Scanning the scammers

The advantages Scamseek adds to the Australian Securities and Investment Commission’s (ASIC) efforts to track web scams and illegal financial schemes are best illustrated by a comparison of what went before.

ASIC’s surveillance was akin to an “individual searching the net without Google” before the advent of its new Internet-document classification system, according to executive director of enforcement Jan Redfern.

She explains: “The new technology provides us with a shortcut to the laborious manual task of looking through websites and in doing so, offers us greatly expanded coverage of the web in a short space of time.

“It has also enabled us to be far more effective in identifying scams, particularly as it’s a proactive tool that enables us to find scams about which we don’t receive complaints.”

The technology uses an automated web ‘spider’ to patrol the net — on a 24-hour basis if required — to feed suspect web pages into the document classification system.

Increased surveillance

Redfern says Scamseek has increased ASIC’s surveillance of websites by 1,000 per cent, or 46,000 websites, since it moved into a live trial phase in June last year. It has also increased the range of scams which can be recognised by 75 per cent. In a recent electronic sweep during the live trial phase, which officially ended in July this year, Scamseek scrutinised 40,000 pages, compared to about 4,000 when ASIC sweeps required investigators to manually trawl the web.

Of these 40,000 hits, ASIC was able to narrow its search down to 45 prospective suspects, and eventually three websites were taken offline while others were forced to take some of their content offline. Among the suspects were numerous seminars promoted on the Internet that promised to show people how to create wealth through particular investment strategies, Redfern says.

“We would not otherwise have known about the seminars detected by Scamseek, as no other consumer complaints had been received,” she says.

Closed schemes

ASIC commissioner Berna Collier added that the web was used to disseminate information by many of the 76 scams ASIC closed down in 2004-05. Collier says she did not have an exact number of closed schemes promoted over the web, but that the Internet and wealth creation scams had contributed significantly to the 25 per cent increase in scams over 2003-04.

The 76 illegal schemes involved more than 2,150 consumers who invested a total of about $220 million — an average of about $102,000 each. Five promoters of illegal investments received jail sentences.

For obvious reasons, Redfern is circumspect about the surveillance methods ASIC employs with its new technology, which the regulator has invested $2 million in developing. ASIC was partnered in the project by Capital Markets Co-operative Research Centre (CMCRC) at the University of Sydney, as well as Macquarie University and Smart, which designs fraud detection and analysis systems.

Redfern says a Scamseek blitz — otherwise known as an electronic search day — is carried out secretly and intermittently throughout the year. “It would not be particularly useful for our effectiveness as a regulator if, for example, we were to publicise that we were going to do this once a month or on every second Monday.”

She says Scamseek has changed the way ASIC does its net surveillance, allowing it to move away from well-publicised Internet surf days, which were largely done for consumers for educational reasons.

“Since the system has been fully up and running in July, we’ve been doing little surveillance campaigns without notice, and taking action where appropriate,” Redfern says.

Identifying fraudsters

Scamseek works by using the “most up-to-date research in document classification and new analytical methods for identifying the meaning of words”, says Redfern.

“Scams that are run through websites tend to use certain words, in certain ways, with certain characteristics — but they can be cleverly disguised as well,” she adds.

“We’re using new theories on textual meanings to unravel the deep linguistic features that will enable us to detect scam proposals no matter what surface forms of language they use. Of course, in the process we pick up a lot of sites that aren’t necessarily scams but we are able to eliminate these very quickly.”

The Forensic and Electronic Enforcement Team (FEET), which was established by ASIC six years ago, is in charge of Scamseek, as part of its overall brief to co-ordinate all digital surveillance by the regulator. FEET uses the spider to covertly trawl the Internet for potential financial scams targeting Australians, regardless of where they originate from.

On the radar

The spider uses technology developed by one of the CMCRC industry members SMARTS (Security Markets Automated Research Training and Surveillance). Any sites thought to be worthy of further investigation are drawn up into a shortlist by FEET which is then passed onto investigators, who prioritise them through the Risk Assessment Scoring System (RASS).

RASS enables ASIC investigators to hone in on suspect sites within the short-list by identifying if a short-listed site has been banned or investigated previously. Investigators can then conduct a “who is” search using a disguising proxy (a third party website that disguises ASIC’s re-using IP number) to identify who is responsible for registering the domain, Redfern says.

Scamseek tracks two main types of financial scams: people providing financial advice online when they are not licensed, and people offering extravagant claims of returns. It searches the web for financial advice by unregistered advisers, legal investment schemes, financial services scams, and stock market tipsters attempting to manipulate the price of shares.

It can assess and aggregate the risk associated with information on a website, identify people and companies mentioned within the text, and mark sites that are above the acceptable risk threshold for further analysis.

Redfern says Australia’s position as a “victim” jurisdiction for perpetrators of Internet scams had made Scamseek’s technology essential for ASIC’s regulatory function.

Prominent perpetrator jurisdictions include the US and Thailand or, alternatively, offshore entities which don’t have the same regulation as in western economies, Redfern adds.

“But it’s hard to know where exactly the scam is sourced because they can go through a myriad of intermediaries and Internet service providers,” she says.

Sites originating within Australia fall within ASIC’s jurisdiction and can be closed down, but it’s a “lot more difficult” for sites originating outside of Australia.

“We don’t have the power to close these sites down, but we are currently working with other regulators to improve our intelligence, with the aim of closing these down.”