News of Frauds in India & World - Created by Piyush Sood: 2008

Thursday, July 17, 2008

Another ATM fraud: Woman loses Rs 25,000 - Expressindia.com - 17 Jul 2008

Pune, July 16 A woman lost Rs 25,000 to an ATM card fraud on Sunday soon. The victim, Trupti Nitin Menvelkar (39) of Tejas Society, Kothrud has lodged a complaint with the Kothrud police station.
Police said Trupti and her husband had gone for a movie at City Pride theatre on Saturday evening.

While coming back from the cinema hall, she lost her wallet carrying her ICICI bank ATM card. On Sunday, she received an SMS from the ICICI bank that Rs 25,000 has been withdrawn from her account in three transactions.

Trupti has told the police that her ATM card was blocked around 12.30 pm on Sunday. While the money was withdrawn from her account around 1.15 pm.

Investigation officer D A Walimbe said that money was withdrawn from the ATM centres in the city.

"The ATM centres were installed with CCTV cameras. So we have asked the bank to get the video clips of the time when money was withdrawn," he said.

Walimbe said that Trupti works with a private company. She has an account with Apte road branch of ICICI.

Russian Coreflood Gang targets online bank accounts - news.yahoo.com - 16 Jul 2008

Call them the Coreflood Gang. A ring of cyber bank robbers from southern Russia has quietly perfected a way to get a beachhead inside company networks.

Once inside, it infects every PC within reach with a custom-made data-stealing program called Coreflood. The goal: go rip off bank accounts online.

Over the past 16 months, the Coreflood Gang has infected swaths of PCs inside thousands of companies, hospitals, universities and government agencies, says SecureWorks researcher Joe Stewart, who has tracked and documented the spread of Coreflood over that period.

"It's spying on you, capturing your log-ons, user names, passwords, bank balances, contents of your e-mail," Stewart says. "It can capture anything."

Coreflood is part of a class of malicious software, called banking trojans, designed primarily to help crooks break into bank accounts online. The number of banking trojans detected on the Internet this month topped 24,800, up from 3,342 at the start of 2006, security firm F-Secure says.

An infection usually starts when you visit a Web page implanted with a snippet of malicious coding. By simply navigating to the tainted page, your browser gets redirected, unseen, to a hub server that downloads the data-stealing program onto your hard drive.

Dozens of gangs specialize in banking trojans. They have it much easier than phishing scammers, who must lure victims into typing sensitive data on spoofed Web pages, says F-Secure researcher Patrik Runald.

"This is very organized crime," Runald says. "These gangs are hiring people and making tons of money."

The Coreflood Gang is among the most sophisticated. Stewart recently analyzed 500 gigabytes of stolen data stored on a rented hub server. He pinpointed 378,758 Coreflood infections inside thousands of organizations, small and large.

A workplace PC can get a new infection each time someone logs on. The most infections: a county school district with 31,425, a hotel chain with 14,093 and a health care company with 6,744. About 230 networks turned up with 50 or more Coreflood infections, while 35 networks each had 500 or more.

Gang members cull the stolen data for log-ons and account statements, especially bank accounts online with high balances. Next, they log into the accounts and make online cash transfers into "drop" accounts they control.

After having two hub servers shut down by the tech security community in May, the Coreflood Gang rented two new hubs and picked up where they left off. Today, they continue operations unimpeded, says Stewart.

Companies infiltrated by the Coreflood Gang need to rethink how they do network security. Employees surfing the Internet on work PCs ought to take pause. "If you don't understand the threats that are out there, then you probably should not be banking online," Stewart says.

By Byron Acohido, USA TODAY

A Monster Phishing Scam - news.digitaltrends.com - 16 Jul 2008

Security analysts have warned users of the Monster.com website of a phishing attack by Turkish hackers.

Almost a year ago hackers stole the details of 1.3 million users from Monster.com. Even more recently a group used an identity harvesting tool to extract information from resumes posted on Monster and other job sites.

Now a security analyst a McAfee, Greg day, has issued a warning of a new phishing attack at Monster.com that targets both recruiters and those looking for jobs, according to Vnunet.

Day said:

"Scammers are trying more and more diverse and sophisticated techniques to obtain information that can be of financial reward.

"With concerns about potential job cutbacks, many people are looking to the internet to find potential employment opportunities and see what's available to provide some reassurance in the current climate.

"Unfortunately, scammers are getting wise to this as we have seen with a recent influx of phishing attacks looking to steal personal details by gaining access to online job hunting profiles or tempting victims with information of potential jobs."

The sam involves e-mails purportedly from Monster.com sent to users, urging them to click on a link to update their profiles. McAfee has traced the attack back to a Turkish botnet, but said that if they’re able to obtain plenty of resumes, the potential for ID theft is large.

International Fraud Case Has Local Ties - kcra.com - 15 Jul 2008

Women Known As 'Richmond Girls' Arrested

RICHMOND, Calif. -- An international crime ring involving more than a $1 million worth of credit card fraud has ties to the Central Valley, police said.

Police arrested six women from the Bay Area who were allegedly targeting 10 Central Valley stores in a credit card fraud scheme.

Officials of the Sacramento Valley High Tech Crimes Task Force said the group of women, called the "Richmond Girls," are responsible for $1 million in fraudulent credit card transactions in the past six months.

The women allegedly used credit card encoders to recode gift cards that were used at stores like Target and Wal-Mart along Interstate 80 between Roseville and the Bay Area, police said.

Police said they think the women are somehow connected to Ukrainian and Russian identity theft rings, who would e-mail the women credit card account numbers stolen from at least 400 U.S. and foreign citizens, according to investigators.

"We definitely think the ring is bigger than six," said task force spokesman Sean Smith. "I don't want to give too many details since it's an active investigation, but it is a significantly larger number than six people."

The "Richmond Girls" face 180 felony counts, officials said.

Police say largest case of credit card fraud in memory - news8austin.com - 16 Jul 2008

The San Marcos Police have made two arrests in what they say is the largest case of credit card fraud in memory.

The evidence room at the San Marcos Police Department looks like an electronics store.

When police arrested the men, they had 50 credit cards and close to $30,000 in video games, mp3 players, computers and movies.

San Marcos Police Commander Terry Nichols said it took hours to log the evidence.

"When you find that they have over 50 credit cards in their
possession and all the merchandise, we knew this was going to be a much bigger case," he said.

Investigators said Hector Gomez, 37, of Guadalajara, and Gabriel Rivas, 31, of Mexico City, made frequent shopping trips to Central Texas.

During each trip, they'd buy thousands of dollars in electronics.

"[He] buys it with fraudulent credit cards in the United States, ships it to Mexico and then resells it," Nichols said.

Police said the credit cards with the suspects' names on them were phony, but the electronic data on the cards were linked to victims' accounts.

Police are still working to identify those victims.

Experts say there are things you can do to protect yourself from this type of fraud.

First, if you use you card online, make sure the site is secure. When using card at a business, watch your card during the transaction.

Hays County District Attorney Sherri Tibbe said you should check your statements carefully.

"You have to be very vigilant with your information. Constantly check your account. If you see fraudulent activity, cancel the account immediately and notify law enforcement," she said.

By Russell Wilde

Wednesday, July 16, 2008

Beware! Your online tax records 'can be hacked' - Sify.com - 15 Jul 2008

If you are thinking of filing your income tax returns online, think twice. It is very easy for anyone to hack into your account and have access to your income tax details.

How can this be done? All a hacker needs to know is your name, permanent account number (PAN) and your date of birth.

He first needs to log onto the e-filing website (https:www.incometaxindiaefiling.gov.in).

A ‘taxing’ exercise indeed! | Double pension tax liability | More India business stories | Get the latest Sensex update

After this, all he needs to do is click on the login link and then click on the 'forgot password' link that appears. Having clicked on the 'forgot password' link, a screen that allows him to change the password appears. There the hacker needs to choose method 1.

In order to change the password, the hacker first needs to know the login. The login in this case is the individual's PAN.

After entering the login data, he needs to enter your name and then finally your date of birth, or date of incorporation in case of a Hindu undivided family (HUF).

This done, he needs to enter the new password twice and click on the reset password button. And, voila, he has hacked your account. It is as simple as that.

After changing the password, he can access the account using the new password and have access to your tax records. This would include information like your gross income for the year, the amount of tax saving investments you made, the amount of tax deducted at source and the tax refund you may get. He would also have access to your phone number and address

Vivek Kaul/ DNA MONEY

Criminal methodologies: Identity theft - merinews.com - 15 Jul 2008

THE VAST majority of identity fraud victims (68 per cent) incur no out of-pocket expenses. This points out that businesses are victims of fraud. The aim of this paper is to provide some clarity to the real losses sustained by organisations whose customers experience identity theft. This fraudulent behaviour by criminals erodes the reputation and profits of institutions, which I am calling ’institutional identity theft’. I also want to offer to the reader some of the best policies, procedures, and solutions to reduce your risk to institutional identity theft. Identity theft is a catch-all term for crimes involving illegal usage of another individual’s identity. The most common form of identity theft is credit card fraud.

