I-Network is an ICT for development (ICT4D) organization that is mainly supported by the International Institute for Communication and Development (IICD).

Follow us on Twitter
Consumer to consumer crime on the rise PDF Print E-mail

By I-Network Reporters

In 2007, Byegarazo appeared before a judge, was prosecuted and found guilty of attempted fraud – a lesser charge that is preferred today in the absence of a deterrent charge for cyber crime. He also received a slap on the hand for robbing unsuspecting Ugandans online. He was sentenced to community service – a sentencing that requires offenders to work in the community.

During the trial, prosecution proved that Byegarazo tried to divert US$45,000 (over Ush90million) to a new Stanbic Bank account in Kampala. The money in question was wired from Australia, destined to a Christian organization –Reach the World for Christ Ministry based in Mbarara in western Uganda. More surprising is the ease with which he tricked the financiers and eventually diverted the money into his account.

A frequent blogger, key logger, hacker and a proclaimed IT wizard and marvelled at by fellow students and the police, his IT knowledge has been a ticket out of poverty. Byegarazo monitored Pastor Willy Tumwine, the in charge of Reach the World for Christ Ministry and discovered the Internet café he visited frequently in Kampala.

Equipped with software that can cough-up information once a user has logged off the computer, he simply inserts the disc with the ‘intelligent’ software into the computer and all the information and correspondences between the Pastor and his funders gets captured by the software. In a country where at least 70 percent of the public visits Internet cafes to access the Internet, consumer-to-consumer crime is on the rise and there are no laws yet in place to check it.

The police are ill equipped and have no skills to handle e-crimes inspite of the cyber crime unit that was established. A few police officials interested in IT are now undergoing training in Egypt.
Criminal Investigation Department (CID) officials said Byegarazo has trained two other IT students to commit these crimes. “Byegarazo can discover that money has been sent through the different
money transfer service providers,” said Mr. Joshua Mowing of the Economic Crime Registry at CID.

Byegarazo managed to get the email addresses that were key to his operation including the priest’s password. Impersonating the pastor, he wrote an email to the financiers saying he had changed the email address and account number so the money could be wired to it, which made him an instant millionaire.

Two days later, the pastor, worried that the money could be stuck somewhere in the wiring system, called the financiers. He was assured that the funds had been credited on his ‘new’ account as he had requested. He could have collapsed, but gained composure, only to realize a ‘new generation thief’ had defrauded him.

 The police was urgently informed, the bank blocked the account and was put out for any customer who wanted to access it. The funders sent details of the email address and account number to which the funds were deposited which enabled police to trace Byegarazo. He was arrested and prosecuted but later released due to the deterrent law; he continues to use the World Wide Web to defraud other unsuspecting Ugandans through banks and forex bureaus.

It is said that when Byegarazo was arrested and taken to police the only exhibit he had was a fl ash disk which was locked with a password and the police failed to open it with the uncooperative
hacker. Some just marvelled at him for being a genius and an IT wizard. Joseph Boone an officer at CID headquarters says the police lack the human resource to do computer based investigations. The 2008 crime report shows that 128 cases of cyber crimes were reported but only seven were successfully prosecuted.

Byegarazo has acquired several passwords belonging to companies, organizations and individuals from Internet cafes in Kampala, which he uses to stealthily view various emails sent or received by clients. If money is involved, he makes sure he diverts the money by blocking genuine recipient email accounts and creating new ones. At one point he had a password for a Forex Bureau. He monitored all the monies coming through the bureau including the names of the recipients. He sets his traps by changing names of the recipients to his accomplices’ in crime that then go to the bank to claim the money.

Armed with such information and the promise of quick riches, Byegarazo lured two male colleagues and a female into a conspiracy that earned them 600-Pound Sterling (Ush1.9 million). The money was sent in the names of a female, so they needed a female to impersonate the genuine recipient. The plot succeeded because by the time the genuine recipient turned up, the money was gone. In another crime, money came in, but the sender gave instructions that it be banked on his account. Byegarazo and his team were ready to strike only this time the plan was foiled. Staff as the one who had picked the 600 Pounds Sterling and was arrested identified Byegarazo’s lady friend, dressed like a young corporate executive. In a panic, she told the bank security that two men (Byegarazo was not at the scene) working with her were waiting in a vehicle
outside the bank.

This was about Easter time last year. The police suspected the team wanted money for the holiday and they monitored them. On Good Friday police tracked them and found that they were trying to access some money, which did not come through. They returned on a Tuesday after Easter because the money was still there. This time, the staff at the counter recognized the girl and alerted the security that moved in swiftly, said Mowing.

The bank security and the Police got Byegarazo’s number from the lady. When they called him, he said he was away and had no plans of coming to the central business district that day. But a trap was laid for him and eventually the authorities apprehended him. During interrogation, Byegarazo revealed his secrets to the police and even advised the police to alert the public that for every transaction done through email, it should be accompanied by written instructions through fax, post or a phone call. He also advised the Forex bureaus and Internet Cafés were he was working to change passwords. He surrendered his work tools (software), which Police then destroyed with the help of a software engineering firm in Kampala.

However, only Byegarazo knows if he is just bidding time before he strikes again. When he was charged for the second crime he was granted bail, jumped it and is still at large. The fear is that he could be recruiting more allies out there to perpetuate a crime that the Police are still grappling with.

A key logger is spy ware that does exactly what its name implies: it “logs” or records your keystrokes. Thus when you type in your user name and password to a web site or anything else, the keystrokes are recorded, the information saved, and somehow made available to the hacker that put the key logger there. Key loggers can work several diff errant ways:

- Can send each keystroke immediately to some remote listener over the Internet.
- Can collect each keystroke in a temporary file, and then periodically upload that file to the author’s location over the Internet
- Can collect each keystroke in a temporary file, and much like a Spam bot, listen for and receive instructions from the author - in other words the logger could upload the collected information when requested.

The collected keystrokes could never be uploaded. Instead, if someone has remote access to your machine, or ever worse physical access to your machine, they could simply come by and copy the information manually.

Finally, the information may not even be kept on your machine. There are hardware key loggers that include a little fl ash memory and can be quickly inserted in between keyboard and computer to capture all the data. Some time after installing the person behind it stops by and picks up the device containing all your information.

For more information check out http/ask-leo.com

Joomla Templates and Joomla Extensions by JoomlaVision.Com

To participate in ICT for development discussions, subscribe to our mailing list by sending an email with your full name, country of residence, job title and address to admin@i-network.or.ug

You could also fill out the form on Dgroup: I-Network Uganda.

More information on the mailing list can be found at http://www.dgroups.org

Follow I-Network updates on: