Despite numerous interviews, media write-ups, and multiple biographical sources, Ilhan Abdullahi Omar AKA “Ilhan Nur Said Elmi” remains an enigma. As strange as it sounds, there is almost no verifiable information about her nor her family in the public domain. This is bordering on the fantastic considering the fact that she is a 34 year old sitting congresswoman. In an era where comprehensive digital background searches can be executed with a single mouse click, Omar’s fluid and ever shifting identify and invisible past are true anomalies.
The majority of the biographical information that she disclosed has multiple non-reconcilable versions. This includes significant inconsistencies about basic facts such as her family’s actual names, their birth dates, details about her brother/husband’s identity, her father’s political role in the dictatorship of Said Berra, her residence in Mogadishu, and the real reason for their escape from Somalia.
The fluidity of the Oma’rs background suggests that most of the details that we know about her have been engineered. It is also clear that over the past 8 years, core components of the Omar family dossier have gone through multiple revisions at the hands of someone who has a decent grasp of covert intelligence operations.
One good illustration for this steady stream of revisionism is the ‘militia assassination’ story. This tale which forms the foundation of Ilhan’s Somalia fairytale escape narrative (and likely the basis for the US asylum application) details one traumatic night in Mogadishu when her family’s secure compound was attacked by an unknown rebel militia that tried to “assassinate” her and her entire family.
The following are two versions of this story as told by Omar in 2016. The first version is from her interview with Cory Zurowski from CityPages News. The second version—which she told a month later—is from an Omar propaganda featurette that was produced by Daniel Cummings.
1. Ilhan Omar’s Improbable Journey from Refugee Camp to Minnesota Legislature CityPages News – Published 26 October, 2016 “Nighttime fell as about 20 people milled about the compound in Mogadishu, the Somali capital. Bad noises outside announced unwelcome visitors. Men with big guns demanded to be let in. The group tried to bust down the front door, but it was unbreakable. Omar and her family fell to the floor moments before the militiamen let go a staccato of gunfire. Once they were satisfied with the evening’s damage, the attackers left.
Everyone survived. Omar hasn’t forgotten the sight of bullet pockmarks in the building’s cinderblock walls.
Shellshock turned to grief for Omar’s grandpa. “That was a hard realization for my grandfather, that our family was no longer welcome,” she says. “Even after the attack, he struggled with this new reality.”
Days later, they put their familiar world in the rearview mirror. They split into groups, 20 people in total fleeing. Omar’s headed for the coast where Abukar [grandfather] had connections. Alongside her father, she hopped a plane for Kenya.”
[Got to 55:14 point in the recording to hear the description below]
“Think my earliest memory of when the war actually felt real was waking up you know midnight… to militiaman surrounding our house. My aunt and older sister having a conversation through the window, sort of a negotiation with them because these were classmates of theirs, umm… and… and…and… negotiating them to sort of back down… and umm…and trying to break into our house and assassinate us.
We ended up surviving that night then my grandfather said that we like had to leave. We all left thinking that we’ll come back…that umm… you know in a few months the war would end, so we sort of fled I think like at 4 AM.
And walking through this… this…streets and actually, umm… walking over dead bodies and seeing debris and buildings that have fallen apart umm…sort of land marks of like hotels that you know, umm… that had movie theaters and all of this that we used to go by and… and… see that they no longer were standing tall…”
Both of these versions have major structural problems. This includes discrepancies in the timeline, the sequence of events, the number of individuals involved, and the plot line. As can be seen from the table below, there are significant embellishment and missing elements in each version. For example, the claim that the militia opened fire at the house vs. that they retreated peacefully after the aunt and sister negotiated with them or that the militiaman were classmates of her aunt and or sister.
26 October Version
15 November Version
20 men in the militia
Compound in Mogadishu
Militia outside the compound
Militia surrounded compound
Aunt & older sister talking to militia
Militia classmates of aunt and sister
Man with big guns
Trying to bust down the door
Militia tried to assassinate them
House door was unbreakable
Omar and family fell to the ground
Militia opens fire at the house
Memory of bullet pockmarks on wall
Family not welcome in Somalia
20 family members fleeing
Catching a flight to Kenya
Dead bodies & destroyed buildings
Grandfather said we had to leave
Table 1: A sample of the variations in several tales of the Somali rebel militia storming the Omar compound in Mogadishu
Both versions of the story make little sense, especially the preposterous assertions Omar makes about the ‘magic door’ that could not be breached and how her family which consisted of 20 individuals (which wasn’t supposed to be connected to the brutal dictator Said Berra) managed on short notice to get hard currency, valid passports, visas, transportation to the airport, and a safe passage to catch an international flight out of the Aden Adde Airport.
Following this and many other Omar biographical dichotomies, I decided to examine her public statements regarding her family history. For any other US elected official, these types of gaping holes in a personal and family history would normally trigger a lynch mob of angry MSM investigative reporters. But as it has been already demonstrated, Congresswoman Omar seems to have managed to somehow acquire the ring of Gyges and will not answer questions on these subjects because she deems them offensive and an invasion of her privacy.
So instead of hoping that someone will finally wake up and bring her in for questioning, I figured why not do the next best thing–take some of her video appearances and run them through a software based polygraph analysis.
The Evaluation Process I wanted to conduct the evaluation in an impartial manner and eliminate the Christine Blasey Ford effect and the observer bias. To achieve this, I’ve only used movies of Omar that had her speaking clearly and audibly and featured a close-up view of her face at a sufficient resolution. This was important for facial feature extraction. I also automated the image optimization and evaluation process.
In assembling the virtual polygraph system, I used several Artificial Intelligence platforms to perform the speech and facial expression evaluation. For the facial and speech analytics I used:
For the speech analysis I used several algorithms to identify conversational dynamics and the detection of deceit through functions and patterns such as:
Usage of filler words like “Umm”, “and”, “Like”
Cut out contractions such as using “did not” rather than “didn’t“
Increase/decrease in speech speed, pitch, and tone
Prolonging word vocalization to buy time
Repeating or rephrasing questions
Voice pitch changes
I calibrated the facial expression engine and established a baseline using several hours of Omar’s speeches on a variety of ‘neutral’ subjects. I then established her ‘truth’ baseline using over 1200 factual statements (i.e. statement known to be true). I also supplemented her baseline facial expressions with catalogue of over 230 combinations of her customized Microexpression.
Following the creation of a unique database of her facial expressions, I proceeded with the ML training using her unique data sets. The whole training process took about 32 hours.
After the training was completed, I fed several movies into the engine and evaluated the accuracy of the system performance in terms of false detection and missed detection using a manual ground truth evaluation. During that evaluation, I examined several hundred individual video frames, correlating them to what Omar was saying and the AI detections of face expression.
The results of the ground truth successfully confirmed the accuracy of the training data and the precision of the speech and facial expression algorithms.
Image 1: Sample of the facial analysis results for one video frame out of about 120K frames analyzed.
