Center for Cybercrime Studies, John Jay College

On October 11th, the Center for Cybercrime Studies will be hosting a Cyber-Enabled Human Trafficking in-person training course in collaboration with the National Cyber-Forensics and Training Alliance (NCFTA). This course, which will take place at the MAGLOCLEN Regional Information Sharing Systems (RISS) center, introduces participants to cyber-enabled human trafficking focusing in particular on sex trafficking, the online platforms used to facilitate cyber-enabled sex trafficking, and the methods traffickers use to lure and exploit trafficking victims. Participants will gain practical knowledge of the methods, tools, and special investigative techniques used to detect human trafficking and identify perpetrators and victims of cyber-enabled sex trafficking. This free course is funded by the BJA and is open to open to U.S. state, local, tribal, and territorial law enforcement agencies, prosecutors, and judges. If you are interested in attending this training, please click this link to register. https://lnkd.in/e2GTNBSe

On October 9th and 10th, the Center for Cybercrime Studies will be hosting a Cyber Organized Crime in-person training course in collaboration with the National Cyber-Forensics and Training Alliance (NCFTA). This course, which will take place at the MAGLOCLEN Regional Information Sharing Systems (RISS) center, introduces participants to the notion of cyber organized crime, the cyber-dependent and cyber-enabled crimes committed by organized criminal groups, the structure and organization of cyber organized criminal groups and roles of members within these groups, and the tools used by these groups. The clearnet and darknet spaces where these groups operate will also be explored. This free course is funded by the BJA and is open to open to U.S. state, local, tribal, and territorial law enforcement agencies, prosecutors, and judges. If you are interested in attending this training, please click this link to register. https://lnkd.in/ewu-eYgE

On October 8th and 9th, the Center for Cybercrime Studies will be hosting a Clearnet Investigations of Cyber Enabled Fraud in-person training course in collaboration with the National Cyber-Forensics and Training Alliance (NCFTA). This course, which will take place at the MAGLOCLEN Regional Information Sharing Systems (RISS) center, introduces participants to cyber-enabled fraud, types of cyber-enabled fraud, and the platforms used in the commission of these types of cybercrime. Participants will gain practical knowledge of the ways perpetrators of cyber-enabled fraud can be identified on these platforms, the tools that can be used to identify the individuals and groups that commit these cybercrimes, the roles and associations of individuals within groups, and the tools and tactics they use to commit various forms of cyber-enabled fraud. This free course is funded by the BJA and is open to open to U.S. state, local, tribal, and territorial law enforcement agencies, prosecutors, and judges. If you are interested in attending this training, please click this link to register. https://lnkd.in/et7KCgDC

The Center for Cybercrime Studies is hiring! If you have experience in project management or public administration, consider applying to be the Center’s newest Project Associate. In this role, you will carry out the day-to-day operations for the Center’s project with various internal and external stakeholders. For more information about the responsibilities of and qualifications for this role, click the link below. https://lnkd.in/de89upeF

This week, our Team Spotlight is Srinivasa Dumpa. Srinivasa is a Digital Forensic Examiner at the Center for Cybercrime Studies, where he works on our IoT project. Srinivasa builds on his experience as a Security Operations Engineer for Qualys in India, where he played a key role in identifying and integrating critical log sources into the SIEM platform, contributed to the development of tabletop exercises aimed towards improving security awareness among cross-functional teams, implemented advanced log analysis within the Security Operations Center (SOC), and designed and implemented alerts and dashboards to proactively detect and respond to threats. He is the proudest of quickly and effectively mitigating a critical DDoS attack incident in his Security Operations Engineer role, when he proactively implemented mitigation steps to stop the attack early on. He is currently in the process of publishing a research paper based on his masters thesis, “Attribute-Based Fine-Grained Access Control Using Verifiable Credentials” and he hopes to achieve one more certificate, either in Security+ or Azure SOC. His best advice is that no advice is good or bad, and he takes in all advice he receives to think about their outcomes before ultimately making a decision. He credits his father as being his best advisor, and he often discusses career choices with him to take the most informed path.

Cyber-enabled fraud is transforming and becoming more complex, making it harder for targets and law enforcement to detect its occurrence. This study, authored by Marie-Helen Maras and Emily Ives, aims to recontextualize a major manifestation of this transformation, a crime called hybrid investment fraud, colloquially known as pig butchering. Hybrid investment fraud describes a cyber-enabled fraud whereby criminals gain the trust of victims by forming connections and relationships, and then exploit this trust by using a series of confidence building and coercive measures designed to encourage victims to continuously invest in securities or commodities until they become unable or unwilling to continue to make payments or the offenders become unreachable. This study further aims to address the existing knowledge gap by focusing on understudied elements of this fraud, such as victim and offender characteristics and the ways hybrid investment fraud is perpetrated. To achieve this, the authors conducted an in-depth analysis of more than 1,300 news articles and court documents between January 1, 2018, and November 1, 2023 to identify 59 cases of hybrid investment fraud targeting victims in the United States. This article both situates hybrid investment fraud within the broader fraud literature and conducts a comprehensive analysis of hybrid investment fraud cases to identify the types of hybrid investment fraud committed, their impact, victim and offender demographics, and offenders’ tactics, tools, and methods of operation. The findings from this study can inform criminal justice practices and future research of this fraud. You can read their article at the link below.

Samson Marwieh is this week’s Team Spotlight. Samson is a Digital Forensic Examiner at the Center for Cybercrime Studies, where he uses his background in digital forensics, documentation and communication to work on the IoT project. Also supporting his work are his experiences from The New School University and the City of New York Borough of Manhattan Community College, where he conducted comprehensive digital forensics investigations, including network, computer and mobile forensics. Working with the Empire State Realty Trust, he gained exposure to creating clear and concise technical documentation, which includes user manuals, system specifications, and standard operating procedures. He hopes to enhance his reporting and documentation skills with the Center, and he is the proudest of completing his masters degree in Digital Forensics and Cybersecurity while holding down multiple jobs and attending full-time classes. His best joke is “Why was the computer cold? Because it left its Windows open!”

The Center for Cybercrime Studies’ Kenji Logie, alongside Katheryne Pugliese and Alexis Acevedo, have written an article titled ‘An examination of harm reduction strategies in Oxycodone and Adderall buyer feedback on AlphaBay’. The article examines darknet marketplaces (DNMs), which are global digital marketplaces used primarily to buy and sell illicit drugs online. High rates of adulterated substances have contributed to the creation of harm reduction policies by DNM administrators to address growing rates of overdose worldwide. This paper explores the extent to which harm reduction occurs in buyer feedback of Adderall and Oxycodone purchased on AlphaBay and how these comments are impacted by AlphaBay's administrator-led “harm reduction” policy. This study finds that harm reduction strategies are present in buyer feedback of Oxycodone and Adderall pills, but AlphaBay's policy has very little impact on the preexisting harm reduction communication within buyer feedback. If you are interested in reading the full article, click the link below.

This week’s Team Spotlight is Iden Koxhaj. Iden is the Lead Forensic Analyst at the Center for Cybercrime Studies, where she has been working on the IoT research project for the last two years. She uses the education she received while completing the Master of Science in Digital Forensics and Cybersecurity program at John Jay to search for and investigate forensic artifacts in digital devices. Her research interests relate to emerging methods that can be applied to perform forensics on IoT devices. Currently, she holds a position as a Cyber Threat Analyst at the NYC Office of Technology and Innovation, which she credits for her practical experience. She hopes to develop her skills in cyber threat intelligence this year. She is currently working with Dr. Marie-Helen Maras and Professor Adam Scott Wandt on a research paper regarding one of our more unique IoT devices (hint: it’s a robot!). She is also a co-instructor for the Faculty-Mentored Research in Digital Forensics and Cybersecurity in the Digital Forensics and Cybersecurity program at John Jay. The best advice Iden has received is that life is a compromise.

The Center for Cybercrime Studies conducts innovative and collaborative research on topics ranging from cryptocurrency to the Darknet. In this article, ‘Keeping Pace With the Evolution of Illicit Darknet Fentanyl Markets: Using a Mixed Methods Approach to Identify Trust Signals and Develop a Vendor Trustworthiness Index’, Marie-Helen Maras, Jana Arsovska, Adam Scott Wandt, and Kenji Logie provide an in-depth description of the mixed methods approach they used to inform the development of a vendor trustworthiness index, which was used to examine trust between illicit fentanyl vendors and buyers. Illicit darknet markets (DNMs) are highly uncertain and in a perpetual state of flux. These markets thrive in a zero-trust, high-risk environment. However, the trustworthiness of vendors plays a critical role in illicit transactions and the sustainability of the illegal trade of goods and services on DNMs. Focusing on the illicit fentanyl trade and applying signaling theory and embedded mixed methods design, our team members examined different ways that trustworthiness is signaled by vendors on darknet sites. In this research, first, they conducted a focus group and in-depth interviews with criminal justice professionals to understand the inner workings of darknet sites, fentanyl networks, and how trust is assessed. Second, they scraped select darknet sites to collect and curate scraped data for later examination of vendor trustworthiness on DNMs. Third, using signaling theory to understand how vendors signal trustworthiness on select darknet sites selling drugs, including fentanyl, they applied both qualitative and quantitative content analysis of DNM features, and language used in vendor profiles, listings, and product/vendor reviews, to inform the development of a trustworthiness index. In this research, they used software, such as Atlas.ti and Python, to analyze the data. This research can serve as a guide for the development of DNM vendor trustworthiness index for future research on other illegal markets. If you are interested in learning more, please click the link below.