Insights For Success

Strategy, Innovation, Leadership and Security

Counterfeit

Operation Green Heart targets online currency counterfeit buyers

GeneralEdward Kiledjian

Image courtesy of Europol

A massive Europe wide operation took place between November 19 until December 6th, arresting 235 suspects in 13 countries. The operation confiscated 1,500 Euro banknotes, drugs, weapons, computers, phones, bitcoin, etc.

This operation was made possible after a 33-year old counterfeiter was arrested in June 2018 by Austrian police in the city of Leoben. The counterfeiter was producing 10,20 & 50 Euro banknotes and it is believed he had successfully offloaded over 10,000 (worth ~ $500,000 EUR) notes before being arrested. The counterfeit notes were sent out using regular mail, so as not to arouse suspicion.

The counterfeiter is believed to have designed the notes on his own computer. He printed them himself and made them look authentic using (suspected) Chinese made holograms. Depending on the quality of the prints, the price varied from 15-40% of the notes face value.

Aldia.cat also reports that data from an FBI/Europol raid on another Darknet seller specializing in weapons, drugs and fake money also contributed valuable information to Operation Green Heart.

The operation involved raids on 300 dwellings across Europe: 178 in Germany, 28 in France, 20 in Austria and others in Spain (Madrid, Velncia, Las Palmas de Gran Canaria, Tenerife, Barcelona, Sevilla, Granada, etc) , Croatia, Cyprus, Finland, Ireland and the Netherlands.

One of the suspects arrested in Munich still had 14 counterfeit notes with him.

The moral of the story is that good policing can cut through the anonymity of TOR, so criminals beware.

Sources:

Examples of Darknet (TOR) sites

GeneralEdward Kiledjian

I have received a lot of requests from readers, LinkedIn and Twitter connections to provide examples of some "interesting" darknet (TOR Onion Network) sites. I have posted over a dozen on my LinkedIn page but thought I would show a couple here.

My security team and I perform internet and darknet reconnaissance work to create briefing packages on cyber crime, determine trends and spot organizational dangers. As part of this research, we sometimes stumble on interesting examples that I share. 

I have chosen not to hide the onion addresses (aka the URL) because I want to show that these are not made up designs but actual sites. I discourage anyone from using or visiting these sites. I am providing these as example for educational purposes only.

Bitcoin Fig is a centralized Bitcoin tumbler. A Cryptocurrency tumbler is a service that intakes identifiable, tainted or stollen cryptocurrencies and delivers them back with an obscure trail. This is used to improve anonymity when questionable transactions are being performed. These firms typically charge 1-4% of the "cleaned" amount and operate out of countries with strict private banking laws like Cayman Islands, Panama and the Bahamas.

The The Cannabis Growers and Merchants Cooperative CGMC is a "by invitation" cannabis market. They offer a trustless (aka escrow) shopping experience to protect buyers.

The sense of anonymity offered by TOR, attracts many with much more questionable products. Above is the French connection that deals in Heroin, Meth, brown sugar, Superman XTC pills, black tar, Amber glass BHO crumble and other products guaranteed to screw your life.

We've covered drugs and now we turn our attention to sports betting. BETTOR claims to be a marketplace that sells winning bets (not predictions). They claim to have 100% winning bets for football, basketball and tennis. I don't gamble so I cannot vouch for the quality of their recommendations. 

CyberGuerrilla is another example of groups using the pseudo-anonymity of TOR to do what they probably wouldn't on the "normal" internet. This site describes it's mission as "The CyberGuerrilla Collective is an autonomous body based in Europe with collective members worldwide. Our purpose is to aid in the creation of a free society, a world with freedom from want and freedom of expression, a world without oppression or hierarchy, where power is shared equally. We do this by providing communication and computer resources to allies engaged in struggles against capitalism and other forms of oppression."

I describe this site as a blog platform for closet anarchists. 

Escrow defense is a buyer/seller escrow service. 

Cash is King is a get rich quick scheme. You pay them in BItcoin and they "sell" you cash that was destined for destruction. They claim to have a way of moving the cash before it is destroyed but need you to "launder it". How much is this service you ask?

What if you were scared as a king by Burger King and want nothing to do with a King? What is a cash strapped person to do? You can always buy counterfit US dollars from the USD site

What if you want to deal with digital currency? No worries, enter Vendor. Vendor sells hacked Paypal accounts.

How do you cash out these PayPal accounts without getting caught? Conveniently they offer a "cheap" laundered bitcoin service for a small nominal fee ($45USD for each BTC).

So now you have your drugs, your cheap cash and your cheap bitcoin. All this money is burning a hole in your wallet and you want to spend it on "cool" stuff. How about some counterfeit clothing?

What about stolen electronics like a Sony Playstation, an iPad, iPhone, Acer laptop,  or Samsung Galaxy S9?

 

Since you haven't spent all your money yet, maybe you should think about the future and use DoubleBit to grow your crypto using darknet markets. For a "small" fee, they will "invest" your crypto for growth then will return "clean crypto" back to you with outrageously generous short term returns (I am being sarcastic, I have never used their service so I wouldn't know).

Why invest when you simply buy money from the BigDeal marketplace (http://bh3ly32vcg52brrc.onion/)

If you work for a publicly traded company and want to cash out some insider knowledge, you can use The Stock Insiders site

Your counterfeit charger may kill you

technologyEdward Kiledjian

I had written an article entitled "Counterfeit USB chargers on eBay may be dangerous" in November 2012 and I strongly recommend you read that article.

Now we learn that a 23 year old chinese woman may have been electrocuted as she answered an iPhone that was charging. The South China Morning Post and Sina new now report that the woman may have been using a "3rd party" charger (aka counterfeit). CCTV claims to have a photo showing the damaged iPhone and the charger that cause the users unexpected death.