Identity theft is often looked at as an individual’s problem. You know, something that consumers have to worry about. However, organisations often spend a lot of time, effort, and money trying to prevent their customers from experiencing it. The reason for this is because if customers of these organisations experience identity theft sometimes due to negligence or lack of proper security controls, and other times at no fault of their own, the organisation has to face several consequences. These consequences often include loss of customers, reduced client loyalty and trust, reparation costs including credit repair and monitoring fees, as well as hard costs (reissue fees, account reimbursements, insurance fees). In 2007, 9.4 million American citizens were victims of identity fraud with loses totaling more than 49.3 billion.

Nearly a quarter of a million identity theft complaints were made to the Federal Trade Commission during 2007 (32 per cent of all fraud complaints). Credit card fraud was the most common form of identity theft reported (23 per cent), while bank fraud wasn’t far behind at 13 per cent. Additionally, there were 221,226 complaints of Internet related fraud, which constituted 40 per cent of all fraud complaints.

While there are many types of identity theft, the landscape is changing in the preferred methods
criminals use. For example, the general movement towards consumers using online bill payment, and
receiving electronic statements as opposed to paper statement has decreased the effectiveness of
dumpster diving (stealing mail or rummaging through garbage for statements or electronics that might have personal data stored). While this is true for consumers, dumpster diving at a financial institution such as a bank or credit union can still pay off for bad guys. Internet databases, government registers, and public records remain a target, but significant improvements around the security of these systems has reduced the frequency they are used in identity theft and fraud cases. Eavesdropping on public transactions to obtain personal information (shoulder surfing), stealing credit cards or other identification cards by pick pocketing or surreptitiously by skimming through a compromised card reader will always exist while we continue to use plastic cards. The fastest growing and most preferred method criminals use to collect sensitive customer information is where more of our efforts should be spent. This includes more ’high tech’ methods using malware, browsing, spam, phishing, pharming, trojan horses, and other hacking techniques.

Changing Criminal Methodologies

For example, a loan officer in your branch opens his Internet browser and goes to a site Msnbc to get the latest news. Most organisations allow this as part of their Internet use policy. However, if this user goes to Msnbc on St Patrick’s Day 2008 and had a vulnerable browser, the site would have opened up as iFrame (hidden window on the website) that loads malicious code in the background. Malware, once installed, is virtually unlimited in what it can do. Often, these malicious. A combination of high tech fraud methods, such as malware, phishing, pharming, key-loggers, and trojan horse programmes, combined with various social engineering techniques (a collection of techniques used to manipulate people into performing actions or divulging confidential information) has led to a lucrative practice for many criminals. But even searching on Google or any other search engine can lead to system compromise.

Anyone who has done a fair bit of searching on the Internet will often run across ’Spam pages’. These web pages are filled with the most commonly searched keywords on the Internet. They will have strings of words and phrases like ’tribadism fight scenes, free tribadism porn video Britney Spears, make money fast terrorism Iran Election 2008, primaries, Obama, Clinton,’ etc. They seed these pages with ’statistically improbably phrases’ (phrases that are usually unique to the most legitimate or desirable search results), which rank much higher than other sites. Then the criminals will distribute these pages across hundreds of compromised, legitimate websites. Malicious code (viruses, worms, Trojan programmes, Bot net software and the like) is then injected into these pages so when someone simply browses them, they are immediately infected. So when one of your users simply goes to Google and types in some search string, several of the pages that are listed as top results may be these infected pages that could compromise that system, which can lead to an entire network compromise. In fact, in many cases, five out of six results are infected ’Spam pages’. Remember, they don’t have to open an attachment. They don’t have to execute a programme. All they have to do is click on a search result link in Google, like you and I do many times a day.

Most companies use an outsourced firm or third party to host their website. Because these companies use a single, common platform, if a vulnerability is found in the third parties hosting platform, it has the potential of being able to compromise every website hosted by that provider. In one study, one person or group had infected hundreds and hundreds of legitimate websites all hosted by the same ISP in Eastern Europe. Most of the sites had redirectors to a site with a ’virus dropper’ (website that injects a virus into the computer that has accessed the web page). In other words, we have seen evidence that someone has figured out how to penetrate websites hosted by a hosting company at will, and has all at once placed web pages on all of them, which intercept popular Google keyword searches and redirect them to virus droppers. This company boasts over 700,000 websites.

Epilogue

While the Internet is not the culprit, it has become a tool that identity that thieves have embraced and abuse to find victims and commit fraudulent activities. A layered security approach that combines policy, procedures, training, and a variety of technologies managed and monitored centrally is the best way
to combat institutional identity theft. Many managed service providers can offer you a solution that mitigates a single threat or risk within your environment. With this approach, many companies are already finding it difficult to manage the various vendors and technologies. With Perimeter eSecurity, you get all the benefits of outsourced security management and monitoring while maintaining the visibility and control through our client portal ’Viewpoint’. Only Perimeter eSecurity can offer your organisation the complete solution that can protect your institutions profits and identity.

By Ramesh Manghirmalani

New technology to monitor cyber crime - Times of India - 15 Jul 2008

LUCKNOW: In an effort to tighten noose around cyber criminals, the district police recently organised a slide-show presentation in which a private software firm displayed biometric technology tools to control this growing menace. Around 150 cyber cafe owners were also present at the presentation.

Titled 'Cyber Cafe Monitoring System (CCMS)', the technology comprises of a biometric system for recording fingerprints of persons who use a workstation. This potent system has some other features like facility to take live snapshots, public IP address and MAC address (used to keep record of computer systems used in a crime).

According to the firm's director Anuj Kacker, who displayed the technology in front of cyber cafe owners, it will have a US-made thumb scanner device for recording fingerprints of a user. The software will also record photographs along with the name and others details of the user.

However, in a survey of some cyber cafes in the city it came to light that small owners were apprehensive of the technology. Talking to TOI, Rajendra, a cyber cafe owner in Aliganj, said, "if we use this technology we will be under constant watch of the cops as the main server of the system will be connected to that of the cops."

A Hazratganj cyber cafe owner was bold enough to admit that since most of the people who visit his cafe surf pornographic websites, adopting the technology will hit his business and "intrude into the privacy of the user".
Allaying fears, Anuj told TOI that the technology will not record the content of the website or an email. "It will only record the public IP address. The police will only intervene if it comes to light that a crime has been committed on a particular IP," he added.

Anuj added that since cyber cafe owners were not aware about the technology and its use, the firm was planning to conduct regular such presentations. According to Anuj, the software is designed in such a manner that the data base will be recorded for a period of two months. In case a cyber crime is committed using a particular computer system, and it comes to the knowledge of cops, a tracker will be put on the user's name and if on any later date the culprit again uses any other computer system attached to the CCMS main server with the police, his identity will be revealed.

Talking to TOI, senior superintendent of police (SSP) Akhil Kumar said, "it is solely at the discretion of the cyber cafe owners to use this technology or use close-circuit television cameras for maintaining a record. The technology is in no way being endorsed by the district police but it is a good system that will help in controlling cyber crime in a big way." The SSP also assured that if a cyber cafe owner adopts CCMS, police will only intervene in case of complaint lodged for a crime.

The news system will alert police officials of a particular area where a cafe is situated within seconds of any violation and display a status column which will define whether a particular computer system is being used or not by the culprit.

The technology will cost Rs 6,800 along with an additional charge of Rs 200 for the services. According to the technology providers, the cost is less when compared to installing close circuit television cameras (CCTVs) which cost around Rs 14,000 per unit.

So far six cyber cafes out of a total of 3,000 in the city have installed the system and according to Anuj, another 35 proposals are in the pipeline

Five Things Kevin Mitnick Knows About Security - PCworld.com - 15 Jul 2008

Reformed hacker-turned-security-consultant Kevin Mitnick served five years in federal prison for breaking into phone and software company networks. He talks about his past hacking exploits, computer security, and how he turned an illegal hobby into a useful career.

Hacking wasn't always illegal. I started off in what they call "phone phreaking" in the late 70s. This is the same hobby Apple founders Steve Jobs and Steve Wozniak had. At this time, 1978, there were no laws against hacking. The first law that criminalized hacking was passed in 1980 in California. I was doing this before it was illegal. And my interest was entertainment -- the pursuit of knowledge, challenge and the trophy of the stolen information. There was no motive for money or malicious intent to use, disclose or destroy the data.

Learn the rules before you play the game. I knew hacking was sneaky when I started, but I didn't think it would get me into trouble. Back in my day, they didn't teach us about ethics in respect to hacking or using computers. Now, I tell kids to not follow in my footsteps. As computers become more accessible, there are more ethical ways to learn about computer security. Plus, there are laws now.

Not everyone takes security seriously. I've been testing a company -- a financial institution -- and they are governed by Sarbanes-Oxley and other regulations. I've done their security assessments for the last four years and each time I get in the same way. It's surprising that these companies do security audits to find their vulnerabilities but don't do much about them. They are required by law to do the audits so you'd think the auditors would require them to fix the issues, but in a lot of cases they don't.