Image 2: Sample of a few of the over 4000 frames analyzed from the ‘Militia Assassination’ sequence
Image 4: Sample images showing blinking and fidgeting (soothing behavior) correlated to the ‘Militia Assassination’ sequence
Image 5: Sample of an image that has gone through the optimization and enhancement process prior to using it in facial analysis
Analysis Results The speech and facial sentiment analysis strongly suggests that Omar was deceitful when discussing her family Mogadishu history. She exhibited all of the typical facial and body mechanics indicators for dishonesty including:
Omar’s analytic ‘lie’ score consistently exceeds her ‘truth’ baseline by 30%-80%. Her patterns also exhibit many indications of a compulsive fibber. She is a a great storyteller; her tales tend to be very detailed and colorful and she seems very convincing. She is a natural performer, she is eloquent, and she knows how to successfully engage her audience. When providing historical information about her family, she never does so matter-of-factly (the way most people retell their family histories). Rather, Omar’s narrative is always geared at acquiring the listener’s admiration and sympathy.
The following are a few examples that suggest that she could be either a pathological liar or is working with a well written obfuscation script:
She often talks about experiences and accomplishments in which she and her family play heroic parts
She is always a victim in her stories and is habitually looking for sympathy
Her stories tend to be very detailed but lack any verifiable data
She responds elaborately and quickly to questions but her responses are always vague and almost never answer the question
She has different versions of the same story and uses all of these versions at times
Image 6: Omar’s sentiment chart showing her emotional state when discussing the ‘Militia Assassination’ event
Omar habitually exhibits this pattern of evasiveness and embellishment in all of her narratives. For example, we know from multiple interviews that the count of her siblings changes and varies at any one time from 4-7. This begs the question of what her family’s real story is and why are they so reluctant to disclose it.
Omar is a naturalized citizen with a very ambiguous/suspicious background that doesn’t seem to match her official biography. As a public figure and congresswoman, she has or will have access to sensitive and classified state secrets, as such, it may not be a bad idea for DHS and INS to run her record in order to eliminate any potential security breaches downstream.
Anyone working for any three letter agency must go through a background screening and a detailed character evaluation. Some even are mandated to take periodic polygraph tests. There is no reason why a top lawmaker like Ilhan should be exempt. If her biographical details match her official story, then she should get the royal stamp of approval and be done with all the speculation. If it does not, then there should be full public disclosure of the details and a congressional hearing regarding the discrepancies.
وَيْلٌ لِّكُلِّ أَفَّاكٍ أَثِيمٍ A fake refugee hatched out a plan And perched on it like a crafty hen: This politically opportunistic maid, Has made an art of this charade.
A Congresswoman on a US hate crusade Should carefully watch her vile tirade: Appreciate the kindness done to you, forget not you owe your life to a Jew.
No matter how powerful this liar is Allah is mightier than she is: He raises up the righteous to bliss, And brings the deceivers to their knees.
Copyright 2019 Yaacov Apelbaum, All Rights Reserved.
Image 1: Digital remastering of the original artwork by Y. Lovell located at the torpedo room of the US Navy Submarine Becuna (SS-319).
Image 2: Commemorative postal covers marking the keel laying on 29 April 1943 and her launch on 30 January 1944 at the Electric Boat Company, Groton, CT. Starboard view of the USS Becuna entering Pearl Harbor, circa 1944.
Image 3: USS Becuna returning from a patrol to Pearl Harbor 1944-45
Image 4: USS Becuna docked at Pearl Harbor 1944-45
Image 5: USS Becuna conducting a high line transfer
Image 6: USS Becuna Interior (L-R) Control room, maneuvering room, engine room (with the two engines “Huff” and “Puff”), torpedo room, and the galley
A Submarine (From an edition of The Dolphin, the SUBASE NEW LONDON newspaper, April 4, 1925)
Born in the shops of the Devil, Designed in the brains of a fiend; Filled with acid and crude oil, And christened “A Submarine”.
The poets send in their ditties, Of Battleships spick and clean; But never a word in their columns, Do you see of a submarine.
I’ll try and depict our story, In a very laconic way; Please have patience to listen, Until I have finished my say.
We eat where’re we can find it, And sleep hanging up on the hooks; Conditions under which we’re existing, Are never published in books.
Life on these boats is obnoxious, And that is using mild terms; We are never bothered by sickness, There isn’t any room for germs.
We are never troubled with varmints, There are things even a cockroach can’t stand. And any self-respecting rodent, Quick as possible beats it for land.
And that little one dollar per dive, We receive to submerge out of sight; Is often earned more than double, By charging batteries at night.
And that extra compensation, We receive on boats like these; We never really get at all, It’s spent on soap and dungarees.
Machinists get soaked in fuel oil, Electricians in H2SO4; Gunnersmates with 600W, And torpedo slush galore.
When we come into the Navy Yard, We are looked upon with disgrace; And they make out some new regulations, To fit our particular case.
Now all you Battleship sailors, When you are feelin’’ disgruntled and mean; Just pack your bag and hammock, And go to “A Submarine”
References and Sources Images courtesy of: Darryl L. Baker, Jack Treutle (of blessed memory), and John Hummel, (USN) retired Submarine Photo Archive – USS Becuna (SS-319) (AGSS-319)
Copyright 2019 Yaacov Apelbaum, All Rights Reserved.
Romantic scams a la Casanova style have been around forever, but the Military Romantic scam variant has only taken off since the advent of social media and on-line dating. According to a 2018 BBB Online Romance Scams study, since 2015 this form of cybercrime has become a 1 billion dollar industry in the US alone. The lifecycle of this scam is well documented and understood, but the low-level details and logistics have never been made public. Little is known about their operations, networks, organizational structure, payment collection and clearance methods, the technologies they use, and their relationship with their domestic financial institutions, law enforcement, and politicians. The public’s perception of cyber scammers is that of modern day pirates; an amorphous buccaneer entity shrouded in mystery that operates from somewhere overseas with what appears to be complete impunity from prosecution and justice.
The impact of military romantic scams on the victims who are typically older women living on a fixed income is devastating. Some end up going into debt to pay the scammers; others lose their entire life savings. To add insult to injury, many of the victims continue to be blackmailed and forced into committing crimes like trafficking counterbid long after they discover that they have been defrauded. This can happen even if they try to terminate their communications with the scammer. Due to the international nature of these scams and the social stigma they carry, most victims have no legal recourse nor a chance of ever recovering their losses.
So in the spirit of Proverbs 31:8-9 “Speak up for those who cannot speak for themselves…” I’ll try to pull the curtain back on one military romantic scam and do a deep dive into its inner workings and its perpetrators.
Military Romantic Scams 101 At its bare bones, the military romance scam has several variants, all of which revolve around repurposing images of some serviceman or woman and using them to create a fake profile on a social media or a dating site, then reaching out to a victim and defrauding them.
As can be seen from Image 1 and Table 1, a single set of stolen images can become a source of dozens of fake identities and over 900 concurrently running scams.
Image 1: (L-R) The 49 personalities of Richard Canon and 12 other stolen identities used in concurrent romantic scams.
Running Scam Count
Richard Canon Miller
Thomas Lavallee (Richard)
Thomas Hunter Richard
Richard Canon Martin
Richard Chocktoot Kenneth
Richards Jack Hanan
Richard Steven Nelly
William David Mark
Larry Brent Richards
Richard E Garlock
Canon J Richard
Richard C Brain
Canon M Richard
Total scams for image
Table1: One of the hundreds of concurrent scams using the same image with different name variations
Once the fake on-line profile is created, the scammer will then pursue certain victim demographics and concentrate their efforts on a previously proven cross-section of susceptible individuals—for example, a divorced or widowed woman over 50.
