Case study: are traditional financial fraud schemes applicable to the Indian IT educational market?

05/11/2009 Written by Roberto Preatoni

Today we indulge our­self in a pure hypo­theth­i­cal activ­ity by ana­lyz­ing whether it would be pos­si­ble to apply tra­di­tional finan­cial fraud schemes to India’s edu­ca­tional mar­ket. We agree, it might look a mere aca­d­e­mic work but later on we might find out that it makes much more sense that what we orig­i­nally thought.

1910 police mugshot of Charles Ponzi

First of all, let’s define what a Ponzi scheme is:
A Ponzi scheme is a fraud­u­lent invest­ment oper­a­tion that pays returns to sep­a­rate investors from their own money or money paid by sub­se­quent investors, rather than from any actual profit earned. The Ponzi scheme usu­ally entices new investors by offer­ing return other invest­ments can­not guar­an­tee, in the form of short-​term returns that are either abnor­mally high or unusu­ally con­sis­tent. The per­pet­u­a­tion of the returns that a Ponzi scheme adver­tises and pays requires an ever-​increasing flow of money from investors to keep the scheme going.

click on the news title to read more…

Need­less to say, the Ponzi scheme, together with the pyra­mid scheme is at the base of most of the finan­cial frauds as for exam­ple the recent one that gained the def­i­n­i­tion of the biggest finan­cial scam in Wall Street thanks to Bernard Madoff.

For the sake of the Indian IT Secu­rity indus­try and of course with a purely spec­u­la­tive approach, we will try to under­stand how a fraud­ster could apply a Ponzi scheme to India’s edu­ca­tional mar­ket. The ques­tion that imme­di­ately arises is: “why are we using India for our aca­d­e­mic research?”. The answer is given by the implicit nature of Multi-​Level-​Marketing of a Ponzi scheme. The only dif­fer­ence between a Ponzi scheme and a Multi-​Level_​Marketing scheme is that in the for­mer it is not pro­vided any form of com­pen­sa­tion for the par­tic­i­pants for attract­ing new par­tic­i­pants (vic­tims). India is not among those coun­tries who banned Multi-​Level-​Market or derived schemes so it’s per­fect for our spec­u­la­tive work.

The sec­ond ques­tion aris­ing is: “How can a Ponzi scheme be applied to the Indian edu­ca­tional mar­ket?”. In order to answer to this ques­tion we have to spec­u­late on an hypo­theth­i­cal security-​company offer­ing hypo­thet­i­cal edu­ca­tional ser­vices, located in an unex­is­tent Indian city: Cyberabad.

RECIPE FOR A PER­FECT CON IN THE IT SECU­RITY EDU­CA­TIONAL FIELD

- A COUN­TRY BIG ENOUGH: India is per­fect, with an *esti­mated* pop­u­la­tion of 1,2 Bil­lions, there is a mar­ket big enough to orga­nize a suc­cess­ful fraud scheme

- A CITY BIG ENOUGH AND WITH IT INFRA­STRU­CURES: We imag­ine the hypo­theth­i­cal city of Cyber­abad as a city with 4 Mil­lions inhab­i­tants. Cyber­abad is a strate­gic city for the suc­cess of the Ponzi scheme as it is the cyber-​heart of the coun­try, with a lot of IT suc­cess­ful com­pa­nies and startup and a strong demand of pro­fes­sional skills. Young­sters might be dream­ing to come and live to Cyber­abad and find the way to make up a good liv­ing out of a good job.

- A COUN­TRY WERE MOST YOUNG­STERS ARE COM­ING FROM MIDDLE/​LOW-​CLASS FAM­I­LIES, EAGER TO APPLY EVEN FOR A LOAN TO END UP WITH THE POS­SI­BIL­ITY TO FIND A GOOD JOB AS A SECU­RITY EXPERT: India is per­fect. The upcom­ing middle-​class is large enough to sup­ply prospect stu­dents. Stu­dents might get access to loans to finance the job-​oriented course, fam­i­lies might feel obliged to take such risk if it would be use­ful to give their sons a good job oppor­tu­nity. On the other way, the mar­ket might be large enough to con­vince them that is a good investment.

- BUILD­ING A STRONG INTER­NA­TIONAL IMAGE: the hipo­theth­i­cal IT secu­rity com­pany might start to try to tie up with impor­tant names and brands in the inter­na­tional hackers/​security panorama. The man­ager of such com­pany might pur­sue the eth­i­cally ques­tion­able prac­tice to get por­traied on pic­tures nearby pub­lic and well-​known faces. Such pic­tures might be posted on the hipo­theth­i­cal company’s web­site in order to con­vince peo­ple of its solid back­ground. False cer­tifi­cates por­trait­ing a strong tech­ni­cal back­ground might be hanged on the hipo­theth­i­cal com­pany manager’s office wall. Bill­boards por­trait­ing unaware well-​known inter­na­tional pro­fes­sion­als might be placed around Cyber­abad, offer­ing long term edu­ca­tional plans after which a very high return job posi­tion might be guar­an­teed. The web­site of the hypo­theth­i­cal IT secu­rity com­pany might report strong inter­na­tional brands logos with­out their knowl­edge. In the tech­ni­cal area of the web­site there might be pub­lished some arti­cles and whitepa­pers which might be a mere cut and paste of orig­i­nal mate­r­ial done by oth­ers, with­out their knowl­edge or con­sent and with­out report­ing the credits.

- A POW­ER­FUL GRIP ON SOME OF THE INDIAN MEDIAS: the man­ager of the hypo­theth­i­cal IT secu­rity com­pany might exploit his per­sonal rela­tio­ship with some jour­nal­ists, push­ing them to pro­duce arti­cles to boost his cor­po­rate image. From time to time the prac­tice of brib­ing some of the jour­nal­ists might be adopted. This might be needed to have those jour­nal­ists keep­ing writ­ing about new part­ner­ships between the hypo­theth­i­cal IT secu­rity com­pany and inter­na­tional brands, with­out rais­ing the ques­tion why the pre­vi­ous part­ne­ships boasted with old arti­cles, ended up in noth­ing in the best case or in a war in most cases.

- PRAC­TIC­ING FORUM SPAM­MING AT THE HIGH­EST LEVEL: the man­ager of the hypo­theth­i­cal IT secu­rity com­pany might assign from time to time to some of his faith­ful employ­ees, such a sec­re­tary for exam­ple, the task to browse the Inter­net, look­ing for all the student’s forum, pro­mot­ing the company’s courses, lessons, sem­i­nars by imper­son­at­ing fake stu­dents and by leav­ing bogus pos­i­tive com­ments. Some of those com­ments might be so bla­tantly faked that they might be just a copy&paste from other forum’s comments.

- KEEP­ING A FIRM HAND ON THE WAL­LET: it might hap­pen that the man­ager of the hypo­theth­i­cal IT secu­rity com­pany might use the company’s money to bribe peo­ple rather than pay­ing the employ­ees. This might end in cre­at­ing a big employ­ees turnover prob­lem for the hypo­theth­i­cal IT secu­rity com­pany. Delay­ing or not pay­ing the inter­na­tional pro­fes­sion­als and com­pa­nies pre­vi­ously lured into sign­ing a part­ner­ship might help to reduce the hypo­theth­i­cal IT secu­rity company’s costs and keep the manager’s liv­ing stan­dard high.

- APPLY­ING THE PONZI SCHEME BY TOP­PING THE COURSE PRICE WITH A JOB OFFER: now that the hipo­theth­i­cal IT secu­rity com­pany has some­what built a rep­u­ta­tion, dis­sem­i­nated the press with self-​referencing arti­cles, spammed the online forums with bogus com­ments, lured tar­geted stu­dents into get­ting infor­ma­tion about the offered courses, it’s time to get the Ponzi’s scheme up and run­ning. The math behind the Ponzi’s scheme behind this par­tic­u­lar fraud is very symple.

Let’s start by stat­ing that the hypo­theth­i­cal IT secu­rity com­pany might try to thicken the bait to lure stu­dents in by announc­ing that after a 6 month course they will be offered a guar­an­teed job. Plus, that course will be backed up by famous inter­na­tional IT secu­rity brand and fac­ul­ties whose names and logos are kept shown onto the hypo­theth­i­cal IT secu­rity company’s web­site. Let’s put down some hypho­theth­i­cal fig­ures, just for the ben­e­fit of the calculus.

300,000 indian rupees will be the cost of the 6 months course

35,000 rupees will be the guar­an­teed monthly income that the stu­dents are promised to get with the job posi­tion offered by the hypo­theth­i­cal IT secu­rity com­pany at the com­ple­tion of the 6 months course.

The Indian tar­geted stu­dents, who are world­wide known to be good in math­e­matic, will imme­di­ately do the math:

300,000 /​35,000 = 8,571 which means that in ONLY eight and a half months of the promised salary they will recover the entire cost of the edu­ca­tional plan offered by the hypo­theth­i­cal IT secu­rity com­pany. It is such a good edu­ca­tional invest­ment pro­posal that even the most world’s author­i­ta­tive and renowned schools can­not beat. It’s def­i­nitely the case to ask to their fam­ily to go to the bank and take a loan to secure their pro­fes­sional car­reer. After all, where is the risk if in only 8,5 months they will be capa­ble to repay it?

So they enroll to the course. Which might hap­pen to start a few weeks later than the sched­uled time due, for exam­ple, of lack of faculties.

Before get­ting “accepeted” by the hypo­theth­i­cal IT secu­rity com­pany into the class, they might be asked to resign from their pre­vi­ous jobs, like to show them that this is a seri­ous educational/​job pro­posal. Many of them might accept this risk and might resign from their cur­rent job. Hey, after all they are going to get the chance they and their fam­i­lies have been wait­ing for all their lifes.

After the pro­longued delay in the sched­uled begin­ning of the course, once in the class­room the stu­dents might dis­cover crappy IT infra­struc­ture, absence of proper teach­ing mate­r­ial, no inter­na­tional fac­ul­ties at all, always the same local teacher’s face, out­dated course tracks made by cut&paste from old and stolen sem­i­nars. At the end of the course they will be offered a “Cyber­squad Team Mem­ber” cer­tifi­cate printed with the office’s HP laser­jet 100 printer on the cheap­est paper ever and some mer­chan­dise (such t-​shirts) the hypo­theth­i­cal IT secu­rity company’s man­ager skimmed from somebody’s else sem­i­nars. But at this time it’s too late to com­plain, they paid the money, they con­vinced their fam­i­lies to take loans, even­tu­ally they left their jobs.

Real fig­ures might be higher but let’s put down an ipo­thet­i­cal round fig­ure of 10 stu­dents attend­ing the 6 months course, twice per year, total­ing 20 stu­dents, just for the sake of the easy math.

300,000 * 20 = 6,000,000 rupiees cashed by the hypo­theth­i­cal IT secu­rity com­pany in a year, just from that course track. Always for the easy­ness of the math, let’s stay focused only on that course track.

But then it comes the time to full­fill the promises and the hypo­theth­i­cal IT secu­rity com­pany has now to pro­vide the “guar­an­teed job”. But not to all the stu­dents, because 3 out of the 10 left the course before the end, as they under­stood it was a pure scam, lead­ing to nothing.

None of the 7 stu­dents are offered a job in a seri­ous com­pany because no seri­ous com­pany is keen to accept the hypo­theth­i­cal IT secu­rity company’s stu­dents. So the man­ager of the hypo­theth­i­cal IT secu­rity com­pany has no other chance left than offer­ing them an “inter­nal job” position.

But not for the promised 35,000 rupees/​month. No Sir, it’s cri­sis time now, you must accept from 5,000 to 10,000 rupees/​month at the best. And you will prob­a­bly get that money only at the first month, hav­ing the next months pay­ments pos­si­bly delayed/​unpaid. What kind of job all those new “cyber­squad team mem­bers” will be doing all day long in the hypo­theth­i­cal IT secu­rity company’s offices? Noth­ing. Brows­ing the Inter­net, chat­ting with friends as the hypo­theth­i­cal IT secu­rity com­pany has no capa­bil­ity to attract real cus­tomers for seri­ous jobs.

Then, after a few months, the hypo­theth­i­cal IT secu­rity com­pany will find a silly excuse to fire those freshly hired “cyber­squad team mem­bers” like abus­ing of the company’s net­work or unwill­ingly unplug a router patch caus­ing a 15 sec­onds down­time or forc­ing them to leave with strong mob­bing actions.

Once again, let’s do the math:

6,000,000 - rupees cashed by the company

282,000= rupees paid for the six months course to the local faculty

5,718,000– total net profit before the cost of the guar­an­teed job

280,000= 4 months of guar­an­teed job before being fired * 7 “cyber­squad team mem­bers” at 10,000 rupees/​month (some­times 5,000)

5,438,000 net profit after the scam and before the gen­eral costs

Not bad for such a sim­ple Ponzi’s scheme. Why is this scheme match­ing the typ­i­cal Ponzi’s scheme charach­ter­is­tics? Because in the typ­i­cal Ponzi’s scheme the vic­tim pro­vides the money upfront and then later on a small part of that money will be used to pay them back some inter­ests or pre­sumed gains.

In this case the stu­dents pro­vide money upfront to pay the course and then later on part of this money is then given back in a form of promised salary but only for a few months. Most of it will be end­ing up in mak­ing the hypo­theth­i­cal IT secu­rity company’s man­ager happy.

This is the end of our aca­d­e­m­i­cal and spec­u­la­tive research, we hope Indian author­i­ties might find it use­ful to avoid that such *ipho­theth­i­cal* appli­ca­tion of the Ponzi scheme might sooner or later hap­pen for real.

Because so far, this scheme has been applied only by the hypo­theth­i­cal IT secu­rity com­pany located in the hipo­theth­i­cal city of Cyberabad.

uhmm… maybe not. Per­haps in the future we will do some seri­ous scout­ing to see if some real IT secu­rity com­pany applied such Ponzi’s scheme against stu­dents com­ing from fam­i­lies now bank­rupted by the loan they asked to pay them the tuition fees.

admin@​zone-​h.​org


Share this content: