other agencies sometimes carry out criminal investigations on a parallel track.
Costa Rica was also increasingly known as a place where dirty money could be cleaned. The country’s geography—with drug producers to the south and their customers to the north—was ideal for money launderers. According to Global Financial Integrity, a nonprofit that monitors international money laundering, Costa Rica exported $5.4 billion in laundered money in 2006, equivalent to 24 percent of its GDP. By 2012, that number was up to $21.6 billion—a whopping 48 percent of GDP. Ólger Bogantes Calvo, the deputy director of the country’s anti-narcotics enforcement agency, told me that the government simply never has the funds, manpower, or materiel to fight the criminal elements it faces. “Realistically, [the criminals] will always be a step ahead,” he said.
Such a question might help educate the MLM/network-marketing masses who continue to push one bizarre scheme after another. After all, the highly publicized Liberty Reserve case was brought in the Southern District of New York, the same venue in which SVM appears to be operating with a purported “professional intuitive” at the helm.
SolidTrustPay, an offshore processor that had been friendly to the AdSurfDaily and Zeek Rewards Ponzi schemes, reportedly is in the SVM fold. (In a complaint announced April 14, the SEC said a Ponzi scheme known as CashFlowBot and perhaps better known as DollarMonster was using STP.)
Meanwhile, they might want to question why cross-border schemes such as TelexFree ($1.8 billion) and Zeek Rewards ($897 million) had “advertising” components.
Speaking of “advertising”: The emerging MAPS cross-border scheme has the word in its name — along with promoters’ ties to Zeek and TelexFree. Like Zeek and ASD, MAPS, short for My Advertising Pays, says it takes SolidTrustPay.
Mark Marmilev, the technology specialist for the cross-border Liberty Reserve money-laundering operation favored by HYIP scammers and other criminals before its May 2013 collapse, shilled on the TalkGold Ponzi forum, U.S. federal prosecutors said in a sentencing memo.
Marmilev, 35, of Brooklyn, N.Y., also hired forum shills and separately tried to hatch an SEO scheme to “clean up” accurate online references to his boss Arthur Budovsky, the office of U.S. Attorney Preet Bharara of the Southern District of New York said in the memo.
U.S. District Judge Denise L. Cote yesterday sentenced Marmilev to five years in federal prison.
In Marmilev’s mind, the SEO scheme was needed because a press release by the Manhattan District Attorney’s Office about Budovsky’s indictment in a 2006 case was causing problems.
“Marmilev proposed that the SEO expert publish information on the Internet falsely suggesting that the ‘Arthur Budovsky’ behind Liberty Reserve was a different person from the ‘Arthur Budovsky’ who was convicted by the Manhattan District Attorney, but who simply happened to have the same name,” prosecutors advised Cote. “Marmilev’s evident purpose in doing so was to distance Liberty Reserve from Budovsky’s criminal conviction, in an effort to promote an appearance of legitimacy for Liberty Reserve.”
Said Bharara, “Mark Marmilev spent years designing and maintaining the technological architecture that allowed Liberty Reserve to operate a global payment processor and money transfer system that catered to criminals. Now, he will pay for that crime with five years in federal prison.”
RealScam, which covers international mass-marketing fraud, recently was targeted in an SEO campaign designed to link it to Jihadists and Islamic terrorists. (See PP Blog reference here. See RealScam thread here.)
Court references to the TalkGold and MoneyMakerGroup forums as places from which Ponzi schemes are promoted date back years.
In a current case of trying to confuse the public, veteran HYIP scammer “Ken Russo,” also known as DRdave, is using MoneyMakerGroup in a bid to deflect criticism of the emerging “Achieve Community” scheme.
Liberty Reserve’s two founders have yet to be sentenced, but you can bet they’re going to be receiving similar if not harsher penalties than Marmilev’s 5 year sentence.
The jailing of a Liberty Reserve executive comes on the eve one of the larger Ponzi schemes in operation today gears up to announce their new payment processor.
After a short-lived run with Payoneer, they terminated their relationship with Achieve. The scheme has yet to hook up with a replacement payment processor.
Last week news broke that incoming investment into the scheme was now being handled by iPayDNA, but nothing yet has materialized on the withdrawal front.
iPayDNA appear to be accepting investments from Achieve affiliates using multiple unrelated business entities originating out of China.
The PP Blog hopes readers will take the time to read the sentencing memo posted by NikSam. Here’s another tidbit (italics/bolding added):
Aftermath of Liberty Reserve Shutdown. Following the shutdown of Liberty Reserve in May 2013, law enforcement agents monitoring various online criminal forums (such as “hacking” or “carding” forums) observed numerous postings by users of these forums bemoaning Liberty Reserve’s closure and the resulting loss of funds that they had on Liberty Reserve’s system. Many users complained of losing tens of thousands of dollars or more that they had in their Liberty Reserve accounts. By contrast, very few Liberty Reserve users have contacted the Southern District of New York seeking to recoup their Liberty Reserve funds on the basis that they were conducting legitimate business on the site. When the Liberty Reserve takedown was announced to the public in May 2013, users were instructed to contact the Southern District of New York if they wished to recoup their funds.