Use your powers for good, not evil. When I was released from custody in 2000, the U.S. government asked for my help. U.S. senators Fred Thompson and Joseph Lieberman invited me to testify before Congress about the government's computer security vulnerabilities. Once the restrictions of my release were up, I went into full-fledged security work, such as training, security assessments and product evaluations. It's a reversal of fortune. Before, I was doing something exciting -- but it was unauthorized and illegal. Now, I do the same thing that got me in trouble, except I do it with authorization. Clients hand me their network and tell me to break in so they can fix security vulnerabilities. To me, it's the same act but it helps my clients and it's legal and ethical, so it's a win-win situation. It's interesting that you can take a criminal activity like hacking and make it into a legitimate enterprise. I can't think of any other illegal activity you can do that with.

Even hackers get hacked. Attackers found a way onto my Web server. However, my website is hosted by a third-party hosting company, so when my site gets hacked it's the hosting service's security shortcomings, not my own. Of course it's embarrassing and I don't like it. Fortunately, I don't have any proprietary information on my public-facing servers. The downside is that people think my company was hacked, but it was really this hosting company's network and not my own site that was breached.

By Jarina D'Auria, CIO.com

Researchers Trace Structure of Cybercrime Gangs - PC World.com - 15 Jul 2008

The chain of command of a cybercrime gang is not unlike the Mafia, an evolution that shows how online crime is becoming a broad, well-organized endeavor.

The latest research from Web security company Finjan, released on Tuesday, outlines a pyramid of hackers, data sellers, managers and malicious programmers, all working in a fluid management structure in order to profit from cybercrime.

Finjan researchers joined forums where credit card details and other data is sold, knowns as "carding sites." They impersonated interested data buyers while collecting intelligence on the operations' management hierarchy, said Yuval Ben-Itzhak, Finjan's CTO.

"We kind of had a feeling that something had changed there," Ben-Itzhak said. "There is something even more organized there."

When a person's credit card details are stolen, the details are sold on the carding Web sites, where salespeople offer a menu of available information. Those salespeople don't exploit the data they possess but rather seek to sell it to someone who does. Those salespeople also aren't responsible for the hacking.

The data is supplied by affiliate networks, or groups of hackers who get paid to infect machines with malicious software and steal data. Those networks often have a campaign manager, someone who oversees a particular set of attacks.

At the top of the hierarchy are the boss and his deputy, who handle the distribution of crimeware kits used for hacking. The boss doesn't engage in hacking and acts as an administrator for all of the activity.

Finjan's map of the cybercrime gang comes from chatting with data sellers on ICQ and asking them where the data originates, Ben-Itzhak said. ICQ was one of the first instant messaging programs. Participants are often only know by a number.

"We managed to build up trust," Ben-Itzhak said. "Of course, they don't know we are from Finjan."

Sellers offered "dumps" or batches of credit card numbers: MasterCard Standard and Visa Classic card numbers and security codes go for $15 each, with Visa Gold or Corporate details going for up to $90.

Data often comes with a guarantee, with many data sellers offering to replace cards that don't work or are reported as stolen. But Finjan and other security vendors have said that the price of a credit card number has been falling as the market as the amount of sensitive data on the market has increased.

Finjan broke off contact with the data sellers and hasn't reported it to the authorities, although Finjan does report if researchers come across servers where the stolen data is stored, as the company revealed last month.

The company doesn't have much of an idea where the cybercriminals are physically located. The touch-and-go game on instant messenger is one way to gain intelligence: "It's really about knowing your enemy," Ben-Itzhak said.

By Jeremy Kirk

Police may offer 18-year-old computer hacker a job - Telegraph.co.uk - 15 Jul 2008

New Zealand police are so impressed by the skills of a teenager at the centre of a global credit card scam worth millions of pounds that they are considering offering him a job fighting cyber-crime.

In a surprising development, Owen Thor Walker, 18, who used the online name 'Akill', was discharged without conviction in the High Court at Hamilton after admitting his role in a sophisticated operation by a worldwide group of criminals calling themselves the 'A-Team'.

Detectives were astonished last November when, at the culmination of a year-long investigation involving the FBI and authorities in the Netherlands, they discovered that the 'mastermind' they were seeking was Walker, who was using a computer in his bedroom in the small rural town of Whitianga.

They described him as a 'botherder', the controller of a 'botnet' in which more than a million computers around the world were infected with a virus that gave him control over them.

Software he designed and sold to the criminal gang allowed members to steal user names and passwords, as well as credit card details.

The FBI estimated the combined economic losses from the 'skimming' activities and damage caused to computer systems by the group at more than $20 million (£10 million).

The crime came to light after one attack caused computers to crash at the University of Pennsylvania in 2006.

In court yesterday, Walker, who has Asperger's syndrome, a mild form of autism, smiled as he heard the prosecution describe how international investigators considered his programming to be 'amongst the most advanced' they had encountered.

Judge Judith Potter described him as a young man with a bright future and ordered him to pay damages and costs of £5,500, but did not record a conviction.

She said that Walker was immature and unable to set proper boundaries for himself in relation to his 'undoubted expertise' in computers.

If he had been convicted, he could have faced five years' imprisonment on each of the charges.

Both the prosecution and defence counsels said in court that police were interested in talking to him about a job 'on the right side of the law'.

Detective Inspector Peter Devoy said that while 'there is no offer on the table, the option is being kept open'.

Maarten Kleintjes, head of the police e-crime laboratory, said the self-taught Walker had a unique ability and was 'at the top of his field'.

Outside the court, Walker, who is also being headhunted by several computer programming companies, said he would be very interested in putting his skills to use for the police.

By Paul Chapman

Banks should be liable for e-fraud - vnunet.com - 11 Jul 2008

A House of Lords committee has called on the government to make banks, not customers, legally liable for internet fraud.

The House of Lords Science and Technology Committee called for legislation to force banks to cover customer losses incurred through e-crimes in its follow-up report into personal internet security published in August 2007.

The report claims that, under the current system, banks often deny liability for password and Pin fraud, claiming customer negligence or even complicity in the fraud.
"We reiterate our strongly held view that the current reporting sequence is wholly unsatisfactory and that it risks undermining public trust in the police and the internet," says the report.

The committee also recommended that victims of cyber-crime should be able to report incidents directly to the police, reversing the current process which requires them to report incidents to their bank.

The peers also called for a data breach notification law that would require organisations publicly to acknowledge breaches when customer security has been compromised.

The report acknowledged recent proactive moves in terms of protecting UK citizens from online crime, following the government's embarrassing data breaches.

"A level of indifference on the part of the government has now been dispelled only as a result of recent incidents involving serious losses of personal data, " the report said.

The call was backed by Bill Beverley, security technology sales manager at F5 Networks.

"If people were to adopt best practices, many of these data breaches would not have occurred," he told vnunet.com.

Beverley believes that this move would "add some teeth to the legislation" and help spur complacent companies into action when it comes to the protection of data and the liabilities involved when breaches occur.

He added that it is imperative that government agencies are held to the same standards at private companies.

by Guy Dixon and Ian Williams

2 Malaysians Nabbed For Credit Card Fraud In Bangkok

Thursday for credit card fraud in the latest incident involving Malaysians.

Hua Mark district police chief Vatana Ejin said the suspects, aged 31 and 33, reportedly told police they were part of a group headed by a China national who was detained by police last week.

The man's five accomplices were also picked up.

Vatana said the duo were nabbed after a commercial bank reported that they used fake credit cards to carry out transactions at several shopping complexes here.

"Following information from the public, we traced one of them shopping at a mall in Ramkamheang area and another one in Ekkamai," he told a press conference Friday.

According to Vatana, the duo told investigators that the China national had given them fake credit cards and fake passports to go shopping for expensive items like mobile phones, electrical products, whisky and cigarettes.

Prior to their arrest, one of them was shopping for a mobile phone worth 11,900 baht (about RM1,200) while his colleague was buying some products worth 50,000 baht (about RM5,000).

Vatana said the duo had continued their activities even after the arrest of their accomplices, adding that investigations revealed each group member received a five per cent commission from the total value of the products they had bought.

Last year and early this year, several Malaysians were arrested by Thai police for using fake credit cards to buy goods at popular shopping malls in the capital.

In one case, a Malaysian was caught stealing credit card information from a local bank here.

In April, three Malaysians, including a woman, were charged in a Thai court for using forged credit cards to buy air tickets to Athens, Greece and Kuala Lumpur.

Due to the rampant credit card cases involving Malaysians, banks have tightened procedures, including asking Thailand-based Malaysian businessmen to change their credit cards upon returning from their homeland.

Europol busts European credit card scam - focus-fen.net – 12 Jul 2008

The Hague. Officials bust a European syndicate Friday responsible for the large-scale forgery of credit cards, arresting five people in Italy and two in Greece, policing agency Europol said, AFP reported.

"The perpetrators skimmed and cloned credit cards, originating from countries all over Europe," it said in a statement.

"The data was then utilisedproduce counterfeit payment cards which were subsequently used for illegal cash withdrawals and payments in Greece and Italy."

