, SecurityFocus 2007-04-30
UPDATE - Following a two-and-a-half year investigation, federal prosecutors charged online payment service E-Gold, its parent company Gold & Silver Reserve, and its three owners with four counts of violating the U.S. laws restricting funds transfers and money laundering, according to an indictment unsealed on Friday.
The court filing claims that the companies' owners -- Dr. Douglas L. Jackson of Satellite Beach, Fla., Reid A. Jackson of Melbourne, Fla., and Barry K. Downey of Woodbine, Md. -- knowingly allowed criminals to use the service and profited from others' crimes. The indictment further claims that, because the service requires no identity verification outside of an e-mail address, E-Gold became the preferred method of payment for online scammers, identity thieves, and child pornographers.
"Douglas Jackson and his associates operated a sophisticated and widespread international money remitting business, unsupervised and unregulated by any entity in the world, which allowed for anonymous transfers of value at a click of a mouse," Jeffrey Taylor, U.S. Attorney for the District of Columbia, said in a statement. "Not surprisingly, criminals of every stripe gravitated to E-Gold as a place to move their money with impunity."
The digital-cash service denied the charges against the company and its owners and took particular exception to the government's allegations that the E-Gold service knowingly aided child pornographers.
"With regard to child pornography, the government knows full well that their allegations are false, yet they highlight these irresponsible and purposely damaging statements in order to demonize E-Gold in the eyes of the public," Dr. Jackson said in an e-mail statement sent to SecurityFocus, likening the use of child pornography charges to accusations of witchcraft. "In post 9-11 America, child porn and terrorism serve as the denunciations of choice. E-Gold, however, as a matter of incontrovertible fact, is the most effective of all online payment systems in detecting and interdicting abuse of its system for child pornography related payments."
In March 2006, E-Gold joined with 17 other financial institutions and the National Center for Missing and Exploited Children to limit the use of their services by child pornographers.
The indictment comes as e-payment companies are increasingly being used by online criminals to transfer the profits of their crimes. Using services such as E-Gold and WebMoney, groups that control malicious bot programs have offered to pay Webmasters and anyone with control of compromised Web sites typically $80 to $85 per 1,000 installs, according to sites advertising such partnerships. A number of groups that appear to be from China and Eastern Europe use the compromised Web sites to host nearly invisible IFRAME tags, which link to the attacker's site and infect visitor's computers.
Last month, one researcher investigated an online server used to store stolen digital identities and found that it also acted as an e-commerce service, selling the data for funds transferred to WebMoney. Other services occasionally used include Fethard and Western Union.
Yet, E-Gold allegedly has made no significant effort to curb the criminal use of its service, according to the indictment, handed down last Tuesday, but only unsealed on Friday. The service and its owners have purportedly allowed customers to continue using the service, even after other victims and companies flagged the activity as unlawful, the court document stated. In many cases, the database records of accounts would have notations that would imply that the company knew "the account holder was engaged in, including among other things, 'child porn,' 'Scammer,' and 'CC fraud,'" the indictment stated.
Other E-Gold customers have not even tried to hide their business, according to records seized by law enforcement officers and mentioned in the court filing. Thousands of accounts were allegedly opened using the abbreviation for high-yield investment programs (HYIP), a popular investment scam. The company did not include any prohibition on criminal activity in its user license agreement, according to the indictment.