Notwithstanding that Liberty Reserve had more than 5 million registered user accounts, only 32 persons have contacted the Southern District of New York from May 2013 to September 2014. Similarly, notwithstanding that numerous Liberty Reserve accounts were doing a high volume of business as Liberty Reserve “exchangers,” only one Liberty Reserve exchanger has contacted the Southern District of New York about a potential claim since May 2013, and that claim was ultimately not pursued
From an SEC exhibit in the Profits Paradise complaint.
URGENT >> BULLETIN >> MOVING: (Updated 9:33 p.m. ET U.S.A.) The SEC has charged two Indian nationals with running an HYIP scheme known as “Profits Paradise” that reached into the United States and offered “extraordinary” returns of up to 480 percent in 240 days, plus “compounding.”
As is typical in HYIP schemes, the “program” gained a head of steam on social media, the SEC charged. (A quick Google search shows that ProfitsParadise also had a presence on well-known Ponzi forums such as TalkGold and MoneyMakerGroup.)
ProfitsParadise operated between April 2013 and early February of 2014 and offered “guaranteed” payouts, the SEC alleged.
The scam “invited investors to deposit funds that supposedly would be pooled with money from other investors and traded on foreign exchanges as well as in stocks and commodities,” the SEC alleged.
Pitches on Facebook, YouTube and Twitter were “pervasive” and resulted in investors being exploited, the SEC charged.
The named respondents are Pankaj Srivastava of Mumbai and Nataraj Kavuri of Hyderabad. They also are accused of promoting the scam through Google Plus.
Srivastava “used the pseudonym “Paul Allen,” the SEC charged. Kavuri called himself “Nathan Jones.”
It was not immediately clear from the complaint whether the HYIP scammers intended to trade on the name of Microsoft co-founder Paul Allen. HYIP schemes, however, are infamous for trading on the names of prominent individuals.
“Srivastava and Kavuri used excessive secrecy in their effort to swindle investors through social media outreach and a website that attracted as many as 4,000 visitors per day,” said Stephen Cohen, associate director of the SEC’s Division of Enforcement. “Our investigation stopped the constant solicitations once the website disappeared, and successfully tracked down the identities of the perpetrators behind those fraudulent solicitations.”
Bogus names also were used to register websites, the SEC charged.
Srivastava caused the Profits Paradise website to be registered through GoDaddy in the name of “Jane Roe” of Seattle, the SEC charged.
“Jane Roe is a fictitious name, and there is no connection between Profits Paradise and the dwelling at 300 Boylston Ave E., in Seattle, Washington, or its residents,” the SEC charged. “The telephone number provided to GoDaddy is a toll-free number for a conference call center that is unrelated to Profits Paradise,” the SEC charged.
Meanwhile, a Gmail email address linked to the supposed Seattle street address was associated with IPs “located in India, not Seattle,” the SEC charged.
At the same time, the agency charged, “Kavuri disguised Profits Paradise’s physical location by providing the false ‘whois’ data, indicating that Profit Paradise’s operations were within the United States when they were not.”
From the SEC’s civil administrative complaint (italics added):
“The phony name and address served a dual purpose. In addition to concealing the fact that Srivastava and Kavuri were behind the Website, the domain name registration to Jane Roe at a Seattle address was meant to attract American investors. Additionally, to create the illusion that mainly American investors were visiting the Profits Paradise Website, Srivastava instructed the web designer to ensure that the ‘Alexa detail’ showed the Website’s ‘rank in the United States’ rather than its ‘rank in India.’ “Alexa” refers to a website (www.alexa.com) that ranks other websites, by country, based on the amount of Internet traffic directed to the website.”
Also typical of HYIP scams, payment processors such as Liberty Reserve, PerfectMoney and EgoPay were used. Dates cited in the SEC complaint suggest Profits Paradise opened its Liberty Reserve account just prior to federal prosecutors bringing criminal charges against Liberty Reserve in May 2013.
Srivastava, in 2005, worked for Quixtar.com in Minneapolis, but returned to India in 2007, the SEC said.
Read the SEC complaint, which alleges the Profits Paradise scheme also was “structured so that under certain conditions investors could never recover their principal investments.”
In the first U.S. criminal prosecution involving a Bitcoin-themed scheme, Trendon Shavers has been arrested and charged with securities fraud and wire fraud.
Shavers, 32, of McKinney, Texas, was charged civilly by the SEC in July 2013. He is known as “pirateat40,” and allegedly pushed his Bitcoin Savings and Trust Ponzi scheme from a forum.
FBI agents arrested him today at his Texas residence.
“As alleged, Trendon Shavers managed to combine financial and cyber fraud into a Bitcoin Ponzi scheme that offered absurdly high interest payments, and ultimately cheated his investors out of their Bitcoin investments,” said U.S. Attorney Preet Bharara of the Southern District of New York. “This case, the first of its kind, should serve as a warning to those looking to make a quick buck with unsecured currency.”
A top FBI official threw down the gauntlet.
“Shavers used a new currency, but the same old reprehensible tricks,” said FBI Assistant Director-in-Charge George Venizelos. “He claimed to offer a Bitcoin market-arbitrage strategy. In reality, it was nothing more than an insidious scheme motivated by greed. Today, Shavers’ jig is up. He finds himself under arrest and charged in Manhattan federal court.”
Some HYIP schemes appear now to have moved away from payment processors such as the now-shuttered Liberty Reserve and are moving toward Bitcoin.
From a statement by Bharara’s office, which previously prosecuted Liberty Reserve, calling it a $6 billion money-laundering operation that enabled HYIPs and others forms of fraud (italics added):
From at least September 2011 up through and including September 2012, SHAVERS operated a Ponzi scheme. Specifically, SHAVERS solicited investments in BCS&T on the “Bitcoin Forum” – a public, Internet-based forum where, among other things, Bitcoin investment opportunities were posted. SHAVERS’s offer to investors was straightforward: investors who lent Bitcoin to BCS&T would be paid up to seven percent interest weekly – an annualized interest rate of 3,641% per year – and investors could withdraw their investments in BCS&T at any time. SHAVERS claimed that the Bitcoin invested by BCS&T investors would be used to support a Bitcoin market-arbitrage strategy, which included (i) lending Bitcoin to others for a fixed period of time; (ii) trading Bitcoin via online exchanges; and (iii) selling Bitcoin locally via private, off-markets transactions – i.e., “over-the-counter transactions.” SHAVERS also personally guaranteed to cover any losses in the event of a market change. In truth, SHAVERS largely failed to execute the claimed market arbitrage strategy, failed to honor all of his investors’ redemption requests as well as his personal guarantee, and failed to deliver the agreed upon rates of interest.
In the end, BCS&T was a Ponzi scheme in which SHAVERS used Bitcoin from new investors to make purported interest payments to existing investors and to cover investors’ requests to withdraw Bitcoin from existing BCS&T accounts. In addition, SHAVERS diverted investors’ Bitcoin for day trading in his own account on a Bitcoin currency exchange, and exchanged investors’ Bitcoin for U.S. dollars to pay certain of his personal expenses. At the peak of the scheme, SHAVERS raised, and had in his possession, about seven percent of all the Bitcoin that were then in public circulation. In the end, at least 48 of approximately 100 investors lost all or part of their investment in BCS&T.
Some Bitcoin enthusiasts have fretted that dark forces and criminal organizations are seeking to use Bitcoin in the same way they used Liberty Reserve. Criminal activities could undermine confidence in Bitcoin and affect its perception in the marketplace.
In late August, some affiliates of the collapsed $850 million Zeek Rewards Ponzi scheme began pushing a Bitcoin-themed “program” known as BitClub Network, a purported “mining venture” with an investment arm attached that purportedly supplies a payout for 1,000 days.
Prospects were encouraged to buy in with sums ranging from $500 to $3,500.
4th UPDATE 8:09 A.M. EDT OCT. 30 U.S.A. In the past several hours, Tweets sourced to Bitcoin-themed publications such as CoinFire, CryptoCoinsNews and CoinTelegrah claim the SEC has opened preliminary inquiries into hundreds of Bitcoin-themed enterprises.
On the CoinTelegraph website, the publication asserts there is a “gag order attached to these requests for voluntary cooperation.”
For starters, there appears to be no independent corroboration from the SEC of the inquiries. None may be forthcoming, given that early inquiries — if they exist — are not public by design. Moreover, references to a “gag order” may be a misinterpretation of a phrase the SEC uses when opening preliminary inquiries. Using boilerplate language, the SEC typically informs the subjects of the inquiries that “This investigation is confidential and non-public.”
The language is designed to protect both the recipient’s interests and the SEC’s. So, if the claim that a “gag order” has been issued is hung around the boilerplate language concerning the confidential nature of SEC inquiries at this early stage, it very well may mean the “gag order” claim is incorrect.
On the whole, though, we’d say the odds the SEC wants to look down certain Bitcoin-themed rabbit holes are very high — notwithstanding the fact that the PP Blog cannot confirm the Twitter claims about the inquiries.
It is obvious that Bitcoin-themed HYIPs are operating. Another area of obvious concern: Are Bitcoin-themed enterprises running crowdfunding scams?
