Success stories
CyberTipline – National Center for missing and exploited children in USA
On May 4, 2009, the CyberTipline received a report from a very distraught woman regarding a 36-year-old male in Huntsville, Texas. The reporting person stated that the suspect had molested five children, that he had worked in an elementary school at one point, and that he continued to have access to children. She went on to say that she believed the suspect was in possession of child pornography. It was clear from the way she described the suspect that the reporting person was well acquainted with this individual. In addition, she was able to provide the suspect’s full name, address, and telephone number in the CyberTipline report.
Recognizing the urgency of the situation, an Exploited Children Division (ECD) analyst immediately began conducting public record and telecommunications database searches on the suspect. The information she located on the suspect was consistent with the information the reporting person provided. The analyst then forwarded the CyberTipline report to the Southern Texas Internet Crimes Against Children Taskforce (ICAC), an OJJDP-funded program, out of the Texas Attorney General’s Office, for investigation.
ICAC investigators quickly reached out to the Huntsville Police Department, who had an open investigation on the same suspect. Four prepubescent females had come forward in 2003 and reported the same suspect for repeatedly sexually assaulting them between 1988 and 1992. Unfortunately, following an extensive investigation, police did not have enough evidence to make an arrest at that time. As it turned out, the CyberTipline report heated up what had become a cold case. Armed with the report, Huntsville detectives, accompanied by ICAC investigators, returned to the suspect’s home to talk to him. Much to their surprise, he broke down and confessed to sexually molesting the four little girls. With the suspect’s permission, ICAC investigators then seized the suspect’s computers and hard drives for forensic examination.
On May 9, 2009, just five days after they received the CyberTipline report, Huntsville detectives arrested the suspect and charged him with four counts of aggravated sexual assault. He is currently in the Walker County Jail on $80,000 bond. If convicted, he could be facing up to 99 years in state prison. Additional charges may be added following the results of the Attorney General’s Office’s examination of his computer and electronic media.
Case 2:
On January 13, 2009, the CyberTipline received a report from an anonymous individual regarding a Craigslist ad that was posted in the Las Vegas, Nevada erotic services section. The poster commented that he wanted to perform sexual acts on young boys and detailed where he would be at a certain time, and even what he would be wearing, in order to facilitate a meeting. The posting also contained a pornographic image. An Exploited Children Division (ECD) analyst reviewed the reported material, documented same, and provided the CyberTipline report to the Henderson Police Department, whom the reporting person had indicated he had contacted about the posting.
The Computer Crimes Division of the Henderson Police Department immediately initiated an undercover operation based on the information provided in the CyberTipline report. One of the detectives, who had previously attended an Internet Crimes Against Children (ICAC) training program, replied to the Craigslist posting, posing as a 15-year-old boy. The detective and the suspect communicated for approximately two weeks before a meeting was discussed. The detective told the suspect that he would ride his bicycle to a local store, but he did not have a way to secure it. On February 11, 2009, the undercover officer and surveillance units were in place and watched an individual, who appeared to be the suspect, enter the shopping plaza. The man lingered in front of the designated store and then subsequently entered a storefront next door; however, he continually kept his attention on the undercover officer posing as a juvenile. Minutes later, the man returned to his vehicle and exited the parking lot. Shortly thereafter, Henderson detectives pulled over his vehicle. A search of the car uncovered narcotics, drug paraphernalia, and a bicycle lock. The man was arrested on the spot. Subsequently, during an interview, detectives learned that when the suspect initially approached the store, he saw a group of firefighters, which is believed to be the reason he did not initiate actual contact with the undercover officer. In addition, the man disclosed that he was HIV positive.
Detectives obtained a search warrant and seized numerous computers and cameras. Upon a preliminary review of the electronic devices, detectives found numerous self-produced videos of the suspect engaged in unprotected sex with various men. The man is being charged with possession of narcotics and drug paraphernalia, using technology to lure a minor, and intent to infect others with HIV. This is one of the first times Henderson detectives have charged an individual with intending to infect another individual with HIV. Investigators continue to work this case and to pursue the identities of the other men whom the suspect may have infected.
Case 3:
On August 14, 2008, the CyberTipline received an anonymous report regarding possible pornographic images of children on the computer of an adult male in Watertown, New York. The reporting person was also concerned that the reported suspect might be sexually exploiting a female toddler.
An Exploited Children Division (ECD) analyst conducted online and public database searches and located a current address for the suspect. The analyst immediately sent the CyberTipline report to the New York Internet Crimes Against Children (ICAC) Task Force, an OJJDP-funded program out of the New York State Police, for investigation. Armed with this information, State Police investigators went out to the suspect's home in Watertown, New York for a "knock and talk" and successfully received permission from him to seize his computer. After finding child pornography on the suspect's computer, investigators returned to the home on September 18, 2008 and arrested both the suspect and his wife.
Unfortunately, the content seized by law enforcement turned out to be the tip of the iceberg. During the course of their investigation, police learned that the suspect, a former soldier at Fort Drum, and his wife, currently a lab technician at Fort Drum, had been molesting four children, ranging in age from 16 months to 13 years old. Computer forensics uncovered messages between the parties suggesting that both were active participants and complicit in the assaults against the children. Law enforcement is investigating the possibility that there are not only additional local victims, but victims in Texas and Kentucky, where one or both suspects have spent time.
Both suspects have been charged with First Degree Rape, Possessing an Obscene Sexual Performance by a Child, Predatory Sexual Assault on a Child, Criminal Sexual Act, and Endangering the Welfare of a Child. They have been arraigned and are being held without bail. The charges against them carry a maximum penalty of a life sentence in prison. The children have been removed from the home and are safely in state custody or with relatives.
Case 4:
On July 31, 2008, a concerned citizen contacted the NCMEC 24hour Call Center to make a Cybertipline report regarding a possible incident of child molestation. The reporting person stated he worked with an adult male from St. Croix, Virgin Islands who was planning on traveling to the Dominican Republic to engage in sexual activity with a minor female the following month. The reporting person was unable to provide the child’s name, but did identify the reported suspect by name. He also provided very specific details surrounding the circumstances of the suspect and child’s relationship and further indicated that the suspect had told the child he loved her and that they would “be together soon.”
Immediately upon receiving the report, an Exploited Children Division (ECD) analyst notified the US Immigrations and Customs Enforcement Liaison at NCMEC of the suspect’s impending trip to the Dominican Republic. The report was then forwarded to ICE agents in St. Croix, who quickly requested the suspect’s phone records. In addition, a subpoena was issued to local airline companies requesting information on the suspect’s future travel dates. ICE agents in St. Croix then contacted the ICE Attaché Office in Santo Domingo and secured their assistance in the investigation of the suspect and his activities. Also during their investigation, ICE agents determined that the reported suspect was a United States citizen.
As predicted by the reporting person, the suspect traveled to the Dominican Republic in September of 2008. On October 7, 2008, he boarded a flight to return to St. Croix. His plane connected in Puerto Rico, where US Customs and Border Patrol agents were waiting for him, having been alerted to his travel plans by ICE agents. The suspect was detained and searched by CPB agents, who seized a cell phone containing images of the suspect engaging in sexual activity with what appeared to be a juvenile female. Following questioning by Puerto Rico ICE agents, the suspect admitted to having sex with the child, who was 14 years old at the time, and to using his cell phone to photograph her. He also told law enforcement that he was aware of the child’s age at the time of the incident. ICE agents identified the child in the images and interviewed her. She confirmed that the suspect, knowing her age, had engaged with sexual activity with her on multiple occasions during his stay in the Dominican Republic.
On January 7, 2009, the suspect entered a guilty plea in the District Court, Puerto Rico Division to producing child pornography, the mandatory minimum penalty for which is 15 years in prison. On January 20, 2009, he pled guilty in the District Court, St. Croix Division to traveling with the intent to have sex with a minor. That offense carries a possible 30-year prison sentence and $250,000 fine. The suspect will remain in custody pending sentencing.
ISPAI Hotline.ie – Irish Internet Hotline
A child sexual abuse website in
On Friday, October 2 the ISPAI Hotline.ie had, for the first time since its establishment, a report which it confirmed was a website of child sexual abuse material (CSAM) hosted in
The
The Hotline.ie General Manager alerted our designated contact in the Garda Paedophile Investigation Unit. Full credit to this police officer because although he was off duty he appreciated the gravity of the situation, contacted his colleagues and got an investigation in motion.