The syndicate is believed to have siphoned off more than one million euros (1.5 million dollars), said the statement.

Investigators dismantled a counterfeit card production site in the Italian city of Livorno.

"The operation can be considered as a great success since this significant criminal group, producing and using counterfeit payment cards, was disrupted from the bottom up," said Europol director Max-Peter Ratzel.

The operation, dubbed "Plastik", was carried out by Italian policing agencies and Europol.

Saturday, July 12, 2008

British Indian gets nine years for $140 mn fraud – Indiapress.com - 8 Jul 2008

LONDON: Jagmeet Channa, a British Indian bank clerk, has been sent to prison for nine years for trying to defraud HSBC of about 70 million pounds ($140 million).

Channa used to plunder accounts using identities of colleagues at the bank's headquarters in Canary Wharf in London, where he was employed.

Channa admitted to fraud and a charge of money laundering. He was caught early May within minutes of sending about 70 million pounds to two accounts. The stolen money has since been returned.

The fraud was detected by HSBC staff in Malaysia after he left one of the two accounts with a zero balance. Channa had used the passwords of two of his colleagues who were later questioned by the police and released after they were found innocent.

After Channa's sentencing Monday, Detective Sergeant Martin Peters told BBC: "This crime is believed to be one of the largest frauds of its kind and it is thanks to the prompt response of the police and the banks that the money was recovered."

Airlines act against e-ticket fraud - The Telegraph – 10 Jul 2008

Fliers must carry photocopy of credit card used for purchase

The next time you buy an air ticket online for someone you know, don’t forget to give that person an attested photocopy of your credit card because airlines are becoming stricter in implementing a fraud-prevention rule that has been in existence for some time.

Amitabha Banerjee (name changed on request) was unaware of this when he checked in for an afternoon flight to Mumbai last week. The executive at the check-in counter of the private airline sought a photocopy of the credit card that was used to buy the e-ticket, leaving him puzzled.

Banerjee said he had bought the ticket from a travel agent and didn’t know whether a credit card had been used in the transaction. “On being told that airlines are being extra cautious in regard to tickets bought with credit cards, I called up my travel agent from the airport to ask for a faxed photocopy of his card,” he recalled.
He was lucky to get it in half an hour, just in time to board the flight.

The high incidence of identity theft — all you need for an online purchase is the credit card number, the expiry date and the three-digit CVV number printed at the back — is the reason why airlines are insisting on fliers carrying photocopies of credit cards if their tickets have been booked by someone else.

“There have been several such frauds over the last six months,” a Jet Airways official said.

He said almost all airlines had this clause in their e-ticket rules, though very few were implementing it until recently. “Henceforth, if any passenger fails to show the photocopy of the credit card attested by its owner, the ticket will be cancelled and a fresh ticket issued. The owner of the card will get the refund,” the Jet official said.

The system is, however, far from foolproof. A card that is stolen can be used to buy tickets, photocopied and presented as proof of the purchase being bona fide. “If a person commits this kind of fraud, there is nothing one can do,” said an official at airport police station.

There have even been instances of hackers cracking online payment gateways with fake credit card numbers and purchasing tickets. In such cases, airlines incur losses.
Last month, the e-commerce department of Jet Airways asked its airport division to look out for a passenger booked on a Calcutta-Mumbai flight because of doubts about his online purchase. "We were asked to check the photocopy of the credit card and if the passenger failed to produce it, the ticket should be cancelled. The passenger did not turn up. It seems he had a hunch he would be caught," an official said.
Most frauds are committed by small-time tour operators. "Tickets are issued usually 24 hours before departure, giving us little time to detect the fraud," a Deccan official said.

"We advise passengers to buy tickets from authorised travel agents. They should not fall for unusually low fares offered by tour operators whose credentials are not known," said Anil Punjabi, chairman (east) of the Travel Agents’ Federation of India.

According to sources in the aviation industry, 5-7 per cent of airline tickets are bought online. Around 20 per cent are purchased with credit cards from travel agents.

By Sanjay Mandal

Police bust counterfeit currency racket – kerelanext.com – 11 Jul 2008

NEW DELHI: Delhi Police claimed to have unearthed a counterfeit currency racket backed by Pakistan's ISI with the arrest of a person.

Mohammed Mushtaq, the alleged main conduit of the racket, was caught by Delhi Police's Special Cell from near Chhatrasal Stadium in the capital allegedly with fake notes having a face value of Rs 1.8 lakh, police said.

The arrest came following an input that a racket involved in the circulation of fake notes was operating in north-west Delhi.

Police claimed that Mushtaq told investigators that the trail of fake notes originates from Pakistan and through Bangladesh borders, it reaches the capital.

During interrogation, police claimed, the accused also revealed that the fake notes were supplied by an ISI operative based in Bangladesh.

He also told police that one Sahil is procuring the fake notes from Bangladesh.

A case has been registered and further investigations

Stimulus Checks Are Bait Used By E-Mail 'Phishing' Scammers - tmcnet.com - 12 Jul 2008

(Tampa Tribune (FL) (KRT) Via Acquire Media NewsEdge) Jul. 12--Seizing on the major fiscal news of the year, Internet scammers are trying to use federal economic stimulus checks as a hook to steal personal financial information, the Internal Revenue Service warns.

Almost 700 such scam attempts were reported in May and June, bringing the tally for 2008 to about 1,600.

Victims of these fraud attempts -- which are called "phishing" scams -- received official-looking e-mails purporting to be from the IRS and requesting personal information to expedite the receipt of their checks.

With an address and Social Security number in hand, a scammer then can open fraudulent credit card accounts or take out false loans, damaging the victim's credit rating.

"Generally you can look at them and find grammar errors and punctuation errors, and they're not professional," said IRS spokeswoman Gloria Sutton.

"If you receive an unsolicited e-mail purporting to be from the IRS, don't open it. We do not send unsolicited e-mails. The IRS would have no reason to ask for your PIN number or bank account."

The IRS asks that anyone who receives a phishing e-mail forward it to so the agency can trace the scam's origins.

Between 2006, when the agency opened the account, and November, the Treasury Inspector General of Tax Administration had identified host sites in at least 27 countries in addition to the United States.

The economic stimulus fraud isn't the first time scammers have taken advantage of current events to steal cash or identities, said Sally Hurme, senior project manager with AARP financial security in Washington.

Natural disasters such as Hurricane Katrina have been used to drum up donations for nonexistent charities.

"The key about any scam is that the scamsters like to follow the news," Hurme said.

"Even before the president signed the bill, the IRS reported that there were phishing schemes popping up."

In other scams reported this year, victims have received e-mails appearing to be from the IRS and offering tax refunds in exchange for personal information.

Sometimes scammers also will send e-mails with phony links, which install malicious code on the victim's computers.

Hacked personal e-mail accounts used to scam contacts - echannelline.com - 11 Jul 2008

In Symantec Corp.'s July 2008 edition of its monthly spam report, one of its findings noted that hackers were using personal e-mail accounts to scam contacts in a user's address book.
The twist was that the e-mail came from a user's hacked webmail account and was sent to their personal list of contacts. People on this list would receive an e-mail request for financial assistance and were urged to respond via e-mail only. As the hacker took over the users account, the real owner would not have known about the e-mail if the recipients fell for the scam. As a further stamp of authentication, the auto-signature typically used by the account owner was included at the end of the message. The Symantec report indicated that this scam was a variation of the Nigerian spam.

However, the account owner was quickly notified by a friend via telephone of the scam, and immediately contacted the webmail service providers to get his account access back. This proved to be difficult because the hacker had changed the account details such as password, address and secret question.

According to Kelly Conley, manager of anti-spam research with Symantec Security Response, hackers were able to obtain this information because they replied to an e-mail request for an account update.

"You never want to respond to account expiration or update notifications because there is a good chance those are spammers trying to scam personal account information," she said.

Symantec stressed that this scam was not isolated to one particular webmail provider or organization. This scam also serves as a timely reminder that users should always keep passwords secure and never share them with anyone.

As well, Conley said that if a person were to receive such an e-mail, it should immediately raise a red flag.

"They should be suspicious, especially if it is out of the ordinary for the character of the person," she noted.

Also in the July spam report, Symantec discovered that spammers were simplifying their e-mail harvesting technique. To obtain e-mail addresses spammers used spambots which crawl the Internet looking for e-mail addresses, bombarded an e-mail server with e-mail addresses and storing the addresses that do not bounce, or bought lists of e-mail addresses from other spammers.

They used these addresses to send messages whose recipients were interested in receiving certain offers and encouraging these people to e-mail them back. The list of e-mail addresses that may be compiled would be very useful for the spammer. Not only were these people interested in buying the kind of products that the spammer was offering, but its a bona fide opt-in list, one that the spammer can now send messages to freely without concern that he will be sending to spamtraps, or that the message will be blocked by spam filters.

As well, the report noted spammers were using the recent earthquake tragedy in China to spread viruses by sending e-mails with news headlines, hoping it would entice the reader to open the message.