One thing to look for as this situation evolves is crackpot “defenses” of everything Bitcoin. In response to the Tweets and coverage on Bitcoin-themed publications of the asserted SEC inquiries, some such defenses already have surfaced. One poster on CryptoCoinsNews, for example, appears to be advancing a conspiracy theory that the SEC is trying to dupe recipients of the asserted inquiry letters into confessing jurisdiction.
In the Comments thread, the poster suggests that recipients of the asserted inquiries should respond as such (italics added):
“I _______ (state your name), present myself in pro pria persona for a special appearance, as to be distinguished from a general appearance and respectfully ask [the court to direct the prosecution] to prove for and on the record all elements of jurisdiction binding me to perform in any way whatsoever.”
The problem with such a response is that it comes off sounding like so much “sovereign citizen” poppycock that it has the potential to subject to additional scrutiny those who’d adopt the guidance. Beyond that, even if the inquiries actually are taking place, no court appears to be involved at this time and it’s already clear that the SEC has jurisdiction over matters pertaining to securities.
Other “defenses” suggest the SEC is sending out a squad of “goons” to make it hard for companies to do business and that the SEC is interfering in “contracts” between consenting adults.
For whatever reason, various “defenders” of online “opportunities” have adopted a bizarre narrative that more or less asserts that all commerce is lawful as long as the parties entering a contract agree that it is lawful. Such constructions, however, would legalize murder-for-hire, terrorism plots, extortion, human trafficking, selling narcotics to school children and many other pursuits society rejects.
Simply put, there are a lot of holes in claims that all commerce is lawful as long as the parties agree that it is lawful. Such constructions would mean that John Q. Bloodthirsty Political Extremist could enter into a contract with Carlos the Jackal to plant a car bomb designed to kill innocents in France — and no government or no person could do anything about it, including maimed survivors who never agreed to be disfigured at the hands of the contracted parties.
It is no more lawful to operate an HYIP or crowdfunding scam that involves Bitcoin than one that involved Liberty Reserve, alleged to have helped criminals launder $6 billion.
This claim appears today on a website styled obopayusa.com. Precisely when it began to appear is unclear.
With Cyber Monday and the traditional online sales coming up a few days from now on Dec. 2, this is what we know: Payza, the successor brand to Montreal-based AlertPay, a Ponzi-forum darling and chronic HYIP- and fraud-enabler, suddenly says this in a headline on its Community forum: “US Funds Frozen | Obopay/Ultralight FS. issue.”
The announcement is dated yesterday, Thanksgiving Eve in the United States.
Today is Thanksgiving Day. U.S. government offices are closed. Black Friday, another day of brisk U.S. sales activity in which retailers cater to door-busting holiday shoppers, is tomorrow.
We also know that the U.S. government has established a tradition of taking down counterfeiting and piracy scams and their enabling websites on Cyber Monday. Moreover, we know that U.S. Immigration and Customs Enforcement (ICE), a division of the U.S. Department of Homeland Security, issued an alert two days ago that it is working with partners and “will be conducting increased operations during the holiday season targeting the importation and distribution of counterfeit and pirated products.”
Beyond that, we know that the United States — the U.S. Secret Service, ICE and other agencies — took down the Liberty Reserve payment processor over the 2013 Memorial Day holiday period and the U.S. Department of the Treasury identified Liberty Reserve as a “Financial Institution of Primary Money Laundering Concern.” The bust was announced on May 28, the day after Memorial Day.
Backing up a few years, we also know that AlertPay and SolidTrustPay enabled the $119 million AdSurfDaily Ponzi scheme and the $70 million Pathway To Prosperity fraud scheme — to name just two of many.
Meanwhile, we know that the court-appointed receiver in the Zeek case is going after money allegedly tied to Payza and SolidTrustPay. The most recent affirmation of this occurred on Nov. 14, when the receiver advised a federal judge that his efforts to gather $10 million from Payza “persisted” and that “new information has come in” that affects his analysis of Zeek-related Payza funds. Whether the $10 million sum would go up or down based on the new information was not revealed in the filing.
Analysis of “transactional data from Payza is not yet complete,” the receiver advised the judge. He also noted that the Payza funds were held in a “foreign bank account” in an undisclosed country. Based on its research, the PP Blog believes the country is in Eastern Europe.
We also know that AlertPay effectively became Payza in May 2012, even as Zeek was conducting auctions for U.S. currency and experiencing trouble with U.S. banks. Payza operates through a New York entity known as MH Pillars Inc., which in May 2012 announced the “recent acquisition of AlertPay’s existing online payment platform.” Payza also is associated with a U.K. entity known as MH Pillars Ltd. of London.
Thanksgiving Confusion
Although Payza’s headline uses the word “Frozen,” the text below it does not identify the party that purportedly froze the funds. At the same time, the text appears to be at least slightly at odds with the headline claim that the money was “Frozen.” Indeed, the text describes the funds as “withheld.”
Although the word choices may or may not be important, one thing seems obvious: Either word is apt to be unsettling to Payza’s U.S. customers who want their money.
“As you may or may not already know, we are unable to complete any requests to withdraw or transfer funds for a part of our U.S. members at this time, since they are being withheld [emphasis added by PP Blog] by Ultralight Financial Services (formerly known as Obopay Inc.) a licensed U.S. money transmitter of which Payza was an agent,” the announcement begins.
“We have tried to resolve this problem by contacting their management, their legal team and State regulators,” the announcement continues. “Their management and legal team were unresponsive. However, State regulators are willing to help us, but they have told us that they will not intervene unless they hear from you, the owner of your funds.
“In this case, Payza is asking all affected members to demand action from both Ultralight FS and your State regulator . . .”
At the time of this PP Blog post, the full Nov. 27 announcement is available at the Payza Community Forum. [See Update at bottom of this PP Blog post.]
These Thanksgiving Eve claims by Payza are at odds with other claims online.
In short, Payza seems to be saying that Ultralight/Obopay Inc. is responsible for its inability to serve U.S. customers because the entities either froze or withheld the money.
But here is where the information diverges and becomes even more fractious: At least two websites that state they’re associated with Obopay claim that “[t]he US Department of Homeland Security has seized all MH Pillars dba Payza money on deposit with UltraLight FS.” Both of these sites are cheesy in appearance. Both also have have copyright notices: One, styled obopayusa.com, says “Content copyright 2013. Obopay, Inc. All rights reserved.” The other, styled ultralightfs.com, says “Copyright @ UltraLight Financial Services. All rights reserved.”
Neither site says when the money purportedly was seized. Nor does either site say how much was seized.
So, the apparent obopay and UltraLight entities are saying the money was seized by the U.S. Feds. Payza is saying it was “frozen” or “withheld” by obopay/ultralight.
What’s the truth? Well, it’s unclear at this time.
There’s also a website styled obopay.com that appears to have the same logo as obopayusa.com. The obopay.com site asserts an association with Obopay Mobile Technology India Pvt. Ltd. of Bangalore and says its partners include Societe Generale, Essar Telecom Kenya Limited and Union Bank of India.
The obopay.com site appears to make no reference to Payza or MH Pillars, but does reference Obopay Inc. of Redwood City, Calif., as its parent company. When the PP Blog clicked on a “State License” tab at the bottom of the obopay.com site, however, it received this error message: “An error occurred during a connection to www.obopay.com. Peer’s Certificate has been revoked. (Error code: sec_error_revoked_certificate).”
So, another layer of the curious.
Searching the database of the Financial Crimes Enforcement Network (FinCEN), the PP Blog located a document that suggests Obopay Inc. of Redwood City, Calif., is a registered Money Services Business in all 50 U.S. states, plus the District of Columbia. FinCEN is an arm of the U.S. Treasury Department. Its stated mission is “to safeguard the financial system from illicit use and combat money laundering and promote national security through the collection, analysis, and dissemination of financial intelligence and strategic use of financial authorities.”
Information on MH Pillars Inc. of New York also appears in the FinCEN database. The information suggests the firm is a registered Money Services Business in at least 48 of the the 50 U.S. states. (California and New Hampshire appear to be possible exceptions.) MH Pillars also appears to be registered in venues such as American Samoa, the Federated States Of Micronesia, the Marshall Islands, the Northern Mariana Islands, Palau and the U.S. Virgin Islands.
It seems clear that both Obopay Inc. and MH Pillars Inc. are registered MSBs. Why, then, can’t U.S. Payza customers get their cash? Could it be because UltraLight isn’t registered? The FinCEN database appears to have no information on UltraLight.
But a Florida Department of State database does, and that information suggests Obopay Inc. is changing its name to ULTRALIGHT FS Inc. The Florida document is date-stamped Oct. 15, 2013. A phone number listed in the document comports with a phone number in Louisiana and Mississippi records as the number for Obopay Inc. of Mountain View, Calif. Like Redwood City, Mountain View is a Silicon Valley community.
Why FinCEN records show Obopay in Redwood City while state records show the enterprise in Mountain View was not immediately clear.
What does seem clear is that some or all of Payza’s U.S. customers can’t get their money and that whatever dispute exists between Payza and OboPay/Ultralight is about money that either was frozen/withheld by OboPay/Ultralight or seized by U.S. law enforcement.
Payza claimed in July 2012 to be cleaning up its act. This claim was made about a month prior to the August 2012 Zeek action by the SEC and an accompanying confirmation from the U.S. Secret Service that it also was investigating Zeek. Whether the Payza claim was just lip service remains to be seen.
When the United States took down Liberty Reserve, the Secret Service changed Liberty Reserve’s domain nameservers to a “sinkhole” URL at ShadowServer.org. This initially caused Liberty Reserve to go offline. When the domain returned, the logos/badges of the U.S. Department of Justice, the Global Illicit Financial Team, the Secret Service, the Treasury Department and Homeland Security Investigations were published on the site to let the world know that crime doesn’t pay in the United States.
Payza’s website loaded quickly this morning, with full Payza branding and services appearing. DNS settings appear not to have been altered, suggesting at least to this point that the domain has not been seized by the United States. Whether the United States intends to seize it now or ever is not known.
But seizing money is an altogether different matter. One of the ways to choke off HYIP and counterfeit-goods/pirating scams is to stop the fuel supply and to starve them out. If the United States desired to cripple criminal HYIPs and counterfeiting enterprises, it theoretically could attack them by seizing money that had been routed through Payza and the AlertPay predecessor.
Whether that’s what’s happening here remains unclear. At the same time, it would be catastrophically foolish for an enterprise such as Obopay or UltraLight (or some combination thereof) to attribute a seizure of Payza funds to the U.S. Department of Homeland Security if it were not true. It also would be catastrophically foolish for Payza to claim that Obopay/UltraLight froze or withheld the money from U.S. Payza customers if that were untrue or not the complete truth.
Seizure of money by the U.S. government requires a court order. Obopay/UltraLight either hasor has not received such a court order or notice that one was on the way.
If the United States has court-worthy evidence that Payza was facilitating online criminal enterprises, then it should become apparent in the coming days. If Obopay/UltraLight played any role, it also should become apparent.
It could be a very interesting Black Friday or Cyber Monday.
Update 7:31 p.m. Nov. 28: The original Payza announcement appears to have been removed this afternoon or this evening and replaced by this considerably shorter one. There’s also a post on the Payza Blog. It is dated today and titled, “Important Update: Limited Services for Certain U.S. States.” Those states are not identified in the Payza Blog post.
Before Liberty Reserve and its alleged co-conspirators were indicted in May, the company was involved in several horror-filled propositions. These included laundering $6 billion as part of schemes involving “credit card fraud, identity theft, investment fraud, computer hacking, child pornography, and narcotics trafficking,” federal prosecutors said.
Now, Liberty Reserve figure Vladimir Kats, also known as “Ragnar,” has pleaded guilty to multiple crimes. The plea occurred yesterday: Halloween Day.
Liberty Reserve, prosecutors said, set the stage for criminals to thrive and functioned as “as the bank of choice for the criminal underworld because it provided an infrastructure that enabled cybercriminals to conduct anonymous and untraceable financial transactions.”
“Vladimir Kats, by his own admission, helped to create and operate an anonymous digital currency system that provided cybercriminals and others with the means to launder criminal proceeds on an unprecedented scale,” said Acting Assistant Attorney General Mythili Raman. “His conviction reinforces what we said when Liberty Reserve was first brought down: banking systems that allow criminals to conduct illegal transactions anonymously will not be allowed to stand, and professional money launderers will be brought to justice.”
It all added up to danger and created “an international den of cybercrime,” added U.S. Attorney Preet Bharara of the Southern District of New York.
“As a co-founder and operator of Liberty Reserve, Vladimir Kats served as a global banker for criminals, giving them an anonymous, online forum to hide the proceeds of their illegal and dangerous activities,” Bharara said.
Kats, 41, of Brooklyn, N.Y., potentially faces decades in federal prison. No sentencing date has been sent.
From a statement by prosecutors (italics added):
Kats was arrested in Brooklyn in May 2013 and pleaded guilty today to one count of conspiring to commit money laundering, which carries a maximum sentence of 20 years in prison; one count of conspiring to operate an unlicensed money transmitting business, which carries a maximum sentence of five years in prison; one count of operating an unlicensed money transmitting business, which carries a maximum sentence of five years in prison; one count of receiving child pornography, which carries a maximum sentence of 40 years in prison and a mandatory minimum sentence of 15 years in prison; and one count of marriage fraud, which carries a maximum sentence of five years in prison.
Charges remain pending against Liberty Reserve founder Arthur Budovsky and alleged co-conspirators Ahmed Yassine Abdelghani, Allan Esteban Hildago Jimenez, Azzeddine El Amine, Mark Marmilev and Maxim Chukharev, prosecutors said.
EDITOR’S NOTE: KrebsOnSecurity is written by Brian Krebs, who worked as a reporter for the Washington Post from 1995 to 2009. Our thanks to a PP Blog reader who brought our attention to information highlighted in the story below. Although the PP Blog is focusing on the TalkGold angle, the KrebsOnSecurity report covers much more, including how a U.S. credit-reporting agency potentially was doing business with a credit-card scammer and forum huckster hiding behind a proxy and wiring money from Singapore. It is highly recommended reading. Two links to the report appear in the story below.
An individual who used the handle “hieupc” on the “scammer-friendly” TalkGold forum may have peddled stolen Social Security numbers at the forum and appears also to have been in the business of defacing websites and “even attacking the Web site of his former university in New Zealand after the school kicked him out for alleged credit card fraud,” KrebsOnSecurity reports.