After the initial contact is established with a victim, the scammer will then engage in a trust-building campaign that can take weeks or months. As part of this process, the scammers will transmit to the victim a wide range of collateral that can include a fake military ID, service photographs, additional social network images, and even address and property information about their fake residence.
The emails, text messages, and step-by-step logic used in these exploits are all based on hundreds of previously tested and successful scams. This makes their decision trees robust and the playbooks plausible and effective. Also, because the operator doesn’t have to waste any time on trial and error approaches, improvisation, or real-time content creation, they can effectively run dozens of concurrent scams by just picking up some template-based material, such as handwritten love letters, and minimally customize them to the specific victim.
Image 2: An example of template based collateral ready for customization and a fake military ID with typical errors that include: wrong service branch, rank mismatch, capitalization errors, mixed font use, inconsistent letter bolding, a mixture of imperial and metric units, and reuse of DOG TAG numbers from other fake IDs.
Any compromising information such as sexually explicit material, family, legal, or medical information the victim shares about themselves will be used subsequently by the scammer to continue to exercise leverage on the victim through blackmail.
The Psychology Two major contributing factors that make romantic military scams so effective are the link between our perception of authority (people in uniform) and the sense of affinity and closeness we attribute to written communications. In a paper titled An Attributional Extension of the Hyperpersonal Model that analyzes the relationship between computer-based communications and the willingness to disclose intimate information, the authors conclude that:
“…In the experiment participants were randomly assigned to a face‐to‐face or computer‐mediated interaction with a confederate who made either high‐ or low‐intimacy self‐disclosures. Results indicated that computer‐mediated interactions intensified the association between disclosure and intimacy relative to face‐to‐face interactions, and this intensification effect was fully mediated by increased interpersonal (relationship) attributions observed in the computer‐mediated condition.”
The reason why we trust people in uniform is obvious but paradoxically, it seems that we are willing to disclose more intimate details about ourselves via electronic communications than in person. The written nature of these exchanges also adds a level of conviction and earnestness that verbal communications lack. In the case of romantic scams, this results in the victim developing a higher degree of confidence in what the other party says because they view the ‘physical’ text messages, emails, and letters in their possession as proof of sincerity.
The Scam Lifecycle Regardless of the specific instance details, all scams are formulaic and follow a pre-defined lifecycle. Every successful romantic scam has these five sequential phases:
Establish an online profile and make contact with a vulnerable victim
Develop a trust relationship with the victim, by exploiting some of their weakness, isolate them, and groom them
Learn as much as possible about the victim’s family, background, desires, and assets
Gain access to the victim’s money or resources
Use the victim as a money mole or contraband mover to support other scams
The Law Enforcement Challenge Traditional crime or terror network analysis is expensive, time-consuming, and resource intensive. It requires dedicated task forces, access to fused HUMINT, GEOINT, MASINT, SIGINT, TECHINT, INT/DNINT, real-time surveillance data, and the support of many subject matter experts. Trying to reconstruct a modern criminal or terror network is not a straightforward matter because these networks do not follow the classical organized crime models and rigid hierarchical structures.
Cybercrime networks and operators are loosely coupled and are assembled from among a tightknit group of ethnically related individuals. They lack central organization, command hierarchy, official communications channels, and consistent geographical location. They are shielded by local politicians and have the full support and cooperation of senior law enforcement officials. These organizations also utilize a brutal code of loyalty and enforcement that can result in violent punishment for any member that deviates from their assigned responsibilities.
To complicate things further, most of the individuals involved in cybercrime networks are non-US nationals that operate overseas in multiple international jurisdictions. They also effectively utilize countermeasures such as data anonymization techniques, burner phones, and non-traceable payment methods to evade detection and tracking.
So the upshot is that traditional law enforcement and prosecution techniques like the use of informants, bank accounts or assets seizure, and search warrants are mostly ineffective and practically useless.
The Analysis The ultimate goal of this research wasn’t to locate specific individuals but rather to discover the patterns of life, flora, fauna and lay of the land in this mysterious Kingdom of Scam-Land. I personally have no interest in the individuals identified at all but I do believe that the information and analytics framework used here would be useful in educating the general public and Western LEA in trying to develop an automated and more effective real-time scam fighting strategies and programs. You can find more details about the solution architecture and system components that I’ve used in this project in a previous post titled the Mechanics of Deception.
The Analytics Framework To generate the synthetic imagery, interactive dialogs, and wide-scale video and image searches, I’ve utilized the following software tools and machine learning frameworks:
For the video analytics, I’ve trained the ML engine to detect known scammer characteristics such as certain car makes, fashion brands, accessories, and hand signs. The training of the model included the extraction of known objects (Image 3) as well as seeding the engine with new insight matches that were confirmed to be related to some relevant search topics. So, for example, the results from a search of a person wearing a Gucci belt buckle yields new insight that these individuals also carried certain pattered style bags. So moving forward, new searches incorporated the patterned bags into the query criteria, etc.
Image 3: A sample of graphic objects used to train the ML-based search engine used to identify fashion and other accessories with known scammer associations.
The object of interest database contained about 6K classified samples. When fully operational, the system was delivering an object match true detection rate of about 86% accuracy. The total number of objects found and confirmed as relevant was over 17K (Image 4). The total runtime for all object detection and re-classification was about 9 hours.
Image 4: A sampling of a results set for video and image searches using a combination of “dark skin shade” + “golden watch” objects.
Another type of object classification was used in combination with the BigData engine to locate certain keywords like “prepaid” and identify fashion trends like clothing styles. This included a combinations of more than 23K stop words and graphic object like shoes, shirts, pants, bags, and various accessories. The stop words were scraped from both OCR images, text, and speech to text conversion.
Image 5: An example trend detection involving “distressed Jeans”.
Image 6: An example of a trend detection involving “visible toes” footwear.
Image 7: An example of a trend detection involving car keys suspended from the belt loops.
Image 8: An example of trend detection involving daily wardrobe arrangements and custom made designer outfits and shoes belonging to the scammer “Yõüñg Blãck Amëricäñ”.
Image 9: An example of video cataloging and identification of a fashion trend of T. Adugyamfi aka “Billion$King”.
Image 10: An example of a trend detection of a “modeling” pose that is characterized by the subject facing the ground.
Image 11: An example of a trend detection of over 40 types of “hand signal” gestures.
The system flagged the matches, anomalies, and trends and then converted them into insight that was used in more complex queries. This resulted in the identification of several hundred trends such as haircuts, hand signs, body poses, footwear, clothing styles, and color palettes. One interesting anomaly turned out to be a fashion ritual that was practiced by some of the scammers where they would once a week arrange their wardrobe in coordinated outfits (Image 8) for every day of the week and post them on internal chat boards.
A key component of the searching and linkage strategy was based on face recognition and face indexing. In total, I’ve indexed about 19K unique faces that constituted the POIs, their friends, families, and associates. The face recognition ran on multiple image sources such as CCTV cameras, phone cameras, laptop cameras, off-line video files, images stored in files, and social media albums and libraries.
Image 12: Usage of Face Recognition to identify an individual in a large collection of images and reconstruct their social and professional network. Featured in the image is “Play Bowy” and his “KVNG DD” team.
