Shes one of Ghanas most followed Instagram stars. Prosecutors say she was part of a cybercrime

Good morning! I’m Joe Menn, a journalist at The Post who covers hacking, privacy and surveillance. You can follow me on Mastodon or Twitter.

Reading this online? Sign up for The Cybersecurity 202 to get scoops and sharp analysis in your inbox each morning.

Below: Federal grants are being used to surveil public housing residents, and a new ransomware group is attacking key sectors. First:

Prosecutors accuse Ghanaian Instagram star of participating in cybercrime ring

With millions of people scouring their every tweet, TikTok or Instagram post, perhaps it was inevitable that some influencers would go too far to get money from their fans.

As laid out by federal prosecutors, Ghanaian singer and Instagram star Mona Faiz Montrage may have broken new ground: She is accused of participating in a ring that took in millions of dollars in various online frauds — including by allegedly convincing a target that they were married.

Montrage, known online as Hajia4Reall, was indicted on charges of wire fraud and money laundering, in part for allowing a stolen $195,000 to slosh through a bank account she controlled. The indictment was unsealed Friday as she was extradited from the United Kingdom and flown to New York, prosecutors said.

Among the offenses committed by the Ghana-based group are what are known as romance scams, in which a fraudulent persona develops an online relationship with a target, sometimes lasting more than a year, before asking for money, help moving assets out of another country or some other kind of assistance.

Montrage apparently went further than that, allegedly convincing one victim that they had been legally married under tribal law, according to the indictment and a criminal complaint filed under seal two years ago. Only after that unnamed man showed up in New York and confronted Montrage did he realize he had been had, the complaint said.

After a weekend in jail, Montrage was released on bond Monday with pretrial conditions including electronic monitoring and travel limited to New York and New Jersey, where she will live with her aunt.

Montrage attorney Adam Cortez said he was still learning about the allegations but that he understood only one victim claimed to have been in direct contact with Montrage, raising the possibility that she might have been impersonated.

“She has only been married to one man, and I assure you he’s not named in this indictment,” Cortez said in an interview. He said Montrage would comment in the coming days.

The prosecutors and the FBI declined to answer questions about the case or about influencer scams more generally. But Montrage would not be the first to have pushed the envelope.

A number of musicians who sing about cybercrime know the subject all too well.

Azeez Fashola, a Nigerian immigrant to England known professionally as Naira Marley, recorded a 2019 song called “Am I a Yahoo boy,” using the West African lingo for what many Americans call Nigerian scams.

He was arrested by Nigerian authorities and charged with electronic crimes. The case is still pending.

Many of the fraud rings are broad, and a victim of a romance scam can be used to unwittingly launder money from a business email compromise scam, combining multiple types of fraud. In Ghana and Nigeria, some participants are themselves victims of human trafficking, as online gangs merge with violent organized criminals.

In the online world, some with a significant online presence became influencers because of their criminal activity, said Ronnie Tokazowski, principal threat adviser at anti-phishing company Cofense.

“Most of the time they start in cybercrime,” like the influencer known as Hushpuppi, who was sentenced in November to 11 years in prison, Tokazowski said. Formally named Ramon Olorunwa Abbas, Hushpuppi was a money launderer and expert in business email compromise scams.

He used his fraud proceeds to buy flashy cars and live an opulent life that brought him millions of Instagram followers and effectively advertised his prowess to other criminals.

In some circles, Tokazowski said, “There’s a strong correlation between lots of followers and doing crime.”

Not all circles, of course. Taylor Swift is innocent.

The keys

Surveillance cameras watching over public housing are being used to punish residents, report says

Local officials across the United States are installing surveillance technologies into public housing settings using money from crime-fighting grants, but the tools are being installed without guidance on their usage and little evidence that it helps make communities safer, our colleague Douglas MacMillan reports.

While housing agencies say the surveillance helps keep residents safe, the cameras are also being used “to generate evidence to punish and evict public housing residents, sometimes for minor violations of housing rules, according to interviews with residents and legal aid attorneys, a review of court records, and interviews and correspondence with administrators at more than 60 public housing agencies that received the grants in 27 states,” Douglas writes.