Hieu Minh Ngo, 24, a Vietnamese national, now is jailed in the United States. He was charged in a sealed, 15-count indictment in November 2012 with conspiracy to commit wire fraud, substantive wire fraud, conspiracy to commit identity fraud, substantive identity fraud, aggravated identity theft, conspiracy to commit access device fraud, and substantive access device fraud, the U.S. Department of Justice said on Oct. 18.
It may be a case of an offshore fraudster who erroneously believed that U.S. agents and prosecutors couldn’t touch him and grew increasingly confident that oceans and land masses that separated him from the United States would insulate him from arrest. In its remarkable story, however, KrebsOnSecurity is reporting that U.S. federal agents “set up a phony business deal to lure Ngo out of Vietnam and into Guam, an unincorporated territory of the United States in the western Pacific Ocean.”
Citing the indictment, the Justice Department said, “[F]om 2007 through 2012, Ngo and other members of the conspiracy acquired, offered for sale, sold, and/or transferred to others packages of [Personally Identifiable Information] for more than 500,000 individuals.” (Bolding added by PP Blog.)
The User ID of “hieupc” appears to have been formed at TalkGold in June 2007. (See screen shot above.) In October 2010, a TalkGold post attributed to “hieupc” offered for sale the Social Security numbers and dates of birth (at least) of Americans.
If “hieupc” is Ngo, it could mean he was trawling TalkGold as a teen-ager and seeking to recruit HYIP scammers as customers for his identity-theft ring. Such an approach conceivably could enable fellow criminals to join HYIP scams under assumed names while providing them a means of accessing U.S. bank accounts, potentially setting the stage for them to steal money from the accounts and even pass tax liabilities for HYIP program “earnings” to unknowing victims. TalkGold is populated by serial HYIP fraudsters and willfully blind promoters of online fraud schemes. Over the years, such schemes have led to DDoS attacks on the sites of fraud schemes (and sites that report on them) and repeated claims of account hackings.
Here is part of the “hieupc” TalkGold pitch (italics added):
OUR PLANS
Plan For Tester – 6 Credits – $4
Plan $10 = 15 credits
Plan $20 = 35 credits
Plan $30 = 60 credits
Plan $50 = 110 credits
Plan $100 = 230 credits
Reseller Plan $500 – 2000 Credits
Reseller Plan $1000 – 5000 Credits
No Hit = No Lost Your Credit.
SSN US: 3 credits, DOB US: 3 credits Please register an account to buy credits. Thanks
Such packages of Personally Identifiable Information, the Justice Department said, are known as “fullz” and “typically included a person’s name, date of birth, social security number, bank account number and bank routing number.”
And Ngo had at least one co-conspirator, according to the now-unsealed grand-jury indictment filed in U.S. District Court for the District of New Hampshire. In the indictment, the co-conspirator is identified as “JOHN DOE ONE,” also known as “rr2518” and “Wan Bai.”
Here is the first paragraph from the indictment, which is available through a link at the KrebsOnSecurity website:
Defendant HIEU MINH NGO (“NGO”), also known by online monikers that include “hieupc” and “traztaz659,” resided in New Zealand and Vietnam. He is one of the control persons and administrators for the websites “findget.me” and “superget.info,” and its associated data.
During the 2007-2012 time period, “Ngo and other members of the conspiracy acquired, offered for sale, sold, and/or transferred to others stolen payment card data, which typically included the victim account holder’s payment card number, expiration date, card verification value number, account holder name, account holder address and phone number,” the Justice Department said in its Oct. 18 statement.
Meanwhile, the indictment notes that an “undercover agent located in New Hampshire” was involved in the probe that led to Ngo’s arrest and that the agent was instructed by scammers “to open an account with ‘Liberty Reserve’ in order to engage in any financial transactions with them.”
In May 2013, federal prosecutors in New York alleged that Liberty Reserve had engaged in a $6 billion money-laundering conspiracy. The U.S. Secret Service is known to be involved in both the Liberty Reserve and Ngo identity-theft probes. Liberty Reserve was popular among HYIP fraudsters and other scammers.
TalkGold is not referenced in the Ngo indictment. But the forum’s name appears in other court filings as a place from which online Ponzi and fraud schemes are promoted. Just five of the hundreds of recent (or relatively recent) scams promoted at the forum — Zeek Rewards, Profitable Sunrise, AdSurfDaily, PathwayToProsperity and Legisi — are believed to have generated receipts approaching or exceeding $1 billion. (Zeek Rewards = $600 million; ProfitableSunrise = unknown tens of millions; AdSurfDaily = $119 million; PathwayToProsperity = $70 million; Legisi = $72 million.)
A “program” with the bizarre name of “CashCropCycler” (Triple C) is being pushed on the Ponzi forums, amid claims it issues cashouts through offshore payment processors linked to fraud scheme after fraud scheme and gives enrollees $10 just for signing up. An earlier HYIP scam known as JSSTripler/JustBeenPaid that appears to have morphed into at least two other scams also advertised recruits would be paid $10 for enrolling in its “program,” which purported to pay 730 percent a year (precompounding).
Like a series of recent scams, CashCropCycler purports to be a “revenue sharing and advertising” program. It also claims it is using Skype and Gtalk for customer service. The lead pitchman for CashCropCycler on the MoneyMakeerGroup Ponzi forum appears to be “mmgcjm,” the lead pitchman for the alleged $600 million Zeek Rewards Ponzi scheme at the same forum.
Whether CashCropCycler borrowed part of the JSS/JBP fraud pitch wasn’t immediately clear. Also unclear is whether CashCropCycler’s unusual name was designed to be provocatively ambiguous or as a taunt of some sort. Could the unidentified Triple C operators be suggesting they are using the HYIP world to crowd-source the cultivation of marijuana, for instance? Other HYIP schemes — CashTanker, BotFly and Insectrio, for instance — may have been named to taunt regulators and demonstrate just how gullible investors can be.
CashCropCycler curiously discusses the Triple C alliteration in another context, saying “The name ‘Triple C’ came about in year 2012 when we gave all our personal earnings to support the Clarion Children’s Choir, that was the best experience for us as a team.”
The “program” purports to be operated by “three friends, Americans by naturalization and Swedish by birth; Benson, Dave and Anderson.”
CashCropCycler’s website defines the trio as “ordinary people who find delight in been [sic] able to help our same human species. It doesn’t matter what country you’re from, what race you belong or how educated you are; we only care to help people by building a network that ticks, and this is what we enjoy doing.”
Records suggest that one of the domain nameservers (ian.ns.cloudflare.com) linked to CashCropCycler has been used in spam campaigns for everything from malware to potentially fraudulent National Football League jerseys and potentially fraudulent designer purses purportedly from Louis Vuitton.
Meanwhile, the CashCropCycler Terms of Service includes the strange phrase “Agreements shall be interpreted under the laws” — without identifying a jurisdiction or set of laws used if disputes occur. The Terms also confoundingly assert that “A member is neither an employee nor an independent contractor of CASHCROPCYCLER,” even as CashCropCycler asserts elsewhere on its site that promoters can earn MLM-style commissions totaling 15 percent over three tiers.
By plowing $10 into the scheme, according to the CashCropCycler website, members will earn “186% in 60Days” [sic]. A sum of $50 purportedly fetches “129.60% in 25days” [sic]. Recruits should feel good about the “program” (apparently) because the “script was tested for 68days [sic] before this official launch.”
And members also are permitted to engage in “Member to Member Transfer[s]” from inside the CashCropCycler system “for a 2.50% fee,” according to the website. Beyond that, according to the site, members can pay an exchange “fee of 8.70%” should they wish to have their earnings paid through a processor other than the one through which they joined the “program.”
Some purported exchange services were among the casualties of the Liberty Reserve money-laundering action in the United States in May. Federal prosecutors in New York said that the now-shuttered Liberty Reserve payment processor was facilitating any number of fraud schemes while helping criminals launder billions of dollars.
Even though CashCropCycler members purportedly are neither employees nor independent contractors of the “program,” they nevertheless are encouraged to (italics added/no edits made):
“Promote via banner/text advertisements on other advertising websites that you are a member of.
“Be active on the forums, including MoneyMakerGroup, TalkGold, DreamTeamMoney and Investment-Tracker .
“Including a link to CashCropCycler in your signature in forums.
“Traffic exchanges/Safe lists.
“Social media.
“Word of mouth.”
At least four ads that appear to highlight other HYIP schemes appear near the bottom of the CashCropCycler landing page. One of the ads is for “NeoMutual,” which uses a tagline of “we are crowdfunding.”
Some critics of crowd funding have voiced concerns that easing regulations on certain types of startup companies before appropriate safeguards are in place could lead to egregious marketplace abuses.
Ads for what appear to be HYIP schemes are displayed on the website of CashCropCycler. A purported opportunity known as NEO Mutual purports to be a “crowd funding” company through which members can use payment processors such as Perfect Money, SolidTrustPay and EgoPay that have been linked to multiple fraud schemes. NEOMutual also purportedly does business with bitcoins and PexPay — all while employing a “bank transfer” option. NEOMutual purports to have “Junior,” “Senior” and “Executive” plans that pay daily interest rates of 1.4 percent, 1.6 percent and 1.9 on sums between $20 and $250,000. NEO Mutual says it is located at Revolution Tower in Panama City, Panama. Like the “Profitable Sunrise” scheme, NEO Mutual purports to be in the bridge-loan business. In April 2013, the SEC called Profitable Sunrise a scam that may have gathered millions of dollars while using a “mail drop” and offshore bank accounts.
News came 