A video was embedded into the link that was in the e-mail which users were then lured into playing the video, which in turn opened an executable file. This executable file has been detected as Trojan.Peacom.D by Symantec AntiVirus software. Trojan.Peacomm.D is a Trojan horse that gathers system information and e-mail addresses from the compromised computer. Users should be aware of such attempts, and avoid opening e-mails and clicking on suspicious links.

Additionally, spammers turned to old techniques to lure in victims. Symantec noted in June that they were using bogus news headlines in an e-mail subject header to get recipients to open the message and click on a link that directs them to a spam offer.

Some of the headlines include: White House hit by lightening, catches fire; Donald Trump missing, feared kidnapped; and Obama quits presidential race.

Symantec warned that curiosity killed the cat and may result in people becoming an unwitting target for spammers. Conley advised that people use a reputable news source to confirm these headlines.

Other findings of the report noted spam targeting the Japanese mobile phone market. As people spend more time using mobile devices to check e-mail, the growth of these types of mobile spam messages is expected to continue. Conley said that the majority of spam noted were adult-related and was sent purely as spam and not to obtain personal information.

Also, as the Beijing Olympics nears, so do more spam related to them. In the latest scam, messages claiming to originate from the Beijing Olympic committee have been observed where fraudulent messages purport to declare the winners of the lottery for an Olympic promotion.

"People should exercise due diligence when checking out their e-mail, don't give out personal information and be suspicious of scams as there are a lot of scams going on these days," stressed Conley.

By Vanessa Ho

Mortgage scam is front for identity theft - mailtribune.com - 11 Jul 2008

WHITE CITY — Police are asking the public to be aware of a man involved in a mortgage scam that has cost at least one White City resident $300 and opened her up to identity theft.

A White City woman was approached recently by a man claiming to work for a mortgage "watchdog" group. The suspect said he could look over mortgage paperwork to spot potential errors that could save the buyer thousands of dollars, Jackson County Detective Sgt. Colin Fagan said.

"He charges a $300 fee for this bogus service," Fagan said. "Also, he takes the paperwork with him and does not return."

The suspect said he was affiliated with a local mortgage lender. Detectives believe he may have visited the company and made away with several business cards, which he displayed to the victim, Fagan said.

Mortgage paperwork gives a criminal a wealth of financial information that could be used to drain a bank account or open credit cards in the victim's name, Fagan said.

"Mortgage papers contain your social security number, full name and date of birth," Fagan said. "That's all an identity thief needs to get started. People under foreclosure are vulnerable to begin with and this is the last thing they need."

Police believe the suspect is Bart Arthur Blahosky, 50, who has a long history of fraud spread over Utah, Nevada and Idaho.

"Our victim said he was dressed very nicely and sounded like a lawyer," Fagan said.

Blahosky is described as a white male, standing 5 feet 11 inches tall and weighing 170 pounds. The picture is from his a recent Oregon drivers license, Fagan said.

"We know of only one victim in our area so far, but there could me more," Fagan said.

By Chris Conrad

Man jailed for hacking Red Cross website to steal donations - www.chinaview.cn 11 Jul 2008

NANJING, July 11 (Xinhua) -- A man was sentenced to two years in jail and fined 5,000yuan (731 U.S. dollars)in eastern Jiangsu Province for hacking into a website and changing the bank account of a local Red Cross foundation for earthquake donation to his own account, according to a court ruling on Friday.

Yang Litao, a staff member of a network technology company in south China's Shenzhen City, was accused of hacking into the Kunshan Municipal Red Cross Foundation website in May and changingthe donation bank account number to his own in order to syphon off money, a Kunshan Municipal People's court ruling said. He had opened a bank account using a false name for the purpose.

The police shut down the website, one of several he had hacked into, on May 18 after discovering it had been hacked. Yang did not make any money, thanks to the quick response from the police.

Yang was caught three days later in a rented house in Shenzhen.

Unique technology to control cyber crime - Times of India - 11 Jul 2008

LUCKNOW: The district police, in order to tighten the noose around cyber criminals, organised a slide show for around 150 cyber cafe owners on Thursday in which a private software firm displayed the latest technology to control cyber crime. The technology, according to the firm, will be used for the first time in India.

The technology introduced is titled 'Cyber Cafe Monitoring System (CCMS)' that will comprise techniques like biometric system, for taking image of fingerprints of persons using a computer system, along with having other features such as taking photographs, public IP address and MAC address (it is used for keeping a record of which computer system was used to commit the crime).

According to the firm's director Anuj Kacker, who presented the new technology to the cyber cafe owners, the technology would be having a scanner device for recording the fingerprints of the user.

The software installed would record photographs along with the names and other details of the user.

According to the police, the technology is designed in such a manner that the database will be recorded for a period of two months and if a criminal has used a particular computer system and after a few days again uses any computer system attached to the main server of the technology, his identity will be revealed and an SMS will reach the police officials of the concerned police station in a couple of seconds.

The software will also display a status column which will define whether a particular computer system is being used or not.

The technology will cost Rs 6,800 and an additional charge of Rs 200 for providing the services. According to the technology providers, the cost is less when compared to installing close circuit television cameras (CCTV), a set of which costs around Rs 14,000.

So far, six cyber cafes out of the total 3,000 in the city have installed the system and the firm and the police are optimistic about its use in future as well.

Palestinian hackers breach Likud Web site - jpost.com - 07 Jul 2008

The Likud Party's official Web site was hacked into twice Monday morning by Palestinian activists seeking to display political messages. The messages appeared primarily in English, although some were in Hebrew and Arabic. The main banner on the hacked page displayed an English message, "Only free men can negotiate," above a line that read, "Palestine. Dying to live," accompanied by the image of a Palestinian flag.

According to a Likud spokesperson, the first hacking took place at 5 a.m., and then again at 11:30 a.m. after the site had been restored to normal. The group responsible for the breach called themselves "Cold z3ro - Team Hell Crew."

In a separate Hebrew message, the hackers posted they referred to a prisoner exchange for captured Cpl. Gilad Schalit, stating, "You think that Gilad Schalit is returning? When he returns, we will capture four like Gilad Schalit."

Another message, also in Hebrew, stated "You are killing Palestinian children in Gaza."

Sani Sanivich, government affairs adviser to Likud chairman Binyamin Netanyahu, insisted that there would be no response.

"I don't understand why we should respond to an illegal action by a fanatical group that tries to break into our Web site."

As far as whether or not Likud will respond to the messages displayed on the site, Sanivich said that no one would dignify the words by giving them time.

"I didn't even think about it. We didn't read it." He added that Netanyahu had not and would not read the messages, either.

Likud representatives were unsure if charges would be pressed in response, but Sanivich said, "We don't care for these people. It's a lost fight," admitting that they cannot control similar events happening in the future.

The hackers seemed to know this, as they posted another Hebrew message on the site warning, "We will breach all of your Web sites."

Credit card fraudsters target a Cotswold garage - thisisgloucestershire.co.uk - 09 Jul 2008

Dozens of customers of the Murco petrol station on the A40 at Andoversford were contacted by
their banks following suspicious withdrawals on their credit and debit card accounts – in countries such as Jamaica.

Police believe a skimming device that copies card information could have been fitted to the garage's credit card swipe machine.

Details were then used in cloned cards to withdraw money and buy goods.
Police searched the garage on Saturday as well as addresses in Cheltenham and Churchdown.
Filling station owner Ajitha Edirisinghe said his industry seemed to be “prone” to being targeted.

He said: “It's started everywhere in petrol stations but it's a shame it's happened to us.
“I feel so bad for all our customers because most are regulars.
“I've been here for six years and built up such a good relationship and never had such a problem before.

“Today we've been told to take over the system manually. We're ringing the card companies for authorisation for each transaction.

“We get 300 to 400 customers a day using their cards.
“It's going to cost me a lot because I've had to hire extra staff to cope.
“But we will ride this bad time and it's business as usual.”
The fraudulent transactions relate to cards used at the garage between May and the first week of June.

But investigating officers are keeping an open mind as to when customers had their data stolen and when the cards were actually cloned.

Murco UK and Mr Edirisinghe are co-operating fully with inquiries and the device has been seized for forensic examination.

North Cotswolds acting police Sergeant Tim Griffiths said: “We received the first report of possible credit card cloning relatively early last Thursday morning.

“It was soon apparent many in the area had fallen victim to numerous fraudulent transactions on their debit and credit cards.

“All high street banks have been informed of the issue and police inquiries are ongoing.”

Anyone who has used a credit card at the garage during the suspected time and noticed suspicious withdrawals from their account is advised to contact their bank immediately and then inform police on 0845 090 1234.

The rural garage hit the headlines in April 2007 when a robber showed part of a gun to a cashier and demanded the cash box containing £400.

DBS Bank works with Unisys and Actimize to fight crime – bankingtech.com

Unisys' Singapore subsidiary is working with Actimize to implement a financial crime surveillance system for DBS Bank in Singapore that monitors transactions and analyses potentially suspicious patterns across the bank's product channels. DBS Bank is one of the largest financial services groups in Asia.

Research from Celent has indicated that Singapore and Australia are the countries most aware of AML requirements in Asia Pacific and predicts that growth in AML technology spend in the region will outstrip the US and Europe in 2008.

Unisys will deploy Actimize's fraud prevention and anti-money laundering solutions across DBS Bank's Asia Pacific operations. The enterprise-wide risk management platform and surveillance system is designed to enhance DBS Bank's capability to detect potential fraud, misconduct, money laundering and terrorism financing activities. The solution uses analytics to identify, manage and reduce potential risks by

DBS Bank works with Unisys and Actimize to fight crime – bankingtech.com

Nate.com Troubled by Chinese Hacking Claim - english.chosun.com – 10 Jul 2008

The claims of an unidentified Chinese hacker have alarmed Korea's Internet portals.
Nate.com, a leading Korean portal run by SK Communications, is dismayed by a message left on a Chinese website. Claiming to be a hacker, the writer offered to sell the personal information of 12 million Nate.com members for one million yuan (W100 million, US$1=W1,006). As if to prove the claims, the writer revealed the information of five or six Koreans.

SK Communications was thrown into panic. If the claims are true, it would be the largest leak ever of Koreans' personal information, even topping the Auction.com leak in which data on 10.8 million members was hacked.

But the Chinese poster did not reveal any more information and deleted the message, making it impossible to confirm whether the hacking was real or a hoax.
An official with the Seoul Metropolitan Police cyber crime squad said it will take time to get the facts as it is an overseas case.

But SK is worried. An official there said an internal probe has found no trace of hacking, but to be safe Nate.com members will be required to change their passwords every six months.

The new password policy took effect Tuesday. Only members who change their online passwords can access Nate.com and Cyworld.com.

A portal employee said, "There's no particular measures against such hit-and-run Chinese hackers. Actual hacking cases are rare, but taking a lesson from the Auction incident, portals are always on high alert."

(englishnews@chosun.com )

Identity Thieves Skimming From Grand Valley Residents

Police are warning residents to keep tabs on their credit cards after thousands of numbers are stolen. Thieves have stolen nearly $150,000 from 40 people since February through skimming. According to Grand Junction police, there is an average of $2,000 dollars stolen during each of the incidents. Police say the suspects' employers and co-workers had no way of knowing the crime was taking place. Police won't release what local businesses are being investigated.
Ways to protect yourself are knowing where your cards are at all times and comparing receipts to your statements. Keep your PIN in a safe place away from the card and always report suspicious activity immediately

Watch the video at http://www.krextv.com/video_player/player.php?file=http://krex.tv/uploads/48056c22-77df-75ff.flv

Wednesday, July 9, 2008

7-Eleven Responds to Citibank Hacker Case - csnews.com

DALLAS -- Hackers successfully accessed Citibank's network of ATMs inside 7-Eleven stores, stealing millions of dollars and personal information from unsuspecting customers, CSNews Online reported yesterday. It is estimated the breach began in October of last year. To date, it is unclear how many of Citibank's approximately 5,700 branded ATMs in 7-Eleven stores were impacted.

7-Eleven spokeswoman Margaret Chabris told CSNews Online: "7-Eleven Inc. is aware of the federal investigation in New York concerning ATM fraud that has apparently impacted Citi customers. It is 7-Eleven's policy not to comment on any aspects of this matter because it is an ongoing investigation."

Citibank, part of Citigroup Inc., has declined to comment on the technique or how many customers' accounts were compromised. It said it notified affected customers and issued them new debit cards.

"We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts," the bank said in a statement released last week.

Citibank does not own or operate the machines. The Houston-based Cardtronics Inc. owns all the machines, but only operates some, while the Brookfield, Wis.-based Fiserv Inc. operates the remaining machines.

"We understand that Citibank has already contacted any account holders who may have been impacted or that needed to receive a replacement card," said Chabris. "However, 7-Eleven is confident that its ATM provider, Cardtronics, has included the appropriate safeguards designed to prevent unauthorized access to our customers' personal data in the ATMs located in our stores today."

In other news, Unisys Corp.'s Canadian subsidiary, Unisys Canada, was awarded a contract from NEC Corp. of America to provide outsourced IT support services for 470 7-Eleven retail convenience stores throughout Canada.

"Unisys outsourcing expertise combined with NEC's retail solution integration skills will assist us in growing our 7-Eleven business in Canada," Sharon Stufflebeme, 7-Eleven's chief information officer, said in a released statement. "We'll be able to serve our customers more effectively and efficiently through enhanced in-store technology support."

Valued at $6 million over a three year term, the contract states that NEC Corp. of America is the prime contractor and will manage applications development and support for 7-Eleven Inc. Unisys Canada will provide maintenance and support services for IT back-office equipment, on-site wireless networks, point of sale (POS) and inventory ordering systems for the 470 Canadian 7-Eleven retail stores from Ontario to British Columbia.

"We look forward to working with Unisys on this important initiative," Naohide Takatani, general manager, Retail Solutions Group for NEC Corp., said in a released statement. "Drawing on Unisys expertise in technology support and maintenance in this engagement with 7-Eleven expands the range of benefits we can provide our client."

Bob Binns, president, Unisys Canada, said in a released statement: "Unisys is confident that in working with our partner NEC, we will provide 7-Eleven with a secure, flexible IT infrastructure that can accommodate its growing business in Canada."

Hackers post Soviet symbols on Lithuanian sites -

Unidentified hackers broke into several hundred Lithuanian Web sites over the weekend, plastering them with communist symbols, government officials said Monday.
The hackers posted Soviet symbols - the hammer and sickle, as well as the five-pointed star - and scathing messages with profanities on Web sites based in the ex-Soviet nation, officials said.

"More than 300 private and official sites were attacked from so-called proxy servers located in territories east of Lithuania," said Sigitas Jurkevicius, a computer specialist at Lithuania's communications authority.

The hackers hit Web sites from both the government and private sector, including the Baltic state's securities commission and ruling Social Democratic Party. Others included a car dealership and a grocery chain.

Many believe the attacks were a backlash against legislation approved by lawmakers two weeks ago banning the public display of Soviet and communist symbols. President Valdas Adamkus signed the law Friday.

Lithuania and the other two Baltic countries, Estonian and Latvia, gained independence from the Soviet Union in 1991.

The law prohibits the public display of the Soviet flag, military uniforms and the five-pointed Soviet star, as well as the playing of the Soviet national anthem.
It has drawn strong condemnation from Moscow, but Lithuanian officials stopped short of pinning blame on Russian hackers.

"Lithuania has experienced a serious attack on the Internet resources. I cannot rule out there is a direct link with our recent legislation," Defense Minister Juozas Olekas told reporters.

The hacking incident was also reminiscent of a series of cyberattacks on Estonian Web sites after the neighboring Baltic state angered Russia by moving a Soviet war monument and nearby war grave.

By LIUDAS DAPKUS - Associated Press Writer

US criminals target large corporate web sites - VNU Net - 07 Jul 2008

Large corporate web sites were heavily targeted by hackers in the early part of 2008, said the threat round-up report from US security firm Trend Micro.
Cybercriminals launched SQL injection attacks on thousands of web pages belonging to some of the largest companies in the US, as well as state government agencies and educational institutions.

Criminals are increasinlgy targeting affluent users such as C-level executives in the hope of accessing lucrative bank accounts and sourcing log-in credentials and email addresses that span whole organisations.

Criminals are keeping pace with technology and becoming more ambitious in selecting targets, said Raimund Genes, chief technology officer of Trend Micro.

"This is a good example of how cyber criminals are evolving with the times. They are moving away from threats that use old or waning technologies and instead focusing on the lucrative threats that bring a bigger payload," he said

In its report, Trend Micro said mobile threats are continuing to emerge, and it discovered malware disguised as multimedia content was being used to infect older Nokia mobile phones.
Tracking software ware infections declined by 15 per cent between May 2007 and April 2008 while adware and keyloggers were also down.

Helping prevent online fraud - - southbendtribune.com – 06 Jul 2008

As if identity theft wasn't scary enough, last month's string of fraudulent withdrawals from hundreds of accounts at local financial institutions gave area residents more reason to worry.

Luckily, in some cases consumers can prevent scams with the right defensive measures.

Some strategies should be obvious. For example, don't use "password" as a password, shred old bills, and don't keep pin numbers written down in a wallet or purse.

But as crooks get smarter, common sense may not be enough to stave off scams.

While 1st Source Bank officials said an online data breach was most likely to blame for scams related to their ATMs, Ray Miller, owner of Michiana Mobile Computer Repair, speculates that skimmers may have been part of the problem.

Skimmers are devices that can read a card's magnetic strip when placed over an ATM card slot.

"Skimmers will have a little pinhole camera mounted in them so they can see the key presses and store the pin numbers there," Miller said.

Miller, who deals with security issues daily in his business, also warns against card catchers. These devices are thin strips of metal or plastic a thief places inside the card slot, allowing cards to be inserted but not ejected. Victims believe their cards have been "eaten" by the ATM, and when they leave to report the problem to their local branch, the thief can remove both the strip and the card.

1st Source Bank's online breach is not the norm in causes of identity theft, according to a study by the Better Business Bureau in 2005.

The study found that the theft of online information accounted for only 11.6 percent of identity fraud cases. In addition, the study found that half of all identity thefts were committed by someone the victim already knew.

To prevent against offline fraud, the identity theft protection company LifeLock recommends dropping off outgoing mail in official post office boxes rather than leaving it in a home mailbox.

"A lot of criminals will steal people's mail for credit card numbers or account numbers and steal that information," Miller said. "People stealing trash is not as frequent but it still happens, so people should use shredders."

Though paper is the biggest target of identity theft, public computers and wireless Internet connections present dangers that users often don't think about, Miller said.

"What most people aren't aware of is that when they use Wi-Fi hot spots, anyone who's on the same hot spot can use any shared folders or files they have on their computer," Miller said.

He also warns against packet monitoring software, which hackers can use to intercept and log traffic passing through the network.

"For any traffic they're sending back and forth in a Wi-Fi hot spot, anyone who's on the same network can view what they're sending," Miller said.

Keylogging software may also be a danger on public computers, Miller said. Someone could install such software on a public computer, store the keystrokes users type with a USB device, and collect the user names and passwords logged weeks later.

Some recent legislation aims to protect consumers against fraud. Because of the Fair and Accurate Credit and Transactions Act of 2003, consumers can receive a free annual credit report from one of the three major bureaus, Equifax, TransUnion, or Experian. Consumers who suspect fraud on their accounts can receive credit reports for free as well.

While prevention may be the best weapon against identity theft, people can minimize damages by checking on their accounts daily via the Internet, Miller said.

"ATM debit cards are really easy to keep track of," he said. "For myself, every day I'm downloading and updating transactions and comparing them to things my wife and I have done."

By SUPRIYA SINHABABU

Foreclosures bringing cases of fraud to light - signonsandiego.com – 8 Jul 2008

Last year, an Orange County man was rejected for a personal loan at his credit union. To his surprise, his credit report had been red-flagged because he was six months behind on mortgage payments on a $660,000 home in Oceanside.

That was news to him. He had never bought a house in Oceanside.
So he contacted police, who uncovered that his identity had been stolen to make the purchase in October 2006.

Now the home on Overlook Drive is in foreclosure. The real estate agent involved in the deal, Robert Hugh Decker, is in custody in San Diego. Prosecutors allege that Decker's company was paid nearly $37,000 in commissions and that he was collecting $1,800 per month in rent from tenants.

The charges against Decker highlight the seamy side to the mortgage meltdown. Industry experts say the same lax lending standards that lured home buyers to stretch beyond their means created a fertile petri dish for real estate fraud.

Law enforcement officials say a host of real estate shenanigans sprouted during the housing boom. The most prevalent – and least likely to be prosecuted – involved fudging income on loan applications. Other buyers fibbed about whether they would occupy the home or rent it.

Some schemes were more complicated and nefarious. They often involved inflated appraisals, zero-down financing and grossly false information on loan documents. In these scams, the idea was not to own the property long-term but instead to siphon off as much money as possible from commissions, rental income or undisclosed cash kickbacks before letting the home fall into foreclosure.

“Many people just assume these foreclosures are part of the subprime meltdown,” said Todd Lackner, a real estate appraiser in San Diego. “This is not true. These properties were purchased with the intention of being foreclosed on.”

More of these cases are coming to light as the foreclosure crisis deepens. Last month, federal prosecutors charged six people from a downtown San Diego mortgage and real estate firm with wire fraud as part of a nationwide crackdown on bogus real estate transactions.
The probe, called Operation Malicious Mortgage, resulted in more than 400 indictments nationwide. The Justice Department and FBI estimate losses from the schemes at more than $1billion.

In Oceanside, Decker is one of a handful of people charged by state prosecutors in connection with the Overlook Drive property and two additional home purchases. The four other people, all of whom have pleaded guilty, include notaries, a mortgage broker and an Orange County chiropractor who provided the personal information of two patients whose identities were stolen, said San Diego Deputy District Attorney Stephen Robinson, who is prosecuting the case.

The investigation is continuing, and at least two additional foreclosure homes may be involved, authorities said.

Decker's attorney, Charles Guthrie, said that his client is innocent and that those who pleaded guilty are pointing fingers to escape tougher treatment.
“Mr. Decker is an honest man,” Guthrie said. “He wants to go to trial . . . We're looking for specifics. We want to see what they say Mr. Decker did.”
Who gets hurt by mortgage fraud? Lenders, of course, often lose money when they foreclose on a house. Identity-theft victims can spend months or years trying to repair their credit scores.

But there's also a wider impact. Real estate experts say that suspicious deals helped inflate property values during the boom and that the foreclosures are fueling a faster fall in values in today's market.

One example occurred in Mission Hills. In October 2005, a roughly 1,400-square-foot home was listed for $1 million. It didn't sell. In early April 2006, it was relisted for $989,000. A month later, the price was raised to $1.3 million.

It went into escrow for $1.25 million two days after the price increase. The buyer purchased it with zero-down financing, according to deed records.

The lender foreclosed on the home in October. The bank resold it in April. The price: $640,000.

Lackner, the real estate appraiser, has unearthed about 1,500 such unusual sales in San Diego County. He began researching questionable real estate deals about a year ago after stumbling across some suspect, high-priced purchases.

“As an appraiser, I'm asked if properties in Mission Hills have decreased 50 percent in value like this one,” Lackner said. “My answer is no. This property was never worth $1.25 million.”

In San Diego County, home prices have tumbled 26.5 percent since their peak in November 2005, according to La Jolla-based DataQuick, a real estate research firm.

Buyers who lied about income or occupancy on loan applications also are contributing to the price plunge, said lawyer Ann Fulmer, a vice president with Atlanta-based Interthinx, which provides fraud-detection services to lenders. Today's tougher lending standards make it harder to fudge information when trying to refinance these loans, so the buyers are walking away in many cases, she said.

During the end of the housing boom – from 2006 to early 2007 – the climate was particularly sunny for these questionable transactions. No-documentation loans and stated-income “liar” loans were plentiful.

One scheme used during the boom years was cash back in which the buyer gets a kickback from the seller after the loan closes. Cash back is not illegal if everyone, including lenders, knows it's happening.

Cash-back schemes sometimes involve “straw buyers” – witting or unwitting accomplices whose names are used to purchase a home. If straw buyers know what's going on, they often get a fee.

In March 2006, Shamika Copenhagen purchased a $1.5 million home in Eastlake using zero-down financing, federal prosecutors said. Creative Financial Services of San Diego arranged the loan. The application claimed Copenhagen made $337,000 a year working for U.S. Mergers, a company prosecutors say “does not exist as a functioning entity.”
When the sale was completed, the lender paid Creative Financial $38,000 in commissions for arranging the loan.

The seller, however, also wrote a $200,000 check to Said Betech of Creative Financial, prosecutors said. The purpose of the $200,000 was not disclosed on any documents associated with the transaction, said Assistant U.S. Attorney Christopher Alexander, who is prosecuting Betech and several others in the case.

A couple of weeks later, one of Betech's colleagues at Creative Financial wrote a $15,000 check to Copenhagen, prosecutors say.

The lender foreclosed on the 3,800-square-foot house in March 2007. It sold a year later for $700,000.

Betech's lawyer could not be reached for comment; Copenhagen is not among those charged.
Federal prosecutors examined 21 suspicious home sales linked to Creative Financial. So far, 18 have been taken back by lenders or are in the process of foreclosure.

More arrests could be coming, police said. One case under investigation involves five condos in San Diego – three downtown, one in La Jolla and another in Rancho Santa Fe – that were purchased between May and October 2006 in the name of a Pennsylvania man for more than $3 million combined.

The unwitting buyer is a mechanic who lives in a manufactured home, police said. All of the condos have been foreclosed, and San Diego police have a suspect. The San Diego Union-Tribune is not using names because the investigation is continuing.

This sordid side of the housing meltdown is increasingly getting the attention of policymakers and law enforcement. A recent report by the Mortgage Bankers Association ranked California fourth nationally for incidents of mortgage fraud – behind Florida, Nevada and Michigan.

In part because the loans are big, losses related to real estate fraud amount to $6 billion a year, according to a study by BasePoint Analytics, a Carlsbad company that makes mortgage-fraud-detection software for lenders and investors in mortgage-backed securities.
“Looking back to 2004 when we got into it, it was seen as a pretty small problem” by the mortgage industry, said Frank McKenna, chief fraud strategist with BasePoint. “But at $6 billion a year, you're looking at something that's three times the size of credit card fraud.”

One in four Asian banks hit by online scam attempts – The Economic Times - 7 Jul 2008

SINGAPORE: More than 25 percent of banks in the Asia-Pacific region have been hit by attempts to steal online information over the last 12 months, but beefing up security is still not viewed as a prime concern, a study said on Monday.

The survey by security software specialist ReadiMinds was conducted by Web and telephone polls across 11 economies including Malaysia, Hong Kong, Bangladesh, Vietnam, Cambodia and Singapore.