The Garda investigation discovered that the site had been hacked. The CSAM website had been placed in a separate directory which could not be reached by navigating from the retailer’s website. However, clicking on the link in the banner site which held the full URL led directly to the planted directory. This contained PHP routines which created a pay-site portal with preview images pulled in from hosts in other countries.
The incident highlights the fact that websites owned by innocent businesses are being hacked to act as disassociated “carriers” to help conceal the criminals whose operations provide commercial CSAM. Their task is made easier by companies whose poor security procedures allow website maintenance account names and passwords to be compromised.
In the Hotline’s ten years existence this was the first time we ever received a confirmed report of a CSAM site hosted in
ECPAT - Taiwan Internet Hotline
On October 23, 2009, the hotline of ECPAT Taiwan (web547) received report regarding the pornography website “Palace Porn Website ” that selling DVDs of illegal adult pornography and child sexual abuse content. The website was hosted in America. However, the website limited the customers to live in Taiwan, because it used the Home-Delivery service as the only way to deliver the merchandise and asked customers to pay the payment on the receipt of the goods. Therefore, web547 decided to forward the report to CyberTipline and to the 9th investigation brigade of CIB, which is the Cyber-Crime Suppression Division and is responsible for investigating online child sexual abuse in Taiwan.
During the time of investigation, web547 received several reports with different URLs but indicated to the same website. We keep on forwarding the relevant information to police. On December 30, 2009, the 9th investigation brigade of CIB arrested 5 suspects and tracked down 16 DVD Burners, 570 illegal porn DVDs, and more than 70 DVDs with child sexual abuse content.
“Palace Porn Website” provided various porn DVDs with the lowest price NT$25 (approximately 80 cents in US Dollar). However, they earned more than 350,000 USD every year. The suspects used fake identity to rent an apartment and to apply Internet service. The Deputy Captain of the 9th investigation brigade indicated that most of the content of the DVDs were downloaded from the Internet, that’s why the DVDs are very cheap. In regards to the resource of child sexual abuse videos, they will keep on investigating. The 5 suspects are prosecuted by the Statute For Child And Youth Sexual Transaction Prevention And Control.
SAFE-NET BG - Bulgarian Safer Internet Node
On 8 January, the Bulgarian Cybercrime Unit arrested a 39-year old man for grooming and coercing a minor into virtual sex. The perpetrator was identified after a report by the Bulgarian Hotline.
On December 15, the mother of a 13-year old girl visited the premises of the Bulgarian Safer Internet Centre bringing print-outs of 3-hour Skype conversation between her daughter and what seemed to be 3 other Skype users. The girl was first approached on Skype by a user pretending to be 21-year old girl. “She” said to the victim that she accidentally saw in a coffee shop 3 men who were looking at pictures of the 13-year old on a palmtop and warned her that these men are dangerous criminals. They reportedly had raped and severely injured another 13-year old girl from another schools in the neighbourhood.
Later it became evident that the first identification of the minor was done through the popular among teenagers dating site Sofianci.com where the minors give not only their real names and post personal pictures but also indicate the school they are attending and the district they are living in.
The ‘caring elder girl’ gave the victim the Skype name of the supposed victim of rape who confirmed the story and advised the girl to do everything a man called Yavor would ask her to do in order not be physically abused and harmed.
Then Yavor (it proved to be the real name of the perpetrator who actually was all the time chatting on behalf of the two other phantom personages) joined and ordered the girl to go and buy a web-camera and come back online in 1 hour. He explained how to install the camera drivers and ordered the girl not to say anything to her parents. “If you obey I will be watching you for 5 days and then you will get a new mobile phone as a present, if not – three of us will come to rape you as we know where you live” was the threatening message. At that point the girl was already so scared that she told her mother who immediately contacted the Hotline. The team collected all possible information from the mother and transmitted it to the Cybercrime Unit.
On the computer of the predator was found evidence for several other girls who fell into his online trap including supporting video-material.
