Jodie Bougaard, Senior Political Risk Analyst at red24
red24 is a risk management company delivering a range of products and services to businesses, organisations and individuals around the world. Part of these services includes a full suite of travel safety and crisis management services.
This week’s analysis originally ran as a security briefing from red24 and is reproduced with their kind permission.
Virtual Kidnapping in the US and Mexico
The Federal Bureau of Investigation (FBI) and other law enforcement agencies in the United States have issued several warnings related to virtual kidnapping in recent months. This extortion technique has become more prevalent in the US and Mexico since 2013, where the number of reported cases has increased substantially.
What Is Virtual Kidnapping?
In a virtual kidnapping, the criminals make a ransom demand, without actually taking a hostage; rather, the perpetrators negotiate with those from whom the ransom is demanded on the pretext that a connected person has been abducted. Virtual kidnapping can take on many forms; however, it is always an extortion scheme which attempts to coerce victims into paying a ransom fee in exchange for the release of a family member/associate. Criminals typically employ a host of psychological tactics and threaten physical harm to ensure the victim’s compliance. These forms of kidnapping do not require the geographical proximity or resources of traditional kidnapping – for- ransoms such as accomplices, resources, safe houses and capital outlay. Virtual kidnapping has a high risk-benefit ratio in favor of criminals, offering high returns against a low risk of capture or prosecution.
Virtual Kidnapping- Techniques and Methods
Techniques and methods used by criminals to perpetrate virtual kidnappings vary and continue to evolve. A perpetrator will call the victim and convince them to isolate themselves in a specific location out of their family’s reach or to travel to a location of the perpetrators choice, through the use of coercion techniques. Once there, the victim is made explicitly aware of his/her abduction and is held against his/her will by the assumption that they will be harmed, should they escape. Often victims are threatened to switch off their mobile devices, contact no one, which further creates the illusion that they (the victim) has been kidnapped, making the rouse more convincing. These more sophisticated forms of virtual kidnapping require some amount of coordination on the part of the criminal, who may need to do some preliminary investigations prior to initiating the scheme and selecting a potential victim. Criminals often impersonate cartel members as a means of intimidating their victims or lead their victims into believing that they are under surveillance in order to discourage them from trying to contact the abductee or to notify the authorities.
In one of the more common forms of virtual kidnapping, victims are selected at random and criminals use telemarketing techniques and cold-call hundreds of numbers until someone submits. When this technique is employed, criminals may call their victim and mimic screaming or play recorded versions of screaming while threatening to harm their “captive”, often inducing panic. In this state, the victim may instinctively reveal the name of one of their relatives, thus enabling the criminal to gain information directly from the victim while undertaking the extortion. Criminals involved in virtual kidnapping schemes tend to pursue the ‘mass market’, increasing their range of targets and the threat to individuals significantly. Unlike traditional kidnap for ransom, victim profiles vary and are not dependent upon geographical location, language, race or socio-economic factors.
On Feb. 2, a federal grand jury in Houston, Texas, returned a 13-count indictment against Mexican national, Ismael Brito Ramirez, relating to virtual kidnapping scheme run in several states involving at least 40 victims. The perpetrator, currently incarcerated in Mexico on other charges, is believed to have called various individuals in California, Texas, and Idaho demanding ransom payments on the premise that he had abducted their relatives. The perpetrator threatened violence before instructing his victims to transfer undisclosed sums of money to a number of people in Mexico or to make money drops at specific locations in Houston, TX. Ramirez extorted in excess of USD 28,000 from his victims and has been charged with conspiracy to commit extortion and fraud, interstate transmission of extortionate communications, wire fraud and conspiracy to launder money.
Virtual Kidnapping Characteristics
Criminals tend to demand wire payments smaller than $2,000 (or the equivalent thereof) within the US to Mexico as there are legal restrictions for wiring larger sums over the border. Occasionally, criminals direct victims to make money drops at locations of their choice within the US, such as San Diego or Houston, which can be smuggled across the border with relative ease. Within Mexico, ransom amounts may vary, depending on the modus operandi employed by the criminal. Criminals typically seek to extort small payments within 24-hours of initiating the extortion; incidents rarely continue beyond a few hours.
There is an electronic or cyber risk when considering virtual kidnappings. Malware, spyware or trojans may be used to make an electronic device run an unintended program that allows criminals to gain private or secure information from their intended victim. Phishing scams aim to trick individuals into disclosing private information, such as their social media passwords, to criminals. Phishing scams are usually delivered in the form of official communication from a reputable institution such as a bank or internet service provider. Criminals may convince would-be victims to reset their passwords by delivering an ‘official’ email to the user, thus gaining access to their current passwords. Criminals may also contact the victim informing them that necessary updates need to be made to their mobile software and that their devices would need to be shut down for an extended period of time, rendering the victim uncontactable.
Social media is another aspect when considering potential cyber threats. Sharing personal information online could make you vulnerable to criminals. Social engineering in virtual kidnapping ranges from simple tactics to more sophisticated techniques. Opportunistic criminals may monitor your current whereabouts online and use it in their extortion scheme. An example of this includes posting your upcoming activities online, such as your intention to watch a film at a local theatre – the virtual kidnapper knows their potential victim’s phone is likely to be off for two hours during movie and may use this time to extort their family members as the intended target may be uncontactable for that time period. More sophisticated tactics involve befriending people on social media to learn more about their habits, wealth or personal life as a means of surveillance. Cybercrime methods have been increasingly employed by criminals when perpetrating virtual kidnappings. This trend is likely to gain momentum as the technical abilities of unsophisticated criminal groups and networks grow.
Statistics and Reporting
Comprehensive statistics on virtual kidnappings are difficult to ascertain for a number of reasons. As many criminals perpetrate these crimes from within Mexico, it is increasingly difficult for US-based law enforcement agencies to investigate and prosecute cases. Ransom money is often wired out of the US, making it challenging to trace. Law enforcement agencies are usually limited to their national jurisdiction or may lack the capacity, skills, and mandate to investigate transnational criminal activity fully. The poor reporting rate remains a significant challenge in tracking and assessing incidents and trends. In the US, victims may not report incidents out of fear of being targeted again or being stigmatized. Sometimes victims do not report incidents because the payment extorted was nominal and not considered significant enough to report. In Mexico, victims are often unwilling or unable to report incidents due to fears of reprisals and/or concerns over official corruption, collusion or incompetence.
Virtual kidnappings are not formally classified under the penal code. In the US for example, there is a Federal Kidnapping Act, which in most cases classifies traditional kidnapping as a federal offense. Charges of aggravated kidnapping may be laid in the event that the victim has sustained injuries. However, there is no specific act under which a crime of this nature can be charged. Rather, virtual kidnapping-related charges are laid under the federal criminal code. Charges may include conspiracy to commit fraud, wire fraud, extortion, money laundering or a combination of the aforementioned charges, further exacerbating the challenges around collecting conclusive incident data. Although there are obvious challenges related to gathering accurate statistics and incident data relating to virtual kidnapping, a number of alternative methodologies for accessing and processing information may assist in this regard. Anecdotal evidence, unofficial data, and prosecuted cases are good indications of the scale of the threat and have served to posture the position that the trend has and will continue to grow.
The scam, once confined to Mexico and Southwestern border states in the US, has seemingly spread to the rest of the US in recent years, representing a significant shift in the trend. Investigators in the FBI’s Los Angeles Division tracked numerous virtual kidnapping calls between 2013 and 2015, most of which originated from Mexico, specifically Mexican prisons, and targeted Spanish speaking individuals or immigrant workers within the US, particularly in Los Angeles and Houston. After 2015, trends shifted and criminals targeted victims indiscriminately and far more frequently using the cold-calling method – a tactic which increased the number of victims significantly. Since 2013, the majority of the cases probed by FBI in Mexico have emanated from Tamaulipas and Baja California. Further highlighting this trend, the FBI discovered a virtual kidnapping ringbased in Tijuana, Baja California targeting the Mexican immigrant population in Washington DC in 2013. The ring placed in excess of 5,000 phone calls a day, a scheme based solely on volume and the odds of success. The ransom payments were primarily sent to San Diego, California and smuggled across the border. The FBI estimate the group made at least USD 500,000 over an unspecified period of time, further illustrating the nature of the threat.
In Mexico, the poor security environment and pervasive threat of crime and traditional kidnap-for-ransom, has enabled the virtual kidnapping trend to grow amid the insecurity. Potential victims in the US are more likely to take the virtual kidnapping threat seriously and engage the extortionist, as a result of the existing threat of traditional kidnap-for-ransom in Mexico. The National Autonomous University of Mexico (UNAM) reported that between 6,000 and 8,000 virtual kidnappings and phone extortion schemes were reported in Mexico in 2017, further highlighting the scale of the threat.
Indicators that you may be the victim of a virtual kidnapping scheme:
- Callers may attempt to keep you on the phone to prevent you from contacting the victim. Alternatively, callers may threaten you or the supposed hostage in an attempt to discourage you from contacting the victim or the authorities.
- Callers may convey a sense of great urgency or calls may seem rushed.
- Calls will not be made from the victim’s phone.
- Ransom money is only accepted via wire transfer or drop-points.
- Ransom amount demands may suddenly drop.
- Incoming calls may come from an outside or international area code.
For risk mitigation, the following should be considered:
- Be cautious about detailing your whereabouts on social media if you are undertaking travel abroad. Consider updating your social media accounts following your intended trip. Some criminals may research their targets this way.
- Inform your relatives and close confidants if you will be undertaking travel to areas with no/limited cell phone reception or internet connection.
- Stay informed about cybersecurity and how to avoid online threats.
- If you suspect a real kidnapping is taking place, or you believe the call may be a scam, contact your nearest local law enforcement agency as soon as possible.
For further guidance on risk mitigation, iJET clients are eligible for additional information.
|Like what you read? Sign up here for our free Daily Updates.
We also send out a Weekly K+R Update, bundling together all the kidnap, ransom and extortion news of the week in one easy to read newsletter. (Same form – options at the end.)
Other ways to stay up to date: