Friday, February 18, 2005

Investigation: This man wants to hit BT with a baseball bat

The Sunday Times Magazine - 13th February 2005

The financial-crime fighter Jeffrey Robinson fell foul of a complicated internet scam, and paid for it through his telephone bill. Here he tells how he took on the telecoms giant.

This all began innocently about a year ago, when I downloaded a few free tunes from a seemingly benign internet music site. Hidden inside the download was a secret software program designed to hijack our modem and run up my phone bill. Without anyone's permission, a secret dialler reset our computer to ring a premium-rate number. No warnings were given. No service was received. Some of the calls were placed when we weren't home. I wasn't even aware of this invasion of my home and computer until a month later, when BT charged me for 13 premium-rate calls, totalling £120.96, that we did not make.

The sense of having been violated was compounded when I discovered that more than 80,000 people across the UK had complained to BT about being similarly ripped off - and it seemed that BT didn't much care. Its response was, as long as the calls were made from my phone, I had to pay the bill. If I wanted to complain, I must get in touch with the premium-rate number regulator, the Independent Committee for the Supervision of Standards for Telephone Information Services (Icstis).

So I phoned Icstis, or at least tried to, only to discover what tens of thousands of other victims were doubtless discovering - that its numberis engaged from dawn till dusk. BT may have been counting on this - victims complain, they're shunted off to Icstis, they can't get through, a red notice arrives from BT threatening dire consequences, the victims pay up, and BT is paid for calls that its customers never made.

The problem this time is, I'm not a polite British gentleman. I'm a New York street kid. I don't turn away from a fight. This is the story of a big corporation that has walked away from its responsibilities. Take a deep breath - the tale is going to get complicated. It is the nature of a scam, and especially one as successful as this, that the tale is going to get complicated.

I rang the Icstis press office, from whom I learnt that a serviceprovider called B&B Services LLC operated the premium-rate number that got me.Your scammer might be different, but the con will be much the same. B&B leased the number from a UK network operator, Redstone Communications Ltd. Unfortunately, getting information out of Icstis is a laborious process. This may be because complaints have increased by 500% in the past year -in large part owing to these secret diallers and BT's laissez-faire attitude. I paid BT what I legitimately owed it, omitting the £120.96 of amassed charges for calls which I had never made. Along with my cheque went a note reminding BT of a basic responsibility to its customers - its "duty of care" to protect us from criminal activities - and warning: "The non-authorised use of my phone to generate costs without my knowledge and without my approval constitutes fraud."

BT answered with a form letter that basically said: we hear what you're saying but cannot do anything about it. It simply told me to contact Icstis. The company categorically refused to admit a "duty of care",which it has both morally and in law. The letter, signed with an illegible squiggle - so that I couldn't argue with a real person - rambled on for two pages about how BT can't be held responsible for premium-rate scams. Then came this odd disclaimer: "BT would like you to know it does notwish to profit from this type of problem. BT takes only £1.85 per £100 worthof calls, the remaining revenue going to the service provider, and BT has pledged to donate its share of the revenue to Childline."

What I hadn't bothered to tell BT was about my own expertise in financial crime and money-laundering. After three books on the subject (The> >Laundrymen, The Merger and The Sink), plus consultancies with law enforcement around the world and countless speaking engagements, I knew that whether or not BT wanted to admit it, they had specific obligations as defined by various UK criminal statutes.

With tens of thousands of people around the country suffering the same fate, BT was possibly handling millions of pounds worth of money that could be dirty. Someone needed to identify the people behind these cons, and to get BT to face up to its responsibilities. To do that, you have to follow the money. I looked at Redstone Communications. Formerly known as Redstone Telecom, the Hampshire-based company provides information-technology services to corporate customers in the UK and is run by a man named Ian Brown.

In 2002 the company nearly went broke and was forced to sell its national telecom network - to BT! Today, Redstone resells network products on behalf of BT, which means BT has an interest in Redstone, making BT's claim - that it only has a 1.85% stake in premium-rate calls -ratherless than the whole story. Redstone, in turn, could be entitled to as much as one-quarter to one-third of this potentially dirty money. How much of that then gets returned to BT through some book-keeping process? I cannot tell you. But I'm working on it.