In such internet scams, crooks typically pose as the websites of financial institutions and attempt to "phish" for information including user names and online banking passwords, the study said.

In most Asian countries, "regulations are still catching up with the strengthening of their online security regime," a ReadiMinds spokesman told The Business Times. "Asian countries with weaker regulatory frameworks have therefore attracted the extra attention of online fraudsters."

Singapore banks are the exception, fortifying their defences to counter the on slaught of new threats. Online security is still not regarded as a prime concern by the majority of the regional banks. Seventy-five percent of the respondents said they were not aware of the impact of cyber security on their operations.

More than 60 percent of the banks polled did not set aside a budget for online security, lumping it instead into the overall technology budget. Only 20 percent have adopted measures to strengthen internet-based transactions, the report said.

Underscoring the lax security stance, the survey found 80 percent of the banks queried have no formal plans for raising consumer awareness against threats such as identity theft and financial fraud. Individual country breakdowns were not revealed to protect the confidentiality of the banks involved.

Sunday, July 6, 2008

Hackers crack cash machine PIN codes to steal millions - business.timesonline.co.uk - 03 Jul 2008

Millions of bank customers face a new threat to their money after it emerged yesterday that hackers had cracked PIN codes used in cash machines.

Citibank machines in 7-Eleven convenience stores across America were the target of the biggest and most effective remote PIN code theft scam in US banking history between last autumn and this spring when at least $2 million (£1 million) was stolen.

Details of the fraud have only now been made public, as the case makes its way through the US District Court for the Southern District of New York.

The alleged hackers — Yuriy Rakushchynets, Ivan Biltse and Angelina Kitaeva — are accused of stealing at least $2 million through the PIN scam and have been indicted on two counts each of conspiracy and fraud. It is thought that a much larger sum of money might have already been transferred to Russian bank accounts — and there are suggestions that the actual hacking was performed by another party, with the defendants simplyThe ring-leader of the three suspects is Mr Rakushchynets, a 32-year-old Ukrainian and a regular contributor to underground online credit card fraud forums. When he was arrested by the FBI — he was already under investigation for his suspected role in a separate $5 million hacking scam — agents found $800,000 of cash at his Brooklyn home, most of it stuffed into rubbish bags.

PIN codes have always been the most closely guarded secrets in banking transactions, and the are supposed to be encrypted the very second they are tapped into a keypad. Until recently, it was virtually impossible to get at them without physically looking over someone’s shoulder as theypunched in their digits to withdraw money. Indeed, scams involving strategically placed mirrors or tiny video cameras have become something of a common threat for banks.

Other cash machine crime has involved fraudsters setting up fake keyboards to glean PINs — or, for less sophisticated criminals, simply crashing a car into the wall of a bank and hoping it breaks open the part of the cash machine where the banknotes are stored. PIN codes have also been obtained through so-called e-mail “phishing” scams.

But technology has changed over the past few years. The infrastructure is now built on Microsoft’s Windows operating system, and the cash machines themselves can be remotely diagnosed and repaired online. Unfortunately, this means that PIN codes have started to “leak” along the way — suggesting that industry guidelines on encryption are not always being followed.

“PINs were supposed be sacrosanct,” says Avivah Litan, a security analyst with the Gartner research firm. “What this shows is that PINs aren’t always encrypted like they’re supposed to be. The banks need much better fraud detection systems and much better authentication.”

So far it is not clear how many Citibank customers were affected by the hackers. The bank has nearly 5,700 Citibank-branded cash machines inside 7-Eleven stores, but it does not own or operate any of them. The maintenance of the machines is carried out by two companies: Cardtronics, based in Texas, and Fiserve, based in Wisconsin.

It remains unknown — or at least undisclosed — exactly how the hackers infiltrated the closely guarded computer network, although it has been confirmed that they broke in through a server at a third-party processing company, meaning they almost certainly did not have to go anywhere near a cash machine or a 7-Eleven store. Once they obtained the PIN codes, the hackers could then simply make blank cards and use them to withdraw funds from compromised accounts at virtually any cash machine in the country.

Don Jackson, director of threat intelligence for the computer security company SecureWorks, said he had seen an “alarming” spike in the number of attacks on back-end computers for cash machine networks over the past year.

“What makes this case unique is the sheer luck of happening upon these guys and catching them red-handed,” he said. “But there are a whole lot of other and PIN compromises going on that aren’t reported.”

Citibank has declined to comment on the details of the case, saying only that it has notified affected customers and issued them with new debit cards. “We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts,” it said in a statement. Cardtronics has said it is co-operating with authorities, while Fiserv insists the intrusion did not happen on any of its servers.

“Fiserv is confident in the integrity and security of our system,” said a spokeswoman.

using second-hand information to make cash withdrawals. The wording of the indictment against them is vague

By Chris Ayres

French bank fined $6m over fraud - kerelanext.com - 05 Jul 2008

PARIS: France's banking regulator yesterday fined Societe Generale four million euros ($6.3m) over "grave deficiencies" in its internal controls that enabled a massive rogue trade scandal at the bank.

The banking commission said it had also issued a formal warning to Societe Generale for failing to prevent the staggering losses of 4.9 billion euros, which it has blamed on 31-year-old trader Jerome Kerviel.

After interviewing representatives of the bank on June 20, the commission said it detected "grave deficiencies in the internal control system" that "made possible the development of the fraud and its serious financial consequences."

"The weaknesses brought to light, in particular the deficiencies in hierarchical controls, carried on over a long period, throughout 2007, without being detected or rectified by the internal control systems," it said.

One of France's big three banks, Societe Generale shocked the financial world in January by announcing the losses, incurred as it was forced to unwind more than 50bn euros of unauthorised deals Kerviel is said to have made.

Kerviel turned himself in to police on January 26, two days after the bank revealed the losses, and on January 28 was charged with breach of trust, fabricating documents and illegally accessing computers.

The trader is the only person charged over the biggest rogue trade scandal in banking history.

French bank fined $6m over fraud - kerelanext.com - 05 Jul 2008

Credit CardRacket Busted - Times of India - 03 Jul 2008

NEW DELHI: Three Nigerian nationals have been arrested by the police from South Extension market on Tuesday for allegedly running an international credit racket in the Capital. Seven cloned credit cards were seized from the accused, who used them to buy electronics and other goods from upscale markets in Delhi. More arrests in the racket are expected.

The crime branch stepped up action on receiving a complaint from a bank that a fake credit card is being used for purchase at a South Extension market. They later apprehended the suspects on Tuesday.

Interrogation of the accused revealed that they had been using fake credit cards to do shopping in Delhi. A S Cheema, DCP, (crime and railways), informed that, "the accused had procured the cards from a friend in Nigeria. A laptop and seven mobile phones were seized from them. The laptop contained data of about 200 international credit cards."

The police also seized three mobile phones which the accused had purchased using the fake credit cards. One of the mobiles had details of six credit cards in it. A police remand has been sought for further investigation.

Those arrested have been identified as Abayomi Anifowoshe (30), Evans Amathila Imadonmwinyi (32) and Bawwa (29). Police said Abayomi arrived in India in June 2008 in Mumbai for medical treatment of his wife who is yet to come to India.

He stayed in Mumbai with a friend for a week before coming to Delhi. He had been sharing a room with co-accused Bawwa at Arjun Nagar. Evans had been renting a place near Safadarjung airport. He came to India last year on a tourist visa. The third accused, Bawwa, came to India in March this year for a kidney surgery at Batra Hospital. "The three accused met through their contacts and received details of the credit cards through their contacts in Delhi," said a senior police officer.

Credit card fraud worth over Rs 25 lakh busted, 3 arrested - Expressindia.com - 01 Jul 2008

Mumbai, June 30 The Mumbai Police Crime Branch claims to have busted a credit card fraud worth over Rs 25 lakh after it arrested three accused who allegedly used credit card details of over 100 customers to purchase online airline tickets and mobile phone refills, and even to procure a bank loan.
The arrested accused have been identified as Sandeep Mullick (25), a resident of Mazgaon, and Shakeel Shaikh (23) and Mohammed Miya Umedin (27), both Sewri Cross Road residents. They were arrested by Unit 1 of the Crime Branch on June 20, and have been remanded to police custody till July 1. As per the police, the amount involved in the fraud is estimated to be between Rs 25 to 30 lakh.

According to the Crime Branch, Mullick was working as a courier boy for an agency called Supreet Data Tech Ltd., which was outsourced by Barclays Bank for credit card application procedures. "Customers would be contacted over the phone for credit cards or loans offered by Barclays Bank. Supreet Data Tech Ltd. is responsible for collecting the necessary documents provided by the applicants, who would also provide details of credit cards they already had in their name. Mullick would photocopy these documents, and hand them to the other two accused for a sum of Rs 200 per case. Shaikh and Umedin would then go to a cyber cafe and misuse these credit card details for online transactions. Barclays Bank and Supreet Data Tech Ltd. were not in the know about Mullick's illegal activities," said Joint Commissioner of Police (Crime) Rