Cybercrime in Ghana

Last updated

Ghana has one of the highest rates of cybercrime in the world, ranking 7th in a 2008 Internet Crime Survey. [1] The most popular form of cybercrime in Ghana is cyberfraud and is typically achieved via credit card fraud. However, recent decreases in universal credit card usage has seen the expansion of other cybercrimes such as blackmail and hacking. This growth in crime has warranted a government response, with policies specifically addressing the cyberspace being developed. This has necessitated various studies including a cyber security maturity study which was inaugurated by the Ministry of Communications and conducted by the Global Cyber Security Capacity Center (GCSCC) of the University of Oxford in collaboration with the World Bank. [2]

Contents

History

Cybercrime in Ghana can be traced back to the "419 schemes" in Nigeria, also known as "advance-fee scams" prior to the internet. [3] These scams were a form of credit card fraud whereby the perpetrator would offer a monetary incentive, usually in the form of an international money transfer, in exchange for several down payments from the victim. This form of scamming became especially popular during the oil crisis of the 1980s, as Nigeria's oil dependent economy made a large portion of the workforce redundant. Within this demographic was a large quantity of Ghanaian workers, who had migrated due to employment opportunities in the oil sector. Subsequently, the scammers imported the trade upon their return to Ghana, however, it remained relatively inconsequential in terms of scale. The proliferation of cybercrime in Ghana really began in the early 21st century when the Information and Communications Technology (ICT) sector became liberalized via a 5-year accelerated development program, helping to expand and improve telecommunications infrastructure. [4] This led to a five percentage point increase in internet users from 2000 to 2011, with home internet subscribers reaching 3 million nationwide. [5] This growth in internet usage, along with technological devices made available via e-waste, led to a significant increase in cybercrime due to relative ease of access to the cyberweb. Initially, credit card fraud was by far the most common cybercrime. However, since 2004, other types of both cyberfraud and other cybercrimes have become more popular.

Common types of cybercrime in Ghana

Cyberfraud

Identity fraud

This form of fraud involves the perpetrator assuming a fake online activity and will contact victims via social networking and dating websites. The most common form of this is "romance fraud", which involves fake profiles being generated in order to attract victims. [3] Typically, older men and women are targeted and are manipulated into sending gifts and money either for romantic purposes or because of a promise of reciprical gain. These frauds have the ability to be relatively sophisticated through the use of doctored photos, diplomas and other identification documents.

Fake gold dealers

This form of fraud is similar to identity fraud insofar as both assume fake online personas to attract primarily Westerners. However, fake gold dealers target investors looking for short-term monetary gain by offering co-ownership of lucrative gold mines in the south of Ghana. [3] Typically, the scammers will show real gold bars as well as offer tours of mining facilities in order to gain the trust of the investors, however, upon the receipt of downpayments from the victims, will close their business.

Estate fraud

Unlike both identity fraud and fake gold dealers, estate fraud targets Ghanaians rather than Westerners. Quite often, Ghanaians will migrate abroad for employment opportunities, typically due to higher wages abroad, and come back to Ghana for retirement. [3] These fraudsters set up fake websites offering luxury housing for those returning, and will offer to construct housing for them. The scammers sell blueprints, land and materials in progression to the victims, with the ultimate goal of maximizing wealth extraction.

Blackmail

Ghana is home to the largest collection of e-waste dumpsites in the world. These sites consist of old electronic items including computers, laptops and mobile phones. Culprits will rummage through these items in search of sensitive hardrives, that may contain information to blackmail victims. [3] An example of this was an attempt by Ghanaian cybercriminals to blackmail U.S. Congressmen Robert Wexler upon finding his old hardrive in an e-waste dumpsite.

Hacking

The greater availability of technology and internet services has allowed for the sophistication of hacking techniques in Ghana. Like elsewhere in the world, the hackers operate for-profit, mostly via the creation of fake websites aimed at tricking victims into inputting credit card information. Alternatively, Ghana has also seen the creation of pro-justice hacking groups or "ethical hackers", who have mostly targeted government websites with the goal of exposing corruption. [6]

Most cybercrime in Ghana is cyberfraud, through which perpetrators partake in fraudulent activities via the internet with the goal of financial gain. However, this may take many forms, with different tactics used depending on the culprit and the victim. Additionally, hacking and blackmail type scams have become more and more popular in recent years.

Sakawa

As cybercrime has increased in Ghana, it has seen the development of "sakawa", or the combination of internet based crime and West African traditionalist religion. [7] Those who practice sakawa seek blessings from priests in order to improve cyber-scamming yields. In exchange, the perpetrators must perform specific rituals or activities in order to appease the spirits to which they pray. [5] The popularity of this mixture between theology and cybercrime has led to the creation of the "sakawa boys" subset, which often flaunt jewelry and clothing as part of their aesthetic. [3] Furthermore, sakawa boys also produce media such as film and music, which led to their mainstream breakthrough in 2007. Typically, sakawa boys tend to be male, under the age of 30, live near urban centres in slums, and are unemployed or underemployed, making the lifestyle available to them via cybercriminality appealing. [8]

E-waste

E-waste, or electronic waste, has presented significant security and health concerns in Ghana, as the country currently boasts the largest e-waste dumpsites in the world. [3] The growth in e-waste is due to two main factors; the booming ICT industry within Ghana, and the lack of cheap domestic e-waste disposal sites within more economically developed countries. This has been facilitated by the necessity for cheap electronics in Ghana, as many are not able to afford new technology. [9] The issue has only grown in severity as infrastructure in Ghana has not been able to coop with increased waste. Consequently, e-waste sites have had both significant security and health impacts, on both a domestic and international level. E-waste has, to some extent, allowed for the proliferation of cybercrime within Ghana, due to sensitive information not being properly wiped from hard-drives. [10] For instance, in 2008, UK environmental agencies found computers belonging to the National Health Services and local councils, in the Agbogbloshie dumpsite in Accra. Although no crime was committed using the information on the technology, it raised significant security concerns internationally.

Statistics

Between 2016 and 2018, the country lost over US$200 million to recorded cyber crime cases. According to the Ghana Police Service, more than half of these reported cases were linked to fraud. [11]

Police also recorded an increase in cyber crimes in the country from 116 in 2016 to 412 in 2017 and further to 558 in 2018. [12]

Government response

Legislation

The Ghanaian government saw cybercrime as an increasingly real threat by the mid-2000s. Up until the first major piece of legislation in response to the issue, the 2008 Electronic Transactions Act (Act 772), most convicted of internet fraud, a form of cybercrime, were charged in the criminal Code Act 20/60 Section 131. [8] Critics argued that the lack of severity of punishment under this code, as well as a lack of relevance to the facts of some cases, meant that it served as a weak deterrent for cybercrime. Since Act 772 however, the Ghanaian parliament has continued to pass legislation specific to cybercrime, including the National Information Technology Agency Act, 2008 (Act 771) and the Data Protection Act, 2012 (Act 843).[ citation needed ] Despite this, some limitations with current legislation do exist, such as a lack of adaptibility to new forms of cybercrime and difficulty in collecting evidence to persecute under the new Acts.

Other policies

National Cyber Security Awareness Month

One of the major interventions by government was the launch of a cyber security awareness month to improve knowledge of the Ghanaian populace on cyber security. The National Cyber Security awareness month was launched in October 2018 on the sidelines of the launch of the National Cyber Security Awareness Program. The following are the themes for previous years:

  • 2018: A safer digital Ghana [13]
  • 2019: Demonstrating Ghana's Cyber Security Readiness [14]

Cyber security policy and strategy

Ghana has adopted a cyber security policy and strategy to increase security of its citizens and the state from cyber attacks. The document is divided into three sections highlighting the common cyber challenges in the country, the existing local and global initiatives to prevent cyber fraud and ways in which laws on cyber crime can be enforced. It also defines the role relevant government agencies can play in ensuring a secure cyber space. [15]

The policy also reviews what is classified as Critical National Information Infrastructure (CNII) – "assets, systems and functions" whose destruction or ineffectiveness could affect the country's national economic strength, national image, national defense and security, public health and safety and government's ability to function effectively.

Related Research Articles

<span class="mw-page-title-main">Advance-fee scam</span> Type of confidence trick fraud

An advance-fee scam is a form of fraud and is one of the most common types of confidence tricks. The scam typically involves promising the victim a significant share of a large sum of money, in return for a small up-front payment, which the fraudster claims will be used to obtain the large sum. If a victim makes the payment, the fraudster either invents a series of further fees for the victim to pay or simply disappears.

<span class="mw-page-title-main">Identity theft</span> Deliberate use of someone elses identity, usually as a method to gain a financial advantage

Identity theft, identity piracy or identity infringement occurs when someone uses another's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been legally defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.

<span class="mw-page-title-main">Cybercrime</span> Type of crime based in computer networks

Cybercrime encompasses a wide range of criminal activities that are carried out using digital devices and/or networks. These crimes involve the use of technology to commit fraud, identity theft, data breaches, computer viruses, scams, and expanded upon in other malicious acts. Cybercriminals exploit vulnerabilities in computer systems and networks to gain unauthorized access, steal sensitive information, disrupt services, and cause financial or reputational harm to individuals, organizations, and governments.

Scam baiting is a form of internet vigilantism primarily used towards advance-fee fraud, IRS impersonation scams, technical support scams, pension scams, and consumer financial fraud.

<span class="mw-page-title-main">Internet fraud</span> Fraud or deception using the Internet

Internet fraud is a type of cybercrime fraud or deception which makes use of the Internet and could involve hiding of information or providing incorrect information for the purpose of tricking victims out of money, property, and inheritance. Internet fraud is not considered a single, distinctive crime but covers a range of illegal and illicit actions that are committed in cyberspace. It is, however, differentiated from theft since, in this case, the victim voluntarily and knowingly provides the information, money or property to the perpetrator. It is also distinguished by the way it involves temporally and spatially separated offenders.

The Australian High Tech Crime Centre (AHTCC) are hosted by the Australian Federal Police (AFP) at their headquarters in Canberra. Under the auspices of the AFP, the AHTCC is party to the formal Joint Operating Arrangement established between the AFP, the Australian Security Intelligence Organisation and the Computer Network Vulnerability Team of the Australian Signals Directorate.

A spoofed URL involves one website masquerading as another, often leveraging vulnerabilities in web browser technology to facilitate a malicious computer attack. These attacks are particularly effective against computers that lack up-to- security patches. Alternatively, some spoofed URLs are crafted for satirical purposes.

<span class="mw-page-title-main">Romance scam</span> Confidence trick using romantic intentions

A romance scam is a confidence trick involving feigning romantic intentions towards a victim, gaining the victim's affection, and then using that goodwill to get the victim to send money to the scammer under false pretenses or to commit fraud against the victim. Fraudulent acts may involve access to the victim's money, bank accounts, credit cards, passports, e-mail accounts, or national identification numbers; or forcing the victims to commit financial fraud on their behalf.

Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.

<span class="mw-page-title-main">Convention on Cybercrime</span> 2001 international treaty on cybercrime

The Convention on Cybercrime, also known as the Budapest Convention on Cybercrime or the Budapest Convention, is the first international treaty seeking to address Internet and computer crime (cybercrime) by harmonizing national laws, improving investigative techniques, and increasing cooperation among nations. It was drawn up by the Council of Europe in Strasbourg, France, with the active participation of the Council of Europe's observer states Canada, Japan, the Philippines, South Africa and the United States.

Internet vigilantism is the act of carrying out vigilante activities through the Internet. The term encompasses vigilantism against alleged scams, crimes, and non-Internet-related behavior.

Internet safety, also known as online safety, cyber safety and electronic safety (e-safety), refers to the policies, practices and processes that reduce the harms to people that are enabled by the (mis)use of information technology.

Telemarketing fraud is fraudulent selling conducted over the telephone. The term is also used for telephone fraud not involving selling.

<span class="mw-page-title-main">Credit card fraud</span> Financial crime

Credit card fraud is an inclusive term for fraud committed using a payment card, such as a credit card or debit card. The purpose may be to obtain goods or services or to make payment to another account, which is controlled by a criminal. The Payment Card Industry Data Security Standard is the data security standard created to help financial institutions process card payments securely and reduce card fraud.

Sakawa is a Ghanaian term for illegal practices which combine modern Internet-based fraud with African traditionalist rituals. The term or word Sakawa is an Hausa word which means putting inside, how to make money. The rituals, which are mostly in the form of sacrifices, are intended to spiritually manipulate victims so that the scammer's fraud is successful. The term Sakawa referred to specific online scams but has since broadened to include all types of online frauds and scams mainly targeting foreigners. The scammers flaunt stylish clothes, luxury cars, and enormous wealth, in order to promote this act. In impoverished areas, it can be seen as a way of survival for some.

Crime rates in Singapore are some of the lowest in the world, with petty crimes such as pickpocketing and street theft rarely occurring, and violent crime being extremely rare. Penalties for drug offences such as trafficking in Singapore are severe, and include the death penalty.

A bride scam is a form of romance scam - a confidence trick that aims to defraud potential grooms with the offer of a foreign bride. The basis of the confidence trick is to seek men from the western world who would like to marry a foreign woman and pretend to be willing to marry them. The woman (scammer) asks the man to send money, for example, for the purposes of purchasing an airline ticket or a visa they have no intention of buying. The relationship ends after requested money has been wired and received, sometimes after multiple transfers have been made.

There is no commonly agreed single definition of “cybercrime”. It refers to illegal internet-mediated activities that often take place in global electronic networks. Cybercrime is "international" or "transnational" – there are ‘no cyber-borders between countries'. International cybercrimes often challenge the effectiveness of domestic and international law, and law enforcement. Because existing laws in many countries are not tailored to deal with cybercrime, criminals increasingly conduct crimes on the Internet in order to take advantages of the less severe punishments or difficulties of being traced.

<span class="mw-page-title-main">Technical support scam</span> Type of fraud and confidence trick

A technical support scam, or tech support scam, is a type of fraud in which a scammer claims to offer a legitimate technical support service. Victims contact scammers in a variety of ways, often through fake pop-ups resembling error messages or via fake "help lines" advertised on websites owned by the scammers. Technical support scammers use social engineering and a variety of confidence tricks to persuade their victim of the presence of problems on their computer or mobile device, such as a malware infection, when there are no issues with the victim's device. The scammer will then persuade the victim to pay to fix the fictitious "problems" that they claim to have found. Payment is made to the scammer through ways which are hard to trace and have fewer consumer protections in place which could allow the victim to claim their money back, usually through gift cards.

<span class="mw-page-title-main">Crime in Ghana</span>

Crime in Ghana is investigated by the Ghana Police Service.

References

  1. Internet Crime Complaint Center (2008). 2008 Internet Crime Report. Bureau of Justice Assistance. p. 7.
  2. "Banks must prioritize fight against cyber fraud—Zenith Bank CEO". Citi Business News. 2019-04-08. Archived from the original on 2019-04-27. Retrieved 2019-04-27.
  3. 1 2 3 4 5 6 7 Warner, Jason (2011). "Understanding Cyber-Crime in Ghana: A View from Below". International Journal of Cyber Criminology. 5 (1): 736–749.
  4. Republic of Ghana (June 2003). The Ghana ICT for Accelerated Development (ICT4AD) Policy.
  5. 1 2 "Internet Scamming in Ghana". VICE News. March 1, 2013.
  6. Cimpanu, Catalin. "West African banks hit by multiple hacking waves last year". ZDNet. Retrieved 2020-05-12.
  7. Armstrong, Alice (2018). "Chapter 4 'Sakawa' Rumours: Occult Internet Fraud and Ghanaian Identity". In Littlewood, Roland (ed.). Cosmos, Gods and Madmen: Frameworks in the Anthropologies of Medicine. Berghan Books. pp. 67–92.
  8. 1 2 Boateng, Richard (2011). "Sakawa - Cybercrime and Criminality in Ghana". Journal of Information Technology Impact. 11 (2): 85–100.
  9. Oteng-Ababio, Martin (2010). "E-waste: an emerging challenge to solid waste management in Ghana" . International Development Planning Review. 32 (2): 191–206. doi:10.3828/idpr.2010.02. ISSN   1474-6743.
  10. Baylon, Caroline (2016). Increasing Internet Connectivity While Combatting Cybercrime: Ghana as a Case Study.
  11. "Ghana loses $230m to cyber criminals – CID". Citi Newsroom. 2018-10-04. Retrieved 2019-04-27.
  12. "Ghana Physically Secure. Now Needs to be Cyber Secure".
  13. "Ghana to become cyber security hub in West Africa". www.graphic.com.gh. Retrieved 2019-04-27.
  14. "The ABOUT page". National Cyber Security Center. Retrieved 12 February 2020.
  15. "Ghana adopts policy on cyber security". www.ghanaweb.com. Retrieved 2019-05-04.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.