If you judge a company by the company it keeps, Redstone does not emerge well. According to an Office of Communications (Ofcom) report for the Department of Trade and Industry, published in December 2004, Redstone has been linked to more offending service providers than any other communications provider in the country. Among the service providers fined by Icstis for the period of January to September 2004, 15 leased lines from Redstone. Second on the list, Intelliplus, was involved in 10 cases. BT was involved in three. That said, Redstone's clients' fines amounted to more than 23% of the total.

Leasing a premium-rate number to someone who becomes the subject of a complaint is not a crime, but Ian Brown at Redstone, and Ben Verwaayen, BT's chief executive, don't always seem to know to whom they've leased premium-rate numbers. And that becomes important, as "know your customer" is one of the statutes in the European money-laundering regulations.

Well, I'm going to help Brown and Verwaayen with some information about their customers. Again, you will have to bear with me, because premium-rate scams are complicated, and fraudsters who do not wish to account for themselves are rarely easy to find. But if you follow the money after it leaves your bank account for that of BT, then leaves BT and moves from country to country, you will get to where the authorities need to go.

It became evident that Brown and Verwaayen didn't know anything about B&B when I looked into that company. Its address is c/o Ilex Trust Services, a formation and financial-services agent in Lugano, Switzerland. The nominee director of B&B is Andrea Melera, who happens to run the Ilex office. During my initial phone conversation with Melera, he claimed that B&B was a New York State company. That's true, but it is a nonresidential company with two dead-end "mail-drop" addresses, one in Albany and one in Queens. That says to me, someone doesn't want Verwaayen, Brown or anyone else knowing who they are. So I rang Melera again. This time he admitted that he'd set up this well-constructed duck blind and that the people hiding behind it were northern Italians. When he wouldn't identify them, I asked if his clients would speak with me. He assured me they wouldn't.

But he insisted they weren't crooks, although his "due diligence" - the effort he is required to make to properly identify his customers - consisted mainly of seeing various forms of ID and copies of utility bills. He acknowledged that B&B operated internet porn sites, which used premium-rate numbers, but he maintained that everything was above board. Except it wasn't. Ilex received about 500 complaints from UK customers alleging premium-rate fraud. Consequently, Melera said, B&B authorised him to repay anyone who complained. The total repayments came to about £30,000. Melera also admitted what I already knew: that Icstis had penalised B&B £100,000, and that the company had paid the fine. Icstis records confirm that B&B operated its Redstone-leased premium-ratenumbers from December 2003 to March 2004, before being shut down for malfeasance by Icstis.

Specifically, it had violated paragraphs 4.3.1b of the Icstis code of practice (taking unfair advantage of any circumstance which may make customers vulnerable); 4.1.3 (unduly encouraging unauthorised calls); and 7.2.3 (which includes, among other things, failure to disclose information about call volumes, patterns, revenues and details of services operating on particular premium-rate numbers).

Despite the fact that Melera has since resigned as B&B's nominee director, he maintained to me that B&B had done nothing illegal; that no premium-rate calls were made without users' consent; that pricing information had been clearly displayed; and that an active agreement from users had been required. His protestations wear thin. B&B claimed to monitor unusual call patterns, but never provided any evidence to support this. Nor did B&B provide any evidence that their dialler software complied with Icstis requirements. In my case, nobody ever asked my permission. I never gave any consent, nor would I have. Too many members of the public have sworn the same thing: that they never agreed to connect to B&B's premium-rate service and that the dialler made repeated calls without their knowledge or consent. Disputed bills on file with BT and Icstis show systemic repeat calls, and are irrefutable evidence of a scam.

When I suggested to Melera that paying the fine and refunding complaining. customers had been an expensive venture for B&B, he said that the £130,000 paid out amounted to less than 1% of the business B&B did during those four months. He disclosed that premium-rate numbers accounted for about 600,000 hits on the company's porn sites, averaging £10 to £12 per hit. That's a turnover of £6m-£7.2m. And even if Verwaayen and BT only admit to taking 1.85%, that's still £111,000 - £133,200 of tainted money. How much more went onto Redstone's accounts and from there into BT's, I don't know. But I do know that B&B is only one of several significant offenders.

So B&B was fined, barred from access to premium-rate services for two years, and ordered to refund all complainants. Melera wanted me to believe it paid up out of goodwill. But that's also nonsense. It paid out so it could re-enter the market two years later if it so wished. That is, if the people behind it are not already back in the market. There are hints that they might be using UK premium-rate numbers under different names. According to one informed source, they are still in the internet-porn business, operating similar scams in other countries.

In my case, I did not claim money back from B&B, because my solicitor advised me not to. My contract is with BT, which billed me for calls I had not made. It is thus up to BT to reclaim any monies it paid to Redstone, and up to Redstone to reclaim any monies it paid to B&B. Having established a money trail, I turned back to what Verwaayen and BT knew about the scams being operated. The company had been receiving complaints about dialler fraud for at least two years. If it had only received a few dozen, that may not have indicated something was a miss. Perhaps a few hundred might have tipped the balance. But what conclusion, other than some kind of criminal activity, can a reasonable person make after more than 80,000 complaints?

Verwaayen and BT must be on very thin ice, given these warning signs. Furthermore, a BT press statement noted: "Once we find out that a site is illegal or fraudulent, it is shut down immediately." Another acknowledged that the company had discussed the matter with the National Hi-Tech Crime Unit, "So they can do a criminal investigation." (A source inside the unit says that BT has been informed that use of secret diallers is a criminal offence under the Computer Misuse Act 1990, contravening section 1, which prohibits unauthorised access to a computer, and section 3, which prohibits unauthorised modification of the contents of any computer.) And on its website, BT refers to the problem as a "scam", one dictionary definition of which is: "A fraudulent business, a swindle". Therefore, having publicly stated that it knows this is illegal, BT's donation of 1.85% to charity may be less altruistic than it seems.

What other conclusion can any reasonable person make but that BT was trying to wash its hands of suspect money? But before anyone can give anything away, they must possess it, and knowing that you are in possession of the proceeds of crime is a criminal offence in itself.

If Verwaayen and BT took legal advice that charitable donations somehow exonerate them, then they are living in a fools' paradise. Being knowingly in receipt of money fraudulently obtained from its customers also means that BT must ensure that its customers' money does not go to criminals. That's a principle of English law called "constructive trust". If BT passes money on to bad guys, when there are reasonable grounds to suspect that the money is the proceeds of crime, it is potentially guilty of a crime. As I see it, BT could be open to the charge of being involved in money-laundering if at any stage it knows or suspects customers are victims of a premium-rate scam. Money-laundering can be defined as the acquisition, possession or use of the proceeds of another's criminal conduct.

The regulations in the UK apply to assets derived from criminal conduct regardless of value. Receiving, handling or transferring £120.96 that is the result of criminal conduct - or is reasonably suspected to be the result of criminal conduct - is the same as receiving, handling or transferring £120m in drug money. I believe that BT has come close to violating the Proceeds of Crime Act (POCA) 2002, specifically sections327 (Concealing etc), 328 (Arrangements) and 329 (Acquisition, Use and Possession) of criminal property, including money. By passing suspect funds along to Redstone, it has probably "arranged" and "transferred" the proceeds of crime. The same goes for Redstone, which passed money along to Malera and Ilex. Here, too, the "constructive trust" principle comes into play. In turn, Malera and Ilex could be subject to UK money-laundering statutes, which do not limit offences to those only taking place in theUK.

If BT or Redstone had reported suspicions or knowledge of money-laundering to the National Criminal Intelligence Service (NCIS), that might be a partial defence. But a source inside NCIS says they didn't, at least not during the relevant period. If any of them have since filed reports to NCIS, that's called "defensive reporting" and anyone who understands the money-laundering regulations also understands that defensive reporting is tantamount to an admission of guilt. Even if they had reported their suspicions, BT and Redstone would not be entitled to continue handling these monies.

Yet, knowing that certain dialler fraudsters have been banned by Icstis because they were in direct violation of the codes, and in the face of so many complaints of fraud, BT continues to insist on its right to collect unpaid fees derived from highly suspect premium-rate activities. In some instances, it has threatened to shut off people's phones for nonpayment. That BT has paid money to Redstone before collecting from its own customers - leaving itself exposed to the loss - is BT's problem, not its customers'. While other phone companies caught up in this scam maintain their bullying stance against individual members of the public, BT does at least takes a different attitude when confronted by people with connections.

One man with connections, Sir George Young MP, has taken up dialler-fraud complaints with BT. "Where I have pursued individual constituency cases with BT, they have not taken the customer to court. They have not charged the customer. They have exercised their discretion not to pursue the matter," says Young. "But BT doesn't want anyone to know that." Add in the possibility that, by playing the bully, BT could also be in violation of an offence under statute 40 of the Administration of Justice Act 1970, which deals with the unlawful harassment of a debtor - and one can seewhy it backs off when confronted by someone with legal clout.

Complicating matters for BT and Redstone is the fact that UK money-laundering laws dictate behaviour for solicitors, accountants and bankers who know or suspect that laundering is taking place. Given the publicity surrounding dialler scams throughout 2004, solicitors, accountants and bankers acting for BT, Redstone or any other company involved with this might already be exposed. To demonstrate how seriously the government takes money-laundering these days, penalties set out in POCA for violation of sections 327, 328 or 329 can amount to imprisonment for up to 14 years, a fine, or both. Additionally, solicitors,accountants and bankers have further responsibilities, as set down in statutes and codes of practice by the Financial Services Authority (FSA) and their own professional bodies. Besides that, there's a potential for intervention by the new Assets Recovery Agency (ARA). Under UK law, the ARA brings civil suits against offenders to reclaim the proceeds of crime.

With hindsight, BT and Redstone, Melera and B&B, and all the others involved with dialler scams, might wish they had paid more attention to the 80,000-plus victims across the UK when they had the chance. Wilful blindness is no defence. "Not my problem" is no defence. "I wasn't sure what to do" is no defence. "Call Icstis" is no defence. "We are a huge corporation with political connections and are arrogant enough to think we are beyond the law" is no reason why BT should go unchecked.

In the name of responsible journalism, I fired off a series of letters Verwaayen and Brown, giving them every opportunity to set the record straight. Letters to both were answered with bland responses from flunkies who ignored the serious points I raised. The response on Brown's behalf was. in my view, idiotic. Because Brown and Redstone don't usually deal with the public, perhaps they feel able to fob off public concern.Verwaayen and BT are different.

While Verwaayen may have skirted round my questions, I already knew the answers. I asked Verwaayen, considering the fact that BT is still pursuing the collection of highly suspect charges from an apparent premium-rate scam, how does BT justify pursuing fees of this kind? The answer is, it can't, really, because pursuit of illegal money is a violation of the law. Redstone is not exempt from this either.

I asked Verwaayen, by collecting monies obtained through scams, how does BT avoid leaving itself open to possible criminal sanctions; and/or the UK's various money-laundering laws which, among other things,specifically prohibit the possession of, handling of and/or movement of moniesobtained through criminal acts? The answer is, it can't, because its laissez-faire attitude opens it to very serious criticism.

I also asked Verwaayen, how does giving BT's share of premium-ratecharges exonerate BT from potentially being in violation of the law? The answer is, of course, it doesn't. After speaking to Verwaayen and eliciting BT's response to my charges - that it can never tell whether or not a caller has intended to contact a premium-rate porn site - I received a letter from BT offering me a £100 credit on my phone bill. Needless to say, BT's offer was robustly refused.

Because some people take criminal behaviour seriously, tomorrow morning I will make a formal complaint to the police against BT, Redstone, B&B,Ilex and others for money-laundering and theft-act violations, plus aiding and abetting criminal enterprise. Victims who feel equally aggrieved can do the same, knowing that, under UK law, allegations of criminal behaviour must be investigated.


Scilla Cullen said...

I was billed once, a relatively small amount, for this type of scam and instantly called BT to put a ban on all premium rate numbers from my phone. I use my PC and internet with care. However that does not detract from the main point of the article and it could be argued that anyone paying BTs demand when they know that the money is being extracted fraudulently probably for criminal purposes are themselves guilty of aiding and abetting that crime. However as we all know overpowerful governments and companies will always bully the common man.

Archi said...

Most of these scams would not happen if people would only put decent anti virus, anti trojan and anti spy ware on their systems and keep them up to date.

There are many such programmes available that are free to download and use.

Anonymous said...

But you, in-directly, did make the calls. It is not BT's responsibility to ensure the security of your PC and the programs that run on it and if you choose to frequent websites of dubious legality and content then what happens next is your own fault.

Whilst I do think that BT and other telephone operators should run to tighter rules with regards to who they let operate premium rate phone lines I fail to see why you should not be responsible for your own lax security and the problems that it has caused.

Henderson of B'Ham said...

Robinson's point is not about the calls, it's about the fact that UK law prohibits anyone from touching criminal money. Follow the money and you'll see that BT is acting illegally.

Harold of Yorkshire said...

This isn't about anti-spy software or the average Joe's responsibility whilest surfing... this is about the law of the land and BT's responsibilities under the criminal codes. If they knew or suspected that this was the proceeds of crime, (and they knew! witness their own literature about dialler scams and dialler frauds), then they cannot touch it! Guilty as charged!

Anonymous said...

The following service providers wer responsible for 20% of all dialler fraud in 2004. Their victims story is here.
BT continued billing for these 3,500 numbers throughout the whole of 2004.
Given the high level of complaint it is impossible to believe that regulators and government ministers were not aware of what was going on.
These service providers all shared the same addresses and were registered by the same people.
Amara Amichi 2000 SL
0909 967 7600 to 0909 967 9299 = 1700
0909 967 9608 to 0909 967 9907 = 300
Icstis contact Jorge de la Riva.. C ter 27 Bajo Iz,Palma De Mallorca,Spain
Spanish Companies House=..M* De M*..Can Puigdorfila 2,1-B-07001 Palma De Mallorca,Spain

Inversion Zarnoza SL
0909 967 7600 to 0909 967 8099 = 500
Icstis contact..C/ Murillo 15, Apt 13, Nova Sta Ponsa, 07180, Spain

Cala De Plata SL
0909 967 8100 to 0909 967 8599 = 500
Icstis contact..Sussana Heinkel,, Passeig de l'arbreda 15, Llucmajor, Mallorca, 07609, Spain
Spanish Companies House=..M* De M*..Can Puigdorfila 2,1-B-07001 Palma De Mallorca,Spain

Mesa rotation SL
0909 967 8600 to 0909 967 9099 = 500
Icstis contact..Celia Constante, Can Puigdorfila 2,1-B-07001 Palma De Mallorca,Spain
Spanish Companies House=..M* De M*..Can Puigdorfila 2,1-B-07001 Palma De Mallorca,Spain

Middleton holdings ltd
0909 967 9100 to 0909 967 9299 = 200
0909 967 9608 to 0909 967 9907 = 300
Icstis contact..c/o Amara Amichi, C ter 27 Bajo Iz, Palma De Mallorca, Spain

Ibero Latino De Telecomuniccaciones
0909 967 3002 to 0909 967 3006 = 5
Icstis contact..0034 971 906 906, Gremi Boters 42, Nave2, 07009 Poligono Son Castello, Palma De Mallorca, C.I.F: A-57094708, Spain

Premium Media Communications
0909 967 2808 to 0909 967 2808 = 1
0909 967 2995 to 0909 967 2999 = 5
0909 967 3654 to 0909 967 3953 = 300
Icstis contact..E* D*, 0034 6618 3999, Cl. Del Ter 27 Bajos Izqueirda, 07009 Poligono Son Fuster, Palma De Mallorca, C.I.F: B-57161366, Spain

Blog Archive

only search Neil Herron Blog