I'm sorry...
...but I find it hard to feel any sympathy for the victims. The only thing that TicketBastard does right is give a 'legitimate' source for tickets (I never thought I'd be arguing for TicketBastard).
Two crooks posing as online ticket touts have been jailed for swindling nearly £3m out of pop fans' pockets. Andrew Lagan, 44, from Middlesborough, and Gary Agar, 44, from Welling, have started a four-year stretch after they were found guilty of two counts of conspiracy to defraud and one count of money laundering. The duo …
Once again we get the Register meme of either "I blame the victims" or "I have absolutely no sympathy for them, they should have known."
Well, in this case as far as I can tell it seemed to be a legit web site and don't forget that the vast majority of sites on the Internet run on at least some trust.
And yet a quick google turns this up:
http://www.safeconcerts.com/tickets/directory/hydeparkconcerts-com/
Can say anything about the ranking because it's been there 3 years. However it would appear that while the warning was put up in February, people were continuing to use (and get scammed) as late as June (from the few sites I looked at).
There's 'trust' and there's 'diligence'.
@Destroy All Monsters: Let's see - The Reg is an IT site, some of the largest users of IT in the country are banks and financial services, I'd be amazed if there weren't banking IT guys here. I was a financial services IT guy until relatively recently and got seriously fed up with people who don't have the first clue about banking lecturing me about the company I worked for as if it's all a conspiracy and I was personally responsible for it.
Getting a merchant account with no trading history, putting £3mil through it, and being able to get the fund out quickly enough to pull a disapearing act... that is pretty magical.
Since these were online purchases, the people who lost money would have been able to do chargebacks and be reembursed. The party who actually stood to lose the money was whoever issued them their merchant account. And banks are very well aware of this exact risk, which is why they behave like such bastards to new small business who want merchant accounts. So how did it happen in this case?
Possibly their was some identity fraud involved. Pretend to be someone who had a long history with that bank. Or someone who had enough assets to provide a directors guarantee for the entire amount. Again banks are aware of the risk, so it must have been pretty well done.
Not magic. But it is certainly remarkable.
"They probably didn't work directly as a merchant, but used a 3rd party web payment processing service to take the payments for them."
Still strange that that firm let it go through. Presumably they were left with the bill. You here loads of stories of Paypal freezing peoples accounts because they are worried about this sort of thing - indy computer games trying to fund themselves on pre-orders pre-Kickstarter, or a new business that opens a few month before Christmas and is unexpectedly successful, and then is driven out of business because it has its funds withheld, leaving it unable to purchase stock to fulfil all the orders its taken.
The other thing I don't understand is why they needed customers at all... They had the compliant merchant account by whatever method, surely it would have been much easier just to buy a load of compromised cards from someone who's hacked a database somewhere, then just run the transactions through themselves. Apple got stung by someone listing an App with them and then doing that I seem to recall. Cue loads of outraged iApp developers when Apple started deferring payment for months.
Well, four years in jail is appropriate if every penny of the stolen money was recovered and returned to the victims.
If, on the other hand, they come up short, they should be motivated to try harder by facing the death sentence in that case. We really need to deter crime effectively enough so that no one tries things like this any more, so that we can move on to the next problem.
I wouldn't go as far as killing them, but you do make a good point. Where's the £3 million? There's no mention of it being seized, so it looks like these two have made £1.5 million each at a cost of 4 years in prison. Probably out in 3, from a cushy low security prison. Some would say that's a good deal.
Lock them up until they hand over every penny.
I would imagine now that there is this guilty verdict that the CPS will be pushing for a Proceeds of Crime ruling too - in essense they have to pay the £3m back or face a lot longer in jail. It is an effective death sentence - who can make £3m when they have had all their capital confiscated? So in all likely hood this chap will end up doing twice the sentence, he will get released and then for the rest of his life his earnings will be docked.
Crime really doesnt pay now a days. Even if you get away from the crime - you may well have to prove where those earnings came from 15 years down the line.
POCA is being very sparing used, since that story a while back that the CPS spent something like £28 million, and recovered 2.5 pence, 3 drachma and an everton mint. There is a train of thought that says the present form of POCA could be considered to violate the ECHR - jailing people for not paying a debt is frowned upon.
How did these men get found out and caught?
International bank transfers, internet connections, VPNs, online trading identitiies ....... etc. What's to go wrong? I suspect they tried to enjoy the fruits of their scam in £-sterling in the UK, where the flow of money is very carefully monitored.
Many years ago, someone who worked at a high technical level in the UK banking industry 'jokingly' advised me to carry out serious monetary crime using US-dollars and gold; then to enjoy the proceeds outside the UK.
Mysteriously, the story is detail-lite. The investigation would have started with the complainants and the website, and worked backwards. Presumably, the cops found the one nexus of the trail of deception, and the real world. At that point it's just a question of monitoring the suspects with the power of technology.
Could they not have used BitCoins ?
This post has been deleted by its author
When an ordinary decent criminal can't steal money and hang onto it.
Watching Buster at the weekend I was astonished, and then not surprised really, at how many of the Great Train Robbers actually profited from the robbery, i.e. bugger all of them. Most had the cash nicked by friends who were also villains of one form or another, got nicked with it in hand or blew it on the high life. But then in theory they're not generally the sharpest knives in the drawer...
Well yes, I'll concede that one. But adjusted for inflation, a 1963 take of £2.6 million is around £50 million current value which split 18 ways comes to £2.6 million each. It must have taken a fair amount of effort to piss the equivalent of that all up the wall in the 60s...
But I suspect it was a combination of using third party processors in less dilligent countries and MID hopping to spread the number of chargebacks across many accounts.
Some of the third party processors for gaming/gambling/pron charge around 50% of the fee to allow for the high number of chargevbacks they get so it also takes a lot for those providers to get excited.
You would also be surprised at the apathy of people who get stiffed and dont even bother to register a chargeback.
Wouldn't it have made sense to have a semi-fraudulent business. That way you have some users who will back you up and it makes your excuses seem valid. This would arouse less suspicion. Yes it would take longer to make your big wads of cash but it's better than getting caught... Just sayin'. :-)