[wpietri]

Absolutely. And every dollar in the hands of scammers is funding the creation of new and better scams. Even if we didn't care about scam victims at all, society should vigorously pursue scammers just to keep the overall burden down.

[luckylion]

And it seems like a no-brainer money-wise too. A dedicated task-force of 10 people might cost you a million a year, but they'll easily track down scammers doing that amount of damage per month.

I recently took an interest into a phishing campaign because the guy was using Amazon SES and kept using new email templates and it kept landing in my inbox. He was an amateur and it was easy to find juice things on his server, and it looked like he was engaging in all kinds of different scams, like phishing for bank logins, defrauding online-shops, identity theft etc. With law enforcement options, I'm pretty confident I could've nailed him with a few hours invested. Get him for one crime, you stop 10 others.

But the last time I talked to a police officer locally, he didn't know what Netflix was so I won't even try to explain phishing to them and how I got this information on the perp.

[nradov]

A task force of 10 law enforcement officers and support staff with the necessary technical skills is going to have a fully loaded cost way higher than $1M per year.

[toss1]

Fine. Pick your number. Let's be a bit generous:

Ten fully skilled security experts deputized @ 200K/yr. Fifteen assistants at $75K/yr. All personnel grossed up to 140% for fully loaded cost. Hardware, infrastructure, software, hosting services, $200K/yr. Total (((20010)+(7515))*1.4)+200 = $4,575,000/year.

You don't think that such a team could stop $50 million in crime in a year? I'd expect that $500 million would be a slow year and stopping $5billion would be more like it. There is so much of it and such low-hanging fruit...

I know of large corporation divisions where $5 million per quarter was literally their rounding error threshold three decades ago (likely more like $15 million now).

The payoff is so great it is astonishing that some large tech companies don't do it just for the general reputation of the industry. Or the banks for the same reason (e.g., I wont' touch Zelle, both because when I first checked it out it was horribly clunky, my bank wanted $20/month just to use it, and all the persistent scams).

Or, just for lulz. This is rounding-error pocket-change for these corps. If it got going, I could see a rivalry between MS, Oracle, & Alphabet execs for who could dunk the most scam dollars, and jail the most perps...

[kube-system]

> You don't think that such a team could stop $50 million in crime in a year?

By "stop", do you mean "prevent from happening", "successfully prosecute", or "identify the perpetrators"?

My answers, respectively, are "no", "maybe, depending on the sample set", and "yes".

[toss1]

Hmm, why do you think they couldn't prevent $50mm? I'd expect that to be the easiest number to to maximize. Take out a ransomware crew, and you prevent all their crimes for the next years, as long as you keep them offline; get the encryption keys, and you've undone every ransom demand still standing. Just busting them in a way that their are either denied bail or have conditions placed on them so they cannot use any computing device, and you've taken them offline (and sufficient monitoring will probably jail them soon when they go back online under bail conditions.

Definitely agree that successfully prosecute is harder than ID perps...

[nradov]

You're dreaming. Most ransomware gangs operate offshore in countries that don't cooperate with our law enforcement or extradite suspects.

[majani]

There are a lot of talented people you can sell on the dream of working for less than their full market value in order to help vulnerable people not get scammed. It would be very fulfilling work for a lot of people

[rndmize]

Track them down and do what? Are you deploying a local police officer to arrest a scammer in India? It seems to me that in the vast majority of cases, law enforcement efforts will immediately run into jurisdiction issues, and most of the effort will be for nothing.

[luckylion]

That's probably true for some part of the scams, but others are domestic. The one I was looking into was most likely speaking German natively, and from what I could tell, he was a German in Germany (some info pointed to a specific German state, and his homedir was a common German first name).

You'll still have scammers from India, but you'll also have a lot that are running more elaborate scams and do a lot of damage by defrauding the government and companies.