ATLANTA, GA – Attorney General Chris Carr is recognizing the month of October as Cybersecurity Awareness Month by highlighting his office’s continued efforts to investigate and prosecute cyber-enabled crime through the work of his Prosecution Division and the Georgia Cyber Fraud Task Force. Carr is also sharing important tips and resources to help Georgia consumers, businesses, and organizations protect their data and devices from cyber thieves and fraudsters.
“Phishing scams, data breaches, and malware pose very real threats to Georgia businesses and consumers,” said Carr. “Through the work of our Prosecution Division and the Georgia Cyber Fraud Task Force, we’re continuing our efforts to ensure those who enable cyber-fraud schemes are held accountable for their actions. Now more than ever, it’s imperative that Georgians take proactive steps to protect their data and devices, and our office offers a wealth of information to help start that process.”
Georgia Cyber Fraud Task Force
According to the FBI’s Internet Crime Complaint Center (IC3), Georgians lost more than $322 million to cyber-enabled crime last year alone. Nationwide, those losses topped $10 billion.
Cyber-fraud scams are perpetrated by an entire network of participants who each play an integral role in the success of the operations. One critical actor in these schemes is the “money mule” – the party responsible for opening a U.S. bank account, usually a business account, and accepting proceeds from a variety of frauds. The money mule then forwards the funds as directed, often to accounts overseas.
To aid in the investigation and prosecution of cybercrime, Carr partnered with the U.S. Attorney’s Office for the Northern District of Georgia and other local, state, and federal agencies to form the Georgia Cyber Fraud Task Force.
The mission of the Georgia Cyber Fraud Task Force is to identify leads for the investigation of suspected money mules in the Atlanta area and reduce the amount of time and resources necessary to impact those mules through judicial intervention. These leads originate from victim complaints made to IC3 and law enforcement from around the country through the StopTheMuleGa initiative. Members of the Task Force also engage in sustained community outreach and training for law enforcement and prosecutors to better respond to cyber-enabled crime.
The Attorney General’s Public Integrity and White Collar Crime Unit has brought charges in a number of cases identified by the Task Force, including the following:
- On Feb. 15, 2023, Ugochinyere Anazodo, Dominique Beaulieu, and Willy Obena were indicted in Gwinnett County for allegedly participating in several cyber-enabled fraud schemes, including a Business Email Compromise scam targeting the Georgia Department of Transportation and a romance scam targeting a private citizen. All three defendants are charged with two counts of Racketeering. Anazodo is also facing additional charges of Theft by Taking and Money Laundering.
Read more about the efforts of the Georgia Cyber Fraud Task Force here.
Genesis Dark Web Marketplace Investigation
In April 2023, Carr announced that his office’s Public Integrity and White Collar Crime Unit is participating in a nationwide investigation into suspected users of Genesis Market, a dark net marketplace. The FBI’s investigation into Genesis Market revealed that its operators compiled stolen data from malware-infected computers around the globe and packaged it for sale on the market. The packages sold on the market, referred to as “bots,” allowed the purchaser to access various online accounts harvested from the computers of the victims.
Over the course of their investigation into the illicit online marketplace, federal law enforcement worked to identify those who purchased and used these stolen access credentials to commit fraud and other cybercrimes. This effort resulted in hundreds of leads being sent to law enforcement throughout the United States, including the Georgia Office of the Attorney General.
Tips and Resources
The Attorney General’s Office works to raise awareness among citizens and private industry through community presentations about cyber-fraud trends and incident response best practices. During Cybersecurity Awareness Month, representatives from both the Attorney General’s Prosecution and Consumer Protection Divisions presented at the 2023 Georgia REALTORS Broker Summit to discuss cybersecurity, including Business Email Compromise schemes and imposter sellers and renters. To request that a member of the Consumer Protection Division speak to your group, visit the Attorney General’s website here.
To help small businesses, non-profits, and places of worship safeguard their data and devices, the Attorney General’s Consumer Protection Division created Cybersecurity in Georgia. This comprehensive guide includes critical tips and information about the different types of cyber threats, protecting your data and network, training employees about cybersecurity, planning for and responding to a security breach, cyber insurance and more. The guide is free and available for download here.
The Consumer Protection Division also offers these six tips to everyone who uses technology:
- Use strong passwords. The longer the password, the tougher it is to crack. Mix letters, numbers and special characters. Don’t use your name, birthdate or pet’s name in your password. Use a different password for each of your accounts so that if one account is hacked, the perpetrator can’t take over all of your accounts. To help you create hard-to-crack passwords and automatically store them and usernames securely, consider using a password manager.
- Enable multi-factor authentication. Multi-factor or two-factor authentication increases the security of your online accounts by requiring an additional means of verifying your identity beyond your username and password. This could come in the form of a PIN number, security question, facial recognition, fingerprint, or requiring you to enter a code that is texted or emailed to you. Always opt-in if given the choice to set-up multi-factor authentication, particularly for sensitive accounts, such as online banking or retail accounts that store your payment information.
- Recognize and report phishing. Be wary of clicking on links, opening file attachments or providing sensitive information in response to texts, emails or social media messages, particularly if you don't recognize the sender, as it could download malware onto your device or place your sensitive information in the hands of a scammer. Being asked to send money is a red flag of a scam. Even if the message appears to come from a person or business you know, refrain from interacting with the message and instead contact the sender through a verified phone number, email address or website. Report phishing attempts to the appropriate authorities or IT department. Most email providers also have an option to report a suspicious email.
- Update your system and software frequently. Computer and software companies frequently update their programs to include protection against new security threats. Simply updating your operating system and software whenever new versions become available gives you an added measure of security.
- Be aware of common scams using AI. The use of generative AI to craft a phishing email resolves the formerly tell-tale grammatical or spelling errors that would typically alert a reader to fraud. The use of AI voice cloning can also make phone scams seem all too real. Law enforcement suggests having a family code word to verify identity in the event of an actual emergency – but don’t send this code word via email.
- Lookout for crypto investment scams promising unrealistic returns. Victims nationwide lost over $3.3 billion to investment scams in 2022, according to IC3.gov data. Much of that was driven by fake investments in cryptocurrency. The scams include an initial promise of modest returns, legitimate looking apps and websites showing those returns, and even the ability to pull out some of the money “gained.” Soon, however, the promised returns are higher and the buy in increases for the victim who is often, by this time in the scam, in a position to trust the scammer and may be in debt. The demands increase until the victim has “invested” everything they have, only to find the website taken down and their “investments” fake. Consumers should research investment opportunities and seek professional guidance, especially if investing in cryptocurrency. If the rate of return sounds too good to be true, it likely is.
If you believe you have fallen victim to cyber fraud:
- Immediately Report the Fraud: As soon as you become aware of the fraud, immediately contact your bank.
- Contact Law Enforcement: File a report with your local law enforcement agency.
- Contact IC3: Submit a complaint to the FBI's Internet Crime Complaint Center at www.IC3.gov.
- If Scam Transactions are Hurting your Credit: Visit AnnualCreditReport.com to request your free credit reports from the three major credit reporting agencies – Experian, Equifax, and TransUnion. If you notice any unauthorized collection items, loans or credit cards, contact the three major credit reporting agencies – Experian, Equifax, and TransUnion – to dispute them. Freezing your credit is also a great way to stop unauthorized accounts from being opened. To learn more about how this process works, visit https://consumer.georgia.gov/consumer-topics/credit-freeze.
For additional tips, visit the Attorney General’s Consumer Protection Division website here.