Some of the things I've been thinking about and trying to connect:

• Not Kevin's informaton at StrangelyPerfect.tv  showing many negative option scams set up companies in the UK (details here)
• The recent Trend Micro paper detailing a cybercrime hub operating out of Estonia which extends into Europe and the United States (pdf available here)
• The potential significance of hidden negative option "bizop kit" victims alleging the presence of  trojan horses on the CDs they received in the mail
• The economic relationship between Estonia and The Isle of Man

AGAIN – these are very loosely connected thoughts…or maybe not even connected at all…in fact I don't even present any possible conclusions

Today I was asking Lynndel Edgington of Eagle Research Associates about a comment Not Kevin made over at StrangelyPerfect.tv:

"Setting up a UK Ltd company at Companies House is very easy and no they don’t ask for proof of id or anything. You only need to register for Vat if/when your turnover exceeds a certain amount, so that comes after registration (if at all).
There are however quite strict regulations about your obligations as a Director, filing accounts on time etc. See:
http://www.businesslink.gov.uk/bdotg/action/layer?topicId=1073870537

Not sure how these companies would get their stuff from Companies House if they are using false addresses, filing accounts for all those companies would be a nightmare too (if done properly) – which is another reason it’s odd that there are so many of them which just multiplies the work and could make it very confusing! Perhaps they are not planning to stick around long enough to bother with legalities like filing accounts!? (Allegedly) (You can be in business for around 18 months I think before your first years accounts are due)."

I suggest you read the full discussion here to get the full context.

As Lynndel pointed out, Not Kevin really answered his own question:

(Lynndel): "They don't plan on being around long enough to worry about reports/accounts are due.  This is get in quick, get the cash and get out before the authorities come calling.  The only ones who get caught are those who get greedy and try to milk it longer than they should.  They forget they can wait a couple of months, and then do it all over with a new name and a slightly different look and do it all over again."

Seemingly related to all of this is the fascinating research recently performed by Griffith University's Professor Jason Sharman

Which appears to indicate that the U.S. and the U.K. themselves may be the "dirtiest tax havens" which is fascinating as Sharman concludes:

""The United States, Great Britain and other OECD states have chosen not to comply with the international standards which they have been largely responsible for putting in place."

According to Switzerland's Le Temps Newspaper:

"With a small budget, and using classified ads that proliferate on the Internet or in the press, this professor of the Center for Governance and Public Policy at Griffith University (Australia) made bids to set up shell companies in 22 countries — some labeled as tax havens; others are very respectable members of the OECD."

The following are excerpted from Jason Sharman's presentation of his key findings of his recent study:

Summary of the research

"The research involved electronically soliciting offers of anonymous corporate vehicles from 45 different corporate service providers in 22 different countries, and collating the various responses. Anonymous shell companies in isolation can sometimes be useful in disguising financial crime, but generally depend on associated bank accounts. And so the next step was trying to set up bank accounts linked to these shell companies. To the extent that the shell companies are anonymous (that is, where the beneficial owner remains unknown), the bank account will also be de facto anonymous. Seventeen of the 45 attempts to solicit anonymous corporate vehicles met with success. Of these, 13 of 17 successful approaches were to service providers in OECD countries (seven in the UK, four in the United States, one in Spain, and one in Canada). This compared with only four service providers of 28 willing to provide anonymous shell companies in countries often identified as ‘tax havens’
(Hong Kong, Singapore, Belize and Uruguay)."

Interesting details from Jason Sharman's research:

• "In 2009, the author was able to create a Nevada company and then open an account at one of America’s most prominent banks with
  only a scanned copy of a driver’s licence." 
• "the author purchased an anonymous England and Wales company for GBP515, incorporated within a day"
• The Economist highlighted the following amazing finding from Sharman's study:
  • "One example was Britain, where in 45 minutes on the internet he formed a company without providing identification, was issued with bearer shares (which have been almost universally outlawed because they confer completely anonymous ownership) as well as nominee directors and a secretary. All was achieved at a cost of £515.95 ($753)."

Constantly changing names as a keystone to a "business model"

This isn't really anything new, but I really enjoyed the wording the authors of the Trend Micro Cybercrime Hub report used to describe it:"The criminal outfit uses a lot of daughter companies that operate in Europe and in the United States. These daughter companies’ names quickly get the heat when they become involved in Internet abuse and other cybercrimes. They disappear after getting bad publicity or when upstream providers terminate their contracts. This does not cause much harm to the operation as a whole, however, as the same cybercriminal just continues its business under a new name. In fact, constantly changing names is part of the company’s business model"

The potential significance of hidden negative option "bizop kit" victims alleging the presence of viruses and/or trojan horses on the CD-Roms they received in the mail

There were several comments made on various sites that the bizop kit CDs contained trojan horses, which can be used to steal data or as the Trend Micro paper reveals –  hijack Google queries and even seamlessly replace advertisements on legitimate sites.

Of course a trojan horse would always be a concern, but imagine if the cybercriminal organization behind the planting of trojan horses operated out of a country where credit card fraud and internet-based financial fraud were ongoing concerns.

I have no idea if any of the allegations about the trojans were true or how pervasive the allegations were.

According to the U.S. Department of State's information on Estonia:

"Credit card fraud is an ongoing concern, as is Internet-based financial fraud and “Internet dating” fraud.  Travelers should take precautions to safeguard their credit cards and report any suspected unauthorized transaction to the credit card company immediately.  Racially motivated verbal harassment and, on occasion, physical assault of Americans and other nationals of non-Caucasian ethnicity has occurred.   If an incident occurs, it should be reported to the police and to the Embassy."

The economic relationship between Estonia and The Isle of Man

This is significantly outside my scope of expertise so I could be completely grasping at straws here or someone may look at it and wonder why I'm stating the obvious:

• Estonia is a country where credit card fraud and internet-based financial fraud are ongoing concerns
• Isle of Man (IOM) is a self-governing British Crown Dependency where offshore banking is a key sector of the economy and according to the IOM government is developing a global reputation for a diverse array of niche, quality sectors including:
  • High-tech manufacturing
  • E-Business
  • E-Gaming
  • Ship and super yacht management
  • Aircraft registration
  • Agricultural and fisheries produce
  • Film and television production
  • Space commerce
  • Entrepreneur/trading gateway
• In it's most recently "report card" on the Isle of Man's observance of AML/CFT (Anti-Money Laundering and Combating the Financing of Terrorism) the IMF expressed concerns about Customer Due Diligence (CDD) measures (see item 30 here), where one of the observations is:
  • "It was not evident to the assessors in all cases that the financial institutions were taking fully into account the increased risk of dealing on such a scale with nonresident non face-to-face business, and the assessors noted an uneven level of controls in practice in some institutions when relying on third parties to have properly conducted CDD measures."
• The recent agreement between the IOM government and the Estonian government:
  • "The agreement between the two governments is based on the model published by the Organisation for Economic Co-operation and Development (OECD). In addition to this agreement signalling that the Isle of Man and Estonia wish to develop their bilateral economic relations, the DTA will also act to prevent tax evasion, and delivers the OECD’s agreed international standard on tax transparency and exchange of information."

At this point I still have no idea if there are any real connections between all of this data