MONTEVIDEO, Uruguay, 26 December 2004
Maria Stanisheva is a Project Assistant at the British Council – an international organisation from the United Kingdom that promotes educational and cultural relationships – in Bulgaria. Currently she is working on the UK-SSE Forum Project, which has three types of activities: People and Politics, Creative Industries and Youth Action. The last of these works with youth non-governmental organisations (NGO) on the development and implementation of ten projects with different objectives and participants. Youth Theatre “Alternativa” is one of these NGO.
On December 6 2004, Alternativa received a strange email from the self-denominated non-profit London-based organisation called “Global Concern for Human Development”. The email, with the subject “GGHD IT GRANTS 2005”, announced the obtaining of a donation of computers as part of a support programme for organisations from countries with limited resources. The key name of the initiative is “IT for All 2005.”
According to the announcement, the beneficiary organisation will receive three sets of computer equipment. The first suspicious fact: the recipient had been randomly chosen. Second, the recipient was not only responsible for the processing and transportation fee to the destination country, but also had to pay 50 pounds in advance (some 95 American dollars) per computer. “You will need to pay this amount and any shipping costs, if applicable, in full, and in advance, before taking possession of the PCs”, stated the message.
If the donation is accepted, the organisation needs to write an official letter of acceptance and send it to the indicated fax number “before five days have passed since the offer”. The message added that all the computers needed to be sent before Christmas, “so the organisations could start benefiting from their use at the beginning of January 2005.”
First known case
Instead of mailing in its acceptance letter, Alternativa contacted the British Council in search of information on the sender. According to the British Council, “Global Concern for Human Development” -which identifies itself as a British non-profit organisation aimed at developing and implementing sustainable cooperation and development programmes in variety of fields– does not appear in the United Kingdom’s registries of NGO and further analysis of the mail has shown that the domain is registered in Uganda.
“I then called the Youth Theatre and told them that this is a case of typical internet fraud,” said Stanisheva.
“There have been cases of attempted fraud involving names of existing or fictitious UK organisations,” she continued. “Whenever we have been consulted, we have made effort to help in the best interest of the public. This is the first time we have come across or been informed of this particular type of scam though.”
“I decided that we can go further and inform Bluelink, which is a well-known information portal for the Bulgarian civil organisations. I was surprised to hear that this is the first case of internet fraud aiming the NGO sector.” BlueLink disseminated the information, and the newspaper Dnevnik followed suit.
Milena Bokova, Executive Director of BlueLink Information Network, assures that, at least in its experience, there is no precedent for this type of scam attempts directed specifically to civil society organisations. In these cases, she advises “to try to find as much as possible information about the sender and then to spread-out the information in order to protect other NGOs.”
Investigate and alert
A way of detecting the origin of a message is using the client options of the mail programme (properties) to see the complete heading of the email. Identifying the IP number of the sender (the identification number, something like the identity of the computer from which the mail was sent), that should be a sequence composed of four numbers separated by periods (for example 188.8.131.52), and go to a “whois” service (use, for example, http://www.geektools.com/whois.php) and try to locate the internet service provider (ISP) associated to that number by following the instructions on the webpage (at GeekTools a security code that appears on the consultation page, see the image above). In the result, one should try to locate the email address of the ISP administrator. If more than one address exists, use them all.
Send a copy of the message original source (not that which is normally seen in the mail programme) to the administrator’s support address. If a governmental office for internet security exists, sending them a copy is also recommended.
“I think that NGOs should be extremely sceptical when it comes to donations through the internet”, said Stanisheva, “especially when they are being approached by an unknown donor organisation. They have to check by all means the information on the web about this organisation, the web registration, contacts and if possible even the people who present themselves as the donors. Unfortunately even this cannot guarantee that they will not be deceived. If they discover fraud they should inform both their partner organisations and the media/networks which will be interested.”.
We appreciate the input provided by Maria Stanisheva (British Council in Bulgaria), Milena Bokova (BlueLink), Carlos Afonso (Rits – Brasil), Pavel Antonov and Arturo González (ITeM – Uruguay) for this article.