Thursday, November 21, 2024

#CyberScam Analysis – What we can learn from the Lee Elbaz trial for the analysis of other cyberscam organizations like E&G Bulgaria

Spread financial intelligence

The findings of the US authorities in the broker fraud case involving Yukom Communications and its now convicted CEO Lee Elbaz should help us to better understand and analyze other broker scams such as E&G Bulgaria. In the following, we have made a comparison between the two schemes of Yukom Communications and E&G Bulgaria. An EU arrest warrant has been issued against Gal Barak, the beneficial owner and manager of the boiler room operator E&G Bulgaria. Like Lee Elbaz and Yossi Herzog in the Yukom case in the U.S., Gal Barak and his cyberscam network are in the focus of the relevant authorities in Europe.

Findings of Yukom Case

The Elbaz trial (“Yukom Case“) has revealed many details from inside broker scams through the documents and testimonies presented by US prosecutors. This was the first time that the criminal nature of the boiler rooms behind those online brokers became publicly evident. It was demonstrated by the U.S. prosecutors that the boiler room staff worked with false names (Stage Names) and lied to investors literally about everything: their education, experience, and location. They lied to investors about potential returns and risk. They were trained by management to do this.

These boiler rooms usually disguise themselves as marketing agencies, call centers or business process outsourcing (BPO) companies. They thus allow their employees to pretend that they have a legitimate job. In fact, employees, management, and owners of these boiler rooms know very well the criminal purpose of their existence – to steal money from investors.

The U.S. prosecutors have made this so perfectly clear that every boiler room agent must know that he is a member of a criminal organization. It’s not just about management. In the Yukom case, four former boiler room agents (Liora Welles, Shira Uzan, Lissa Mel, Yair Hadar), a former vice president Austin Smith and the CEO Lee Elbaz were found guilty of investment fraud. There are no innocent boiler room employees. They all willfully and knowingly participate in fraud. The U.S. prosecutors have shown that the employees are trained for the theft, using scripts to facilitate the theft on the call centers’ “assembly lines”. It is against this background that we look at E&G Bulgaria.

Structural Analysis

A systemic comparison of the two broker scams from Yukom Communications (Israel) and E&G Bulgaria (Israelis in Bulgaria) shows that E&G Bulgaria is comparable to Yukom Communications in many ways. But there are, too, some differences that make E&G Bulgaria the even bigger

For a better understanding, it must be noted that in cyberscam organizations legal entities (companies) along with a formal organization have less importance than in legitimate organizations. Cyberscam organizations live with personal relationships and informal structures. The need to be able to react quickly to threats from the police, tax authorities, aggrieved parties or even media such as FinTelegram demands the highest organizational flexibility. Companies and frontline personnel must be able to be exchanged quickly. The distribution of individuals, companies and bank accounts across different jurisdictions around the world is an absolute necessity for cyberscam organizations. This gives them strategic flexibility and allows them to evade access by agencies in individual countries. Gal Barak, the mastermind behind E&G Bulgaria, is therefore considered to be a highly talented organizer with remarkable improvisation skills. investment scam scheme.

The structural similarities

The genetic similarities of the two broker scams were (are):

  • led by Israelis
  • boiler rooms for illegal and fraudulent broker schemes
  • business model focused on acquisition of client deposits
  • no real trading ever happened (it was a rigged casino)

The schemes differences

The main difference between the two schemes was (is) that E&G Bulgaria‘s approach goes much further, is much bigger and is spread all over the world:

  • Yukom’s boiler room agents mainly perpetrated clients of the two binary options schemes BinaryBook and BigOption;
  • E&G Bulgaria offered not only binary options but also CFDs and crypto;
  • E&G Bulgaria boiler rooms operated their own scams like XTraderFX, SafeMarkets, Golden Markets, and, additionally, broker scams from of other perpetrators;
  • the E&G Bulgaria had established their own payment services scheme around the Bulgarian Investbank to launder the stolen money.

E&G was the superior cyberscam network

The E&G Bulgaria scheme was much more comprehensive, elaborated and intelligently designed. The three beneficial owners Gery “Gabi” Shalon, Vladislav “Vlad” Smirnov, and Gal Barak developed the scheme worldwide from the USA to the Philippines.

E&G Bulgaria and its beneficial owners also entertain their own payment systems, whereas Yukom used external partners such as Payobin, Hermes Solution or Fibonatix and others.

Beneficial Owners and Masterminds

Yukom Scheme

The beneficial owners behind the Yukom scheme were exclusively Israelis. So far it is publicly known that these owners were the three Israelis Yossi Herzog, Kobi Cohen, and Ronen Roytman. These people apparently didn’t attract any negative attention from the authorities until the Yukom case. FinTelegram is not aware of any previous convictions or previous cyberscam acts of these three guys.

This looks completely different in the case of the E&G Bulgaria scheme. This scheme is run by notorious hackers, spammers, and investment fraudsters.

E&G Bulgaria Scheme

The beneficial owners of the E&G Bulgaria scheme are the two Israelis Gal Barak and Gery “Gabi” Shalon and the Russian (with Israeli passport) Vladislav “Vlad” Smirnov. It should be noted that Gabi Shalon‘s father Shota Shalelashvili is a high-ranking politician in Georgia and strongly supported his son’s activities. Shalon himself is in the U.S., where he is accused of a variety of criminal acts:

  • he is the alleged mastermind behind the biggest hacker attack on US financial institutions in history (JP Morgan hack)
  • his organization orchestrated a gigantic pump and dump scheme with US stocks and violated US securities laws.
  • he operated online casinos and cleared its competitors out of the way with DDoS attacks
  • he operated (in a joint effort with Vlad Smirnov and others) operated a vast moneylaundering network.

Allegedly, Shalon entered into a plea deal with the U.S. prosecutors and supports them in the fight against Russian cybercrime activities in the US. From FinTelegram’s point of view, Shalon is certainly the worst cybercriminal of the present but also a very well connected one. Hence, FinTelegram launched a dedicated “Gery Shalon Cybercrime Case Website” in 2018. Shalon was (is) the strategic mastermind behind E&G Bulgaria.

Gal Barak with Vladislav Simona and Uwe Lenhoff

Vlad Smirnov has been a spammer since the early 2000s and is considered one of the greats in this black area of the Internet and an expert on online payment systems. He operates the PSP NetPay (www.net2pay.com) in Russia and the Binex Group and DreamsPay in Europe via his frontman, the Ukrainian Leonid Olshevsky.

The owners of E&G Bulgaria can therefore rightly be described as having considerable experience with cyberscams. A similar history is not known from any person of the Yukom schema.

Management and Lieutenants

Yukom Scheme

The US indictment has so far shown that Yukom was led by Lee Elbaz. However, the U.S. prosecutors have announced further charges against senior executives. Nissim Alfasi, brand manager for BinaryBook, and Elad Bigelman, brand manager for BigOption are among the other people that are indicted. Parts of the indictment are still sealed and hence not all names are yet known.

The Numaris VP Sales, Austin Smith, along with five other former employees pleaded guilty. The U.S. prosecutors have announced further indictments but have not yet announced all the names. It turns out, however, that in the opinion of the U.S. prosecutors, the management and employees of Boiler Rooms are co in the co-conspirators investment fraud based on the available evidence.

E&G Scheme

Gal Barak is also a director and active manager in E&G Bulgaria. His two partners Gabi Shalon and Vlad Smirnov are (were) less actively involved in the operational management of the scheme. Vlad Smirnov was responsible for payment services. However, like the boiler rooms, the payment services of the E&G Bulgaria scheme also served other customers and schemes.

Marina Andreeva, Kfir Levy, Amit Hulin, and Itzik Gellet were responsible at E&G Bulgaria for the operational management. The Israeli Kfir Levy, for example, managed the boiler rooms of ARC Solution DOO in Sarajevo (and also in Ukraine) while Chen Ganon (Israel) was responsible for the boiler room behind SafeMarkets until late 2018. Amith Hulin (Israel) was responsible for the Serbian business with the My Markets DOO boiler rooms and the Global Payment Solutions Podgorica DOO payment services provider in Montenegro. Several boiler rooms and companies were also involved in the Yukom case. In addition to Yukom, the Boiler Room operators Numaris and Linkopia were also involved. This structure of distributed boiler rooms is identical as between the Yukom scheme and the E&G Bulgaria scheme.

Role/Function Yukom* E&G Bulgaria*
Beneficial owners boiler rooms Yossi Herzog, Kobi Cohen, Ronen Roytman Gal Barak, Gabi Shalon, Vlad Smirnov
Top Management Lee Elbaz, Nissim Alfasi, Elad Bigelman, Austin Smith Gal Barak, Marina Andreeva, Kfir Levy, Itzik Gellet, Amit Hulin, Maor Sioni, Jesse Tally
Brand Manager Nissim Alfasi, Elad Bigelman Gal Barak, Chen Ganon
(*)as publicly known yet

Conclusion

The two cyberscams are identical in their essential structural features. As a matter of fact, E&G Bulgaria‘s approach goes far beyond that of Yukom. The estimated damage for retail investors at E&G Bulgaria is also likely to be much greater if one believes the insiders. In any case, E&G Bulgaria meets all the criteria that convinced the US prosecutors and the jury of the fraud.

If we follow the arguments of the U.S. prosecutors, on the basis of the evidence available in the case of E&G Bulgaria already, beneficial owners, management and employees of E&G Bulgaria would have to be charged with investment fraud and stand trial. It would be difficult to understand if European law enforcement authorities came to different conclusions than their US counterparts. Despite different legal systems – common law in the US and civil law in Europe – the definition of investment fraud is similar in both legal systems.

Sources

FinTelegram had the former boiler room manager for SafeMarkets scam, Chen Ganon, and other former employees explain and confirm the structure. In addition, we have affidavits, notarized documents and bank statements supporting our allegations and conclusions. The presumption of innocence applies to all participants. In view of convincing evidence, however, the suspects – like any other citizen – should have to answer to a court. This public discussion is necessary in order to fight the increasing number of cyberscams and protect retail investors.