Even a CCTV expert claimed that counterfeit chargers may use cheaper components that send the full unregulated current to the phone.  

the investigation is being handled by the Chinese police and Apple has pledged full cooperation.

Image courtesy of MacRumors.

Counterfeit smartphone cases are not worth it

technologyEdward Kiledjian

I receive a lot of questions about counterfeit products and 80% of them are related to headphones. I recently read an interesting press release from Otterbox about their fight to keep counterfeit smartphone cases off the street.

Otterbox is the grand poobah of smartphone case manufacturers. They are number one in most countries and are struggling under the tidal wave of cheap Asian knock-offs.  In 2012 alone, the US Customs and Border protection teams seized over 118000 counterfeit Otterbox items.

These cases look exactly like the real thing but can often be purchased for 50-80% less than the originals (from sites like eBay, Aliexpress and others). Counterfeiters are interested in making their products look authentic  but don’t care about actual performance.

If you have a normal slim type case then the difference may be negligible. If you are using one of their more heavy duty products, you may be upset when you realize that after a drop, the counterfeit didn’t protect your device and now you’re stuck with a cracked screen or dead phone.

This is a case of buyer beware. You get what you pay for.

Related articles:

 

 

How to detect counterfeit headphones

SecurityEdward Kiledjian

There are thousands of counterfeit products being sold on Craigslist, Kijiji, eBay and other consumer to consumer online sites. During a trip to New York last year, I even found counterfeit Apple products and headphones being sold in a brick and mortar store. As a consumer, you want to make sure you are buying the real thing.

First rule of thumb

Counterfeit products never perform like the real authentic product. Don't listen to what anybody says, they just don't. Best case, the counterfeit product just per form’s bad. Worst case, the counterfeit product may be dangerous for your health and safety.

Regardless of what you have been told, the Original Equipment Manufacturers charge more because their products are built to higher quality/safety standards. These higher standards require higher end components and all of this costs money.

If the deal looks too good to be true, it probably is.

Never buy products sold without boxes

There are legitimate reasons why an online retailer or store may be selling a product without the original box but I’m not interested. Too often, missing boxes are a technique used by those selling counterfeit wares and I’m not interested.

Always look for a box that is clean and complete. It should have the same original seals or shrink wrap as a product sold in a local big box store.

Before buying anything, visit your local bog box store and examine the product. Look at the box closely. What is written? How is it written? How is the box sealed? If the store will allow it, take plenty of pictures. You need an original reference for comparison later.

Start with the batteries

If buying a product that requires AA or AAA batteries, find out what brand they are. Name brand manufacturers use Energizer or Duracell batteries but most Chinese knock-offs I have evaluated came with some other Chinese brand one.

On a recent trip to the "fake mall" in Shanghai, we were accosted by retailers peddling fake Beats headphones.

Every single one we examined came with local Chinese made batteries (while the original comes with Duracell).

When a product comes with a manufacturer brand battery (some Bose QC brand headphones), this is a little more difficult but can still be useful. In this case, you have to compare every detail from an original with the one you are evaluating. Look for different fonts or font sizes. Look for errors in spelling or missing certification labels. Look at the shape very closely as some counterfeits come close but aren't perfect replicas. If anything is off even slightly, you may be looking at a copy.

Examine the box and manual

Previously I asked that you examine the original product in a reliable big box store. This info will now be put to good use. Look at the packaging. I mean really look at it like an inspector.

You are looking for cheap quality printing, faded packaging or labels, strange markings not found on the original box, different fonts or colors used on text, compare or product names and misspelled words.

Do the above check on the box and the manual. Take the time to really look for these telltale signs in detail. If you see any of the above, you are likely holding a counterfeit product.

Presentation of the product

Manufacturers go to great lengths to ensure the customer has an exceptional unboxing experience. Every step of the process is carefully designed to be easy and be a satisfying experience. Compare the placement and internal packaging of the product with an original.

Are items presented in the rights order (i.e. product, cables, manuals)? Is the product inserter into the packaging the same way as an original? IS the product presented properly (righ and left sides of the product in the right position, proper placement of the transport case, inclusion of the proper accessories, etc).

Finally examine the product itself

Go through the markers I mentioned for the packaging. Look for things that are different or unusual. Markings, finishing, quality, weight, etc.

The counterfeit Beat headphones I examined in Shanghai had very different weights than the original we were comparing it too. We then played Apple lossless encoded music from an iPhone 4s and you immediately could head the difference in the sound quality. The original was rich with strong clean bass whereas the counterfeit sounded like it was being played through a can.

Any edges on the original were clean and smooth. The counterfeit product had more jagged edges and looked "less professional".

What to do if you bought a counterfeit product

  • Try to return the product back to the seller for a full refund. Be nebulous about the reason.

  • Call your credit card company and file a complaint asking for a charge-back (aka a charge reversal).

  • If you bought it on eBay with Paypal, file a complaint and ask for a refund. In your complaint be as specific as possible and take pictures as proof.

  • If the item was sent via mail, you can sometimes file a complain with your countries postmaster who may choose to conduct a more in depth investigation and block additional shipment from that seller into your country.

What if I'm not sure

There may be situations where you have doubts but aren't sure something is counterfeit. In that case, contact the support department of the manufacturer and ask for help. Some may politely reply with "Too bad you should have bought it from an authorized retailer." But more often than not, they will likely give you specific queues to look for [on their product] to help authenticate it.

There was one case where I sent the questionable product to the manufacturer (asking being asked to do it) and was told it was a counterfeit. In this case the manufacturer had amazing customer service and shipped me a replacement (since the original was purchased from a brick and mortar store that should have been authentic).

Buyer beware!