The report highlights how public housing cameras — while intended to make communities safer — subject more than 1.5 million residents, who are often people of color, to constant surveillance.

“In an email, HUD spokeswoman Christina Wilkes said the agency never intended its safety and security grants to be used to punish residents for lease violations. But she added that such usage ‘is not a violation of the grant terms,’” the report said.

Durham report comes amid scrutiny on surveillance powers

Special counsel John Durham’s report detailing the FBI’s probe into ties between Russia and former president Donald Trump’s 2016 presidential campaign comes amid increase pressure from Congress to not reauthorize surveillance authorities known as Section 702, which are set to expire in December, Josh Gerstein and Betsy Woodruff Swan report for Politico.

Section 702 of the Foreign Intelligence Surveillance Act allows the FBI and National Security Agency to gather data on foreign targets with warrants. Critics on Capitol Hill have taken aim at “incidental collection” — when the U.S. government also collects the communications of Americans interacting with those foreign targets.
“Applications to surveil former Trump campaign foreign policy adviser Carter Page, including two which the Justice Department has conceded were inaccurate because a key source disavowed comments included in them, were not issued under 702,” Gerstein and Woodruff Swan write.

Durham “does not mention the so-called Section 702 authority explicitly,” Gerstein and Woodruff Swan write. And Durham also said the report that he’s not recommending anything “that would curtail the scope of reach of FISA or the FBI’s investigative activities … in a time of aggressive and hostile terrorist groups and foreign powers.”

The intelligence community views Section 702 as a key national security tool, while privacy groups and other critics say it threatens constitutional rights.

New ransomware group is targeting key sectors, analysis finds

Cisco Talos says a new ransomware group called RA Group is targeting critical sectors like pharmaceuticals, manufacturing, finance and insurance, Matt Kapko reports for Cybersecurity Dive.

Kapko writes: “Within a week of its emergence on April 22, RA Group compromised three organizations in the U.S. and one in South Korea. The group listed its first three victims on its leak site on April 27 and added a fourth victim on April 28, according to Cisco Talos.”
Initial victims experienced double extortion tactics, which happens when their data is stolen and encrypted. That method is often used to incentivize victims to pay up a ransom.

The group is using Babuk, a strain of ransomware that is described by Cisco Talos as “highly customized,” the report adds.

Daybook

The Palo Alto Networks Ignite Public Sector conference kicks off at 8 a.m.
CIA CISO Rich Baich speaks with the Intelligence and National Security Alliance at 9 a.m.
The Senate Homeland Security Committee holds a hearing to examine AI’s use in the government at 10 a.m.
The National Security Telecommunications Advisory Committee convenes a meeting at 1 p.m.
MeriTalk holds its Cyber Central event tomorrow at 1 p.m.
The Center for Strategic and International Studies holds its event to launch a report on cyber operations Thursday at 10 a.m.

On the move

Adam Hickey, former deputy assistant attorney general with the Justice Department’s national security division, joined law firm Mayer Brown as a partner, Reuters reported. Hickey in February spoke to The Cybersecurity 202 in an exclusive exit interview.

Secure log off

View Tweet on Twitter

Thanks for reading. See you tomorrow.

ncG1vNJzZmivp6x7uK3SoaCnn6Sku7G70q1lnKedZL2wuMitoJyrX2d9c3%2BOaWxoaWZkwKmx0mamp51dnLWiusBmpKirpGKzsLjLqK6enF2eu7TAwKCpmqVdqMGivtJmp6uno5qwtsDOq6pmq5GuerS0xGaumqtdpa6zwIycsJudopi%2FqrnEZqmippdk

Prosecutors accuse Ghanaian Instagram star of participating in cybercrime ring

The keys

Surveillance cameras watching over public housing are being used to punish residents, report says

Durham report comes amid scrutiny on surveillance powers

New ransomware group is targeting key sectors, analysis finds

National security watch

Global cyberspace

Cyber insecurity

Privacy patch

Daybook

On the move

Secure log off