All image captures in real-time from CCTV cameras, phones, and laptops were indexed and processed for object and face matches and linkage analysis. The indexed images were then used for geospatial analysis to identify the place and time of individuals and group linkage.
Objects Database The following is a summary of the objects in the inventory database:
Used for Person of Interest (POI) searches
Computer and other device IP addresses
Emails & Text Messages
Individual and group communications
Total number of individuals in the network
Make, model, and color
License plate numbers
Used for entity searches
Mobile and computer phone numbers
Account numbers and details
Phone and conference calls
General graphic objects like logos and graphics
Note on Speech to Text Conversions Even though I captured several hours of conversation via open microphones and active chats sessions, I couldn’t accurately translate large parts of the content due to a limitation in Amazon’s, and Google’s transcribe and translation support for Nigerian and Gahanna dialects. In an operational deployment, this problem can be easily solved if a native language resource was available to review and translate the materials.
Image 13: Capturing a 3-way tech support Conference
Love is in the Air It was time to get scammed. The first step was to create a fictitious person named Olga Schmatova and use her as bait. I didn’t want to use stock photographs because of their easy tractability or utilize a real person for obvious reasons, so, I resorted to creating her images synthetically. I generated several photograph versions of Olga that accounted for age and weight variation. I then created the background information that supported her cover, such as a resume, biography, diplomas, online shopping profiles, employment history, as well as several other artifacts that would ensure that even an in-depth background search would yield valid results.
Next, I created several social media, email, and dating site profiles and waited for the search engines to index her content. As soon as Olga started showing up in general internet searches, I was ready to go.
Image 15: One of Olga’s dating site profiles
Olga’s Dating Profile My name is Olga. I am friendly, fun-loving, easy-going, and kind. My friends say that I bring a smile to the people around me. I consider myself to be balanced and a calm person at the same time I am very energetic, active and purposeful. I am full of positive energy and I project it to others.
I work as an emergency room nurse, I am family oriented and soft spoken, and at the same time I am a passionate and sensual woman, with oceans of love in my heart where we can swim together.
I like handmade art, visiting museums, cooking, and music is a big relief in my life.
Ideal Match Description I want to find a man who is ready to accept my love and love me in return. I need stable and firm relations, I do not want to play with feelings or any drama. I would like to find a mature and wise man who is a doctor or a dentist who knows what he wants and can share with me some of his wisdom.
I didn’t have to wait long, within a several days I got the following hit:
Subject: Hello My 110% Match
Message: Wow was the first thing I said when I went through your pictures/ profile and I wonder why a woman like you is still single. Perhaps, all the men around you are blind (lol)…
We can hook up and hopefully, be wonderful soul mates… A little about myself. Hmmm, I am easy going and kind. When people meet me, they sense it before long. I am a military doctor with the US Army, I love epic movies cos I love adventure, stories from ancient history and anything related to real life. I love the great outdoors, hiking, swimming, and travel.
I love family a lot! My favorite saying is “never look back”. Well, the only thing lagging in my life now is that lovely woman that will follow me to my dream land. I believe ‘ONLY THOSE WHO SEEK, FIND’, and that is why I want to get to know you. I prefer direct email contact because of my deployment I don’t have access to this site at all times. Kindly email me on my gmail at the account at brandonrsmith2X@gmail.com or leave your email address. Sometimes, we are dumbfounded answering love related matters cos love is beyond human comprehension. I Hope to hear from u soon. Cheers!
Just to make sure that this wasn’t a legitimate dating ping, I responded by asking Brandon for more personal details to which after several more emails and text exchanges he eventually sent me an image of his fake military ID (image 16). From the recycled verbiage in his responses (matches for which the search spider found online), the poor grammar, typos, and the fake ID, I knew that I found my scammer;
Subject: Dearest Olga,
Message: I’m just a normal guy who is searching for real love and wants to enjoy life to the fullest, I’m an american soldier.I come from a family of 4 which is me, dad, mum and my sister.I have my own house in Florida.We were living happily until my wife was diagnose of Cancer, it was a bad experience for me and my family it shattered us, my wife leaved with it for good 6 yrs before she gave up. It was a terrible experience but i just have to move on and hoping for the best. I have a daughter who I love dearly. My favorite color is blue (sky blue), Sunday is one of the day i don’t like , I lost my wife on Sunday so i don’t feel so much happiness on that day or maybe you can help me through that.
Been in the US Army for 5 years now as a surgeon. I enjoy my job but on deployment life is hard because you are restricted to do some things but I’m used to it. I love my job and I really need a family at the moment because I think we all deserve happiness in this life, My personality is outgoing and I have a good sense of humor. I am a kind and very tender hearted person. I am loving, in fact I sometimes think that I love too deeply when I love someone. I am a very honest person. I am too trusting at times and I am loyal to my companion and friends. i have a romantic heart and I like that. I want to be respected for being a man. I like to act, dress and look like a guy. i’m looking for a nice, honest,kind and caring woman, a woman that will love and be with me for the rest of my life. I’m not looking for someone to date but someone to spend the rest of my life with. All i need from her is just being sincere to me,make me feel secured,appreciate,love,care and being understanding. My recent life has been engulfed with misery and loneliness.
Everything in life happen for a reason, my being lonely for a very long time makes me want a companion and a woman to share my feelings with, I’m in search of a soul mate to spend the rest of our life together. No one is perfect and we could only give it a trial. Though it is right for us to learn from our mistakes. Which makes us resisting and having hard time trusting again in your life. A relationship is all about TRUST, SINCERITY and HONESTY, all this Paramount fact must exist in a relationship before anything can work out of it. Faith is the substance of things not seen, but the evidence of things being hoped for, lets strengthen our faith and see where this will lead us to. You are a beautiful woman and I want to get closer to you and see maybe this will work out for us.
Image 16: Brandon’s fake military ID with scraped internet image of the Russian actor Oskar Ruchera.
Our romance lasted for about two weeks and included several exchanges of emails, voice, and text messages. I am not going to bother you with all of the details of the lengthy and steamy conversations that ensued. The skinny of it is that Brandon loved me and wanted to spend the rest of his life with me. We were going to get married in Indonesia and spend the honeymoon in Nusa Penida! All of this, of course, depended on him completing his “contract” combat deployment in Afghanistan in two years, where he served as a doctor.
Then came the con. Brandon said he could leave earlier and meet me in Indonesia, but he would have to pay the US Army an administration fee of about $20,000, which he didn’t have because all of his money was tied up in some high tech investment in Google. He promised that if I helped him with this payment, he would repay me the money with interest in no time. I then received an email from email@example.com who claimed to be one Colonel William Daniels of the US Army HR team requesting that I transfer these administrative fees to him via Western Union.
I didn’t have $20K on hand, so instead, I decided to give in to Brandon’s insistent requests for some intimate pictures of me. Following Ursula’s advice to the Little Mermaid that one should “…never underestimate the power of body language!” I sent Brandon several glamor shots of Olga. I also added some extra loving payload to the images to help take our relationship to the next level.
Image 17: Olga in a swimming suit and in and out of her little black dress.
Olga’s AI generated voice
The payload deployed successfully and the initial probe came back indicating that most machines on Brandon’s sizable local network were running Windows 7 and were unpatched. That was followed by several more payloads. I mapped his network and devices and started monitoring his internet traffic and messaging activity. Interestingly, Brandon and his team were somewhat security conscious as they were using dedicated machines for scamming and separate computers for banking and business operations and logistics. They were also careful to use burner phones for business communications and other phones for voice and internet browsing.
While taking inventory of the drives and storage media, I found a directory full of images that Brandon was using to assemble his social media profiles on what appeared to be a graphics editing machine. surprisingly, it even had a licensed version of Adobe Creative Suite. As the VA spider was sifting through these images, it flagged two anomalies. The first was the OCR’d word “Verizon LTE” (Verizon doesn’t operate in Ghana), the second was a face match on two mobile phone screenshots of a FB page that contained the fake photos of Brandon and actual photos of two scammers (Image 18).
Image 18: Phone screenshots capture used for the network entry point.
Now that I had actual faces, the FR took over and traversed the photograph datasets on his storage devices and on his and his network’s on-line profiles and filled-in the matching names, addresses, phone numbers, car license plate, make, and car color (image 19). Altogether, the data collection took about 24 hours and involved some man-in-the-loop operations like the verification of anomalies and the termination of dead-end searches.
One interesting insight from the face recognition mapping is that Brandon and other individuals on his network use multiple ‘legal’ names and alternate spellings in official government documents such as drivers licenses and passports. Brandon, for example, was using the names “Nana Osei Kwadwo Boakye”, “Osei Kwadwo Boakye”, and “Osei Kwadwo”.
Image 19: Sample from over 150 license plates, car makes, and color details collected from the scammer network.
From the keystroke logs and login schedules, it was clear that multiple operators were involved as each exhibited distinctive ‘fist’ through Keystroke dynamics. Monitoring the login activity in real-time and screenshots confirmed that many of the operators shared the login details for their ‘bait’ profile.
The Scammer Enterprise and R&R One surprising find was that the scammer operations used specialists. This makes sense because If one scammer had to carry out all of the work individually, it would take him years to develop the necessary cross-domain expertise. The substantial resource expenditure required to obtain the logistic and operational proficiency needed to support a massive scam campaign such as this would also be time consuming and intellectually prohibitive. In the scammer community, members specialize according to their interests and talents; this allows them to more rapidly reach higher levels of productivity.
The person’s roles and responsibilities in the layered scammer enterprise depend on their ranking within the organizational structure. At the lowest level, there are the ‘factory workers’ who conduct their operations in teams of 5-15 individuals in internet cafes located in the suburbs and villages surrounding Lagos and Accra. Most don’t own their equipment and pay a fee for computing resources and internet access. At the next level are the home-based operator ‘managers’ who own their equipment and manage several low-level teams. These managers are responsible for training, recruitment, mentoring, and operational support for the lower tiers.
The next level above them are the ‘supervisors’ who are responsible for maintaining proper ‘sales’ quotas, conversation rate, and logistics and the development of new scam products.
At the top of this pyramid are the kingpins who control several territories. They liaise the with senior command of law enforcement, military, media, and politicians and are considered to be the pillars of the community. They engage in wide-scale philanthropic activity such as sponsoring public works and charity.
Image 20: The opening of the new Wiamoase Police station in the Ashanti Region. Courtesy donation by Dr. Osei Kwame.
An interesting anomaly that was later confirmed to be a wide scale trend was the frequent appearance of President Obama’s picture in many of the scammer workspace images (Image 21). Seventeen out of forty workspace images exhibited this trend. It turns out that BHO is considered to be the patron saint of the scammer industry in Nigeria and Ghana and is viewed as the ultimate scamming success story that everyone is trying to emulate.
Image 21: (L-R) Tier 3 scammers “KingKash” hard at work in the office and “Baron Osty” in a live session with a mark. Many scammers keep images of President Obama in their workspace and view him as the patron saint of the craft of the scam.
The Anatomy of a Scam Based on the large volume of case data retrieved from the computers on Brandon’s network and the postmortem on these cases, it appears that many operators run hundreds of concurrent scams. In one example from January 2017- February 2018, a mid-level manager/supervisor named Asuaden Rich AKA “Goal Digger” (Image 22) operated over 105 simultaneous scams in the US alone with 40 of these scams paying over $630K USD. For these, “Goal Digger” assembled and used a library of over 300 stolen identities from Facebook and LinkedIn.
Between June 2018 and August 2018, Goal Digger spent on average 7 hours a day working 7 days a week, splitting his time between boarding new victims and maintaining active accounts.
Image 22: An illustration of the scam details run by a the tier 2 scammer “Goal Digger”.
Money Makes the Scam go Around Since most victims are too embarrassed to report their ordeals, it is difficult to calculate the exact amount of money lost each year as a result of these scams. In 2013 the estimated figure was about $12.7 billion dollars. Adjusting for a modest 10% growth per year could bring it to 20 billion dollars. So, this industry makes more than the GDP of counties like Albania, Jamaica, and Afghanistan.
Just like in any other form of illegally generated revenue, the vast amounts of money that is collected from these scams must be laundered before the money can be used. In the case of the Nigerian and Ghanan networks, most of the placement, layering, and integration activity associated with money laundering took place locally via cash purchases of luxury goods, investment in large commercial and residential real estate developments, and the purchase of drugs, arms, and human trafficking. Additionally, in at least several instances, the scams were also financing Jihadi operations in Africa and overseas.
Image 23: An example of a UK based courier services used by Brandon’s network for mailing goods and money laundering. The UK network is also affiliated with a local Stockton Jihadi mosque and recruitment center and a number of active Jihadist.
It is worthy to note that local law enforcement and financial institutions are full participants in these ventures. The scammer networks also enjoy the full support of the local media. For example, the banks and money transfer/exchange organizations that service the scammers deliberately misplace the security cameras at the branches in order to avoid capturing the faces of the scammers. They also frequently purge their VMS systems and any internal records that contain the scammer’s national identification numbers, address, or other traceable PII data.
Image 24: Nana Kwadwo picking up the cash transferred via Western Union at the Ecobank branch near Medina Estate Gbagada Lagos. Camera field of view inside the teller does not capture the customer’s face. Cameras mounted on the branch ceiling only provide a rough view of customers.
Image 25: (L-R) Daily cash withdrawals, over $500K in freshly laundered money and weekly police and political payment bundles.
Image 26: Over a million dollars transported to Nigeria from Ghana via charted flight by a tier 1 scammer.
Scammers International All of the Nigerian and Gahannan scammers networks examined show that they also maintain an international presence in many western countries like the US and Europe. These relationships are based on family members who either legally reside in the host country or arrive there on tourist visas. These relationships provide a home-based network with access to local organized crime for the purpose of local money laundering and goods transfer. For example, Brandon’s network included individuals in multiple cities in the US, England, Germany, Italy, Bulgaria, and France.
Image 27: One US node of the network.
Brandon’s network was also working closely with several local UN officials and aid organizations who either had their own or utilized UN and NGO trucks, planes, helicopters, and facilities to transport and store cash and drugs in and out of the country.
Image 28: Osei Kwadwo Boakye AKA Brandon Smith and his domestic and international scammer network.
The Derivative Economy An interesting aspect of the scammer economy is its deep integration into the local marketplace. Many of the ‘manager’ and ‘supervisor’ level scammers eventually branch out and establish a variety of legitimate businesses such as appliance and computer stores. The seed money and inventory for these ventures initially comes from the scams, but eventually as these ventures mature and develop a customer base and revenue traction they switch and operate as legitimate businesses. In one illustrative example, a scammer named “Ruona Fundz” built a small retail empire of 6 electronic stores (Image 28), all of which were managed and operated by his extended family.
Image 29: Reselling the loot, the electronics retail empire of “Ruona Fundz”.
Network Structure and Communications All cybercrime networks depend on the contributions of a wide cast of professionals working in concert including malware developers, scriptwriters, customer-facing operators, spammers, botnet masters, payment processors, IT, InfoSec, and, finance. These communities require efficient and reliable methods to collaborate, communicate, and coordinate by sharing tips and tricks that help them defeat security measures and evade detection.
The stratified division of labor in the scammer networks allows actors to specialize in domains for which they have natural talent. This facilitates ‘personal growth’ and the achievement of the level of expertise in their particular area of specialization beyond what could be accomplished if they were responsible for all of the elements in the scam chain. Also, the acquisition of human talent is simplified because the professional barrier of entry is lower for newcomers. As the recruits don’t have to spend significant time and money, building the capacity themselves and just have to purchase a starter kit and be productive immediately.
The traditional meeting place for cybercriminals used to be online messaging boards or web forums. There, scammers would get together, obtain support, buy technical tools like phishing kits and malware, and sell their illicit gains. Due to the effective shutdown of many of these sites by western law enforcement, this is no longer the case. This resulted in the wholesale migration of the scammer community to various peer-to-peer (P2P) messaging platforms.
The majority of the scammers on Brandon’s’ network utilized one or more of the following tools for their business communions:
Burner Phone messaging
Social Media messaging
Image 30: Bogus postings of an obituary used for email, user ID, and password exchanges.
The Scammer InfoSec Brandon’s network had a playbook for information security that included pointers on how to secure voice and data communicators (via encrypted channels like Skype and WhatsApp) and even advice on maintaining anonymity on social media. For example, some recommendations included best practices, such as:
Using burner phones for all business exchanges. The burner phones are typically recycled every 3 months
Obfuscating their car license plate numbers in images that they share on social media
Always using aliases and never use their actual name in any online communication
Obscuring the house number and street name in images uploaded to social media
Recycle work computers once a year
Not traveling internationally especially in the US with any ‘work’ equipment
Disabling Geo-Tagging and GPS tracking on cellphones
Interestingly, most individuals in the network opted not to follow many of the InfoSec safeguards and precautions. In several cases, Ghana-based laptops showed up in Europe and the US. The exit nodes of these were not TOR based, and they used local hotel and residential ISPs. In two examples, laptops that belonged to “Prince Pero” and “Halid The-General” that were used for dating site scamming activity in Ghana, beaconed an IP address in Marietta, GA, and Chicago, IL. From IP address history and use, it appears that their owners came to the US, traveled there for 2-4 weeks, then headed back to Ghana, all the while continuing to scam their victims.
Image 31: Extensive use of burner phones for internal communications and coordination.
Image 32: An example of a car license plate obfuscation by scammers in order to prevent traceability on images posted to social media.
Summary of Findings When I started the search, I only expected to identify a handful of enterprising individuals that ran these types of scams from an internet cafe or their basement. But I was wrong. I was taken aback by the sheer scale and sophistication of these operations and the amount of revenue they generate. It also became clear that these scams are not private operations that are run by some enterprising individuals but rather a national industry that involves banking, law enforcement, the media, some UN bodies (mostly local), politicians, and local and international corporations across multiple jurisdictions.
Tracing the 1-degree operator network in the city of Madina in Ghana alone yielded over 10K individuals (total city population is about 132K) that were directly active in scamming. This represents about 7.5% of the total city population. A 2-degree linkage would triple this figure. If we account for a similar distribution across the whole of Ghana, we could potentially be looking at 15%-30% of the entire population working in or supporting scamming as a national industry. And these numbers don’t account for the impact that hundreds of millions of dollars have on the overall Ghana’s economy and political structure. It is revealing that the official 2016 -Statistical-Report-Ministry-Of-Employment-and-Labor Ghana report completely ignores this phenomenon and fails to account for this market segment/industry as a major source of national revenue.
Most of the scammers identified in the analysis fit into a specific age and socio-economic cross sections. They are between 14-30 years old, and the majority have some high school education. Many had IT training through a local network of centers called IPMC. Only a handful have college degrees, and these are mostly supervisors. The majority of the member of the network come from the surrounding villages and towns around Accra, Abuja, and Lagos.
Scamming is a family business and is based on personal relationships; this is especially the case for the low-level operators. Many of them arrive to the city in search of fame and fortune from smaller villages and live in crowded rentals with as many as 5-10 per room.
Image 33: “Baron Norway” and his Tier-3 “Rich Boys” team chillin’ out.
The operations have a quasi-hierarchical and fluid structure that is based on tiers. These tiers are roughly divided to the low-level teams (tier-4-5) that work in the internet cafés (which are owned by the tier-1-2 operators). They are responsible for creating the on-line profiles and generating the leads and the constant cash flow. The tier-2-3 have management responsibilities and run multiple production facilities that can range from 10-50 tier 4-5 operators. They are responsible for recruitment, training, and meeting sales quotas. The tier-1 group sits at the top of the pyramid and managers multiple tier-2-3 managers. They finance the overall operations, provide the political and security coverage, and also collect the bulk of the revenue from their territories.
Image 34: The scammer tier hierarchy.
This tiered structure is, to a large degree, merit based and provides for constant upward mobility. In many ways it resembles a classic sales organization: the more you sell, the higher your commission is and the faster you move up to a more lucrative tier. It is not unusual to see a tier-5 operator move to tier-2 level in just a few years.
Image 35: From rags to riches in 4 easy steps. The Cinderella success story of “Goal Digger”
The tier-1 operators only function in specific territories that are controlled by the police and politicians. They have strict “payment” responsibilities for their territory.
Image 36: Examples of some of the sweet rides owned by the tier-1 and 2 scammers. The cars are exclusively Mercedes, Lexus, Land Rover, or Porsche.
The revenue collection is controlled by a strict commission structure with every individual who is involved in the supply chain taking his cut based on the following rates per transaction.
Commission Per Transaction in Percent
Military (if involved)
The police provides the security services to protect the carriers and money as it’s transferred to various locations in the city. The police will also provide the scammers with additional for fee ‘anti-robbery’ protection to ensure that nonaffiliated gangs won’t whack them en route from and to the bank.
One illustrative case for this protective service (Image 36) is the altercation between the police officer Frederick Amanor Godzi and Ms. Patience Osafo at Midland bank branch in Ghana. The popular explanation for the beating she received was that she was at the bank trying to withdraw about $50 USD to buy some food for her baby grandchild and that the bank refused to give her the money. This lead to an argument with the bank manager who called the police. The policeman then proceeded to beat her up and literally kick her out of the bank. But the internal communications suggest that she was working as a lookout for an armed gang that was waiting nearby for scammers to come into the bank to withdraw large amounts of cash.
Image 37: Police beating at the Midland bank and “Crym Payys” and “Da General’s” doing the weekly cash runs.
After the initial public outcry that followed the posting of the violent video on social media, the court and the police ended up dismissing all charges against the policeman and the bank employees. The reason given was that the victim failed to appear in court to testify and cooperate with the police investigation. Ms. Osafo ended up getting a new luxury house as compensation and the bank officials even released the following statement:
“We just closed a generous offer that removes her from the ‘kiosk’ to owning a brand new house, and from the streets hawking toffees to now owning multiple bank accounts“
Ironically, Ms. Osafo’s house as well as several other developments in the Fettah Kakabra Top King estate were funded by scammer investment money.
This form of collusion between politicians, justice officials, law enforcement, and the financial institution where they ‘work things out privately’ seems to be the norm in scammer land and at least partially explains why these environments are so fertile in supporting the massive growth of the scamming industry in these countries.
Image 38: The main characters of the Midland Bank police beating saga.
Law Enforcement and Scamming The police strictly enforces ‘permits’ to operate and the payment of commissions from the scammers by partnering with the money exchanges and financial institutions. For example, the security guards employed by the electronic payment vendors are also responsible for collecting a copy of each money transfer invoice that is cashed to ensure proper accounting of all payments. As can be seen from Image 39, the failure to pay or any attempts of cheating is dealt with promptly and severely.
Image 39: Money collection and the payment of ‘protection money’.
The payment to the scammers varies based on KPI such as closing rate, month to month performance, and seniority. The banks, police, and other facilitators such as the UN/NGOs, and politicians typically deduct their commissions at the teller. What is left is then distributed among the hierarchy on a weekly basis. The final form of payment can take different forms including cash (in local or foreign currency), drugs, or even gold bars.
Image 40: Forms of payment include pre-paid bank cards (Access Bank), gold bars, cash, pre-paid cards, drugs, electronic funds transfer, pre-paid ecommerce cards, laptops, and phones.
Image 41: Example of large scale money laundering operations through investment in residential development projects in Ghana. The Qyarifa development, one of dozen such projects cleared over $12 million USD through the sale of units each going for $65K-$100K USD.
Image 42: International travel and coordination with local scammer teams. Global scammer networks are located in many major cities in the US, Europe, and Asia
Image 43: “Crym Payys” at home piling up the cash and bling.
There is no silver bullet solution for keeping vulnerable individuals safe online but there is a lot that we can do to strengthen our ability to disrupt and destroy the scammer networks. International cooperation is important in tackling this ever-growing form of cybercrime but ultimately it is important to remember that some UN personnel, diplomats, government policymakers, NGO’s, politicians, media, and local law enforcement officials in the host countries are the largest financial beneficiaries of this industry and are themselves part of the problem.
As the data suggest, the solution to the scammer challenge is not to use more law enforcement to post-fact persecute the perpetrators but rather to preemptively disrupt and destroy these networks before they become operational or drain them financially once they are active. This is a classic OODA loop problem that every large western intelligence organization deals with every day. Even the scope of gathering, processing, and analyzing national security information from around the world fits in squarely with the capabilities and charter of agencies like the CIA and NSA which already collect this type of intelligence and operate on it in similar environments internationally.
The public attitudes toward cyber scammers influences the way that government, law enforcement and commercial companies regard cybersecurity in general. If they think that the public does not perceive cyber scamming to be a serious threat to their personal wellbeing, then they won’t place a high priority on regulation, enforcement, and platform security.
Although history doesn’t repeat the same exact tune, it does tend to play the same scales over and over again. In 75 BCE, the 25-year-old Julius Caesar was sailing the Aegean Sea when he was kidnapped by Cilician pirates. According to Plutarch, the pirates asked for a hefty ransom for his release and Caesar sent several of his friends to Rome to gather the silver, a task that took 38 days. Caesar told the pirates that after he was set free, he would hunt them down and hang them. Once he was freed, he made good on that promise: he quickly raised a fleet in Miletus and went right back to Pergamon where he had been held captive. He captured the pirates and as he promised ordered that they be crucified.
The moral of the story is that cybercrime is the modern version of piracy and the only effective way to deal with it is with diligence and force. The pirate infestation of the cost of Somalia is a good illustration of what happens when these type of problems are not dealt with promptly. The current approach of trying to combat international on-line fraud by relying on international treaties, the Interpol, and UN resolutions amounts to little more than standing in a malaria-infested swamp and swatting at individual mosquitos.
You can rest assured that there is no need for Caesar’s brutal form of punishment to solve this problem. Following these six easy steps is guaranteed to quickly drain the international scammer swamp:
Place OFAC sanctions against key cybercrime, political, UN, NGO, and law enforcement personal involved in the scamming activity.
Shutdown the access of the cybercrime facilitating states to internet services like SWIFT, Airline Reservations System, etc. for several days/weeks as a warning.
Start an international media campaign to inform the scammer sponsoring governments that their continues support for this industry would have severe consequences to their economy.
Create and maintain a real-time database (using a framework such as demonstrated here) of all known scammers and arrest them when they attempt to travel internationally. The required bond for their release should be the total amount they scammed plus interest. That money should then be electronically transferred back to the victim’s accounts.
Charge the management of the dating sites and social media hosters that so far have done little to combat this phenomenon with negligence and open them to civil actions by their customer victims.
Bring RICO, mail and wire fraud, and money laundering charges against the C-level executives/board members of the US-based money transfer companies that are the lifeblood of these scams.
Finally, If you are reading this Captain Brandon, it was fun while it lasted, but I don’t think that this relationship is going to work out, it just wasn’t meant to be chéri.
Fresh of the lathe and CNC machine, a 4140 chrome-moly steel, 42” octagonal barrel, 45 caliber, and a 1:56 twist rate with 8 groves. Maple stock, brass patch box, and adjustable iron sights. She is a beauty.
Keep your bony AR chick, I like mine with some meat, My curvy Can-tuck-ee girl, always sweeps me off my feet.
I love her lines and the solid weight of her body, She’s a straight shooter, never vain or haughty.
Her dark maple wood stock, In my arms it lies content, Her black powder perfume, intoxicates me with its scent.
She is a thrifty girl, takes sixty grains of powder, that is all, Down her 42” grooved barrel slides the ramrod patch and ball.
I align the plain iron sights and gently pull her set trigger, She instantly recoils with a youthful vim and vigor.
Practice, patience, and discipline, these are her demands, A tight grouping at two hundred yards requires loving hands.
An Ironsides cavalry cornet flag with the inscription ASCENDIA [INCENDIA] CVRA SIONIS “Ascend to the help of Zion” or “Burning with the desire to help Zion”.
The Soldier’s Pocket Bible was issued to Cromwell’s New Model Army in 1643. It came in pamphlet edition and was a condensed version of the Protestant Bible. The booklet octavo format was 5½” × 3″ in size, had 16 pages and a total of 150 war related verses from the Bible.
Cromwell’s soldiers, nicknamed “the Ironsides” in recognition of their fortitude kept the Pocket Bible in a buttoned pocket on the inside waistcoat—near the heart—under the outer leather buff coat. They would go into battle singing hymns like Psalms 46:7“The Lord of hosts is with us, the God of Jacob is our Refuge.”
In an era where military leadership came from wealthy aristocratic families, Cromwell revolutionized the constellation of the parliamentary army by meritoriously appointing men of humble origin and strong Puritan convictions as officers in his cavalry regiment. These man, in turn, recruited similar minded individuals who eventually formed the core of the New Model Army.
Cromwell attributed his army’s almost unbroken chain of victories against the superior and better equipped royalist forces to their moral superiority and to G-d’s favorable intervention. In true biblical fashion, he lead cavalry charges himself and applied a strict ethical code to everyday conduct. At camp, the soldiers didn’t get drunk or gamble and were instructed in general to behave decently with orders such as:
“A Souldier must not doe wickedly”
Following strict, self imposed battlefield discipline, his soldiers did not rape, pillage, nor partake in the spoils of war. This is unusual considering the atrocities that other European armies were perpetuating on each other and inflicting on the civilian population during the contemporary Thirty Years’ War.
Image 2: Mass executions during the Thirty Years’ War – Jacques Callot: “The miseries and misfortunes of war” The text reads: ‘Finally these infamous and abandoned thieves [soldiers who plundered and raped], hanging from this tree like wretched fruit, show that crime (horrible and black species) is itself the instrument of shame and vengeance, and that it is the fate of corrupt men to experience the justice of heaven sooner or later.’
Cromwell’s extraordinary practices and the quality of soldiers they produced weren’t confined to the English Civil War. As the English Puritans immigrated to America in the mid to late 1600s, they brought these ideals with them.
Fast forward the clock by 130 years to June 17th, 1775, the eve of the go/no-go engagement of the American revolution. Posted at Breeds Hill was one Francis Merrifield. Previously, Merrifield served with the New England Ipswich militia at Ticonderoga in the French and Indian War in 1759. After hostilities with England began in April 19th 1775, Merrifield was part of the force that pursued British soldiers retreating from the battles of Lexington and Concord. Just like the Ironsides of Cromwell’s day, he too carried his bible into battle, fighting as a sergeant at Bunker Hill in the company of Captain Nathaniel Wade in Colonel Moses Little’s regiment.
Merrifield inscribed his experience on the verso of the New Testament title page and on the inside back cover, thanking G-d for his safe deliverance from the battlefield and the details of his regiment and the serial number of his musket.
The inscription reads:
“1775. Cambridge, June 17th. A batel fought on bunkers hill, on Saterday in the afternoon, which lasted an hour and a quarter, two men were wounded, and … the number of my gun, one hundred eighty three, 183, the seventeenth Rigement, 17.“
“Cambridge, Jun 17 1775. I desire to bless God for his Kind aperince in delivering me and sparing my life in the late battle fought on Bunker’s Hill. I desire to devote this spared life to His glory and honour. In witness my hand, Francis Merrifield.“
Image 3: Francis Merrifield’s Bible
It is noteworthy just how far reaching Cromwell’s influence has been on the concept of ‘the citizen soldier’, a stable English parliamentary system, the American and French Revolutions, and the formation of every modern republic variant since.
We trace many of the revolutionary republican ideas to individuals such as Adams, Franklin, Warren, and Rousseau, but its easy to overlook the fact that the core concepts of this ideology such taxation with representation are steeped in Cromwell’s social, religious, and political policies. It was Cromwell’s refusal to become a king that later inspired Washington to follow in his footsteps and go into retirement in 1797. It also inspired John Stark’s and Thomas Jefferson’s resistance to the American Cincinnatus movement, which they viewed as an imitation of the old-world inherited form of aristocracy. Subsequently, it was this mindset that enabled congress to set term limits on the presidency 150 years later in 1947.
Most of us also misattribute the concept of natural rights of life, liberty, and property to John Locke. But Locke, was only a wee one year old baby (his father served as a captain in Cromwell’s cavalry) when Cromwell was already hard at work implementing what he termed “freeborn rights” which he defined as the G-d given rights that every human has at birth, as opposed to the rights bestowed on them by government or by human law. Echoing Cromwell sentiment, John Stark just before the 1777 battle of Bennington told his troops that they were fighting for their “natural born rights as Englishmen”.
Without Cromwell’s successful challenge to the belief in the divine right of kings which he based on 1 Samuel 8:11-18 and the execution of Charles I, it is unlikely that King George III would have ever been challenged with the list of grievances and labeled a tyrant or that Luis the XVI would have been guillotined.
Image 4: (L-R) The execution of Charles I (1649), the toppling of George III lead statue in New York (1776), the execution of Luis XVI (1793)
It seems that history has a well developed sense of Irony, during the English civil war, the royal party known as the cavaliers referred to Cromwell’s army with the derogatory term “roundheads”. This mucking nickname first described the soldiers, and then the whole Parliamentary party. The term arose, from the puritan custom of getting buzz cuts. This was done to demonstrate their contempt for stylish hairdressing. This practice was in contrast to the long flowing hair styles of the royalist. Instead of getting offended, the parliamentarians embraced it. A roundhead, announced one pamphlet, was “a good, honest, zealous, and true protestant’, called by God to do his work.”
100 years later, in 1754, during the French Indian wars, the British came up with another coiffure related pejorative term “Yankee doodle” to describe the colonists of New England, insinuating that they were uncouth, low-class men lacking a sense of style and masculinity. The New Englanders, just like the roundheads, happily adapted the term and used it proudly.
Yankee Doodle is the tune That we all delight in; It suits for feasts, it suits for fun, And just as well for fightin’.
Cromwell’s words about “A Souldier must not doe wickedly” also aged well with the passage of time, almost 300 years after they were put down in writing, Colonel Theodore Roosevelt, the 26th president of the United States, wrote in his preface to the soldier’s bible:
“LOVE MERCY; treat prisoners well, succor the wounded, treat every woman as if she was your sister, care for the little children, and be tender to the old and helpless.”
The word indeed is mightier than the sword!
Image 5: Military Pocket bibles
The following is a full copy of the original 1643 Soldiers Pocket Bible. The footnote section at the bottom of the post has a link to the printable PDF version.
1861 Edition of The Soldier’s Pocket Bible – South Carolina Tract Society The Soldier’s pocket Bible: issued for the use of the army of Oliver Cromwell. The Soldier’s pocket Bible, containing the most (if not all) of those places contained in Holy Scripture, which do show the qualifications of his inner man that is a fit soldier to fight the Lord’s battles, both before the fight, in the fight, and after the fight: which scriptures are reduced to several heads, and fitly applied to the soldier’s several occasions, and so may supply the want of the whole Bible, which a soldier cannot conveniently carry about him; and may be also useful for any Christian to meditate upon, now in this miserable time of war : with the soldier’s prayer, and battle hymn.
Map of the Battle of Bunker Hill Breeds Hill is located at the center right
Yankee Doodle Dandy in the 18th century style – The Towpath Volunteers Fife and Drum Corps
Despising pomp and vain parade, At home you stay, while France and Spain The secret, ardent wish convey’d, And hail’d you to their shores in vain: In Vernon’s groves you shun the throne, Admir’d by kings, but seen by none.
President Woodrow Wilsons’s Preface to the World War I Soldier’s Bible
Colonel Theodor Roosevelt’s Preface to the Soldier’s Bible
President Franklin D. Roosevelt’s Preface to the WW II Soldier’s Bible
1914-1917 Private George Ford’s pocket bible carried by him to the battle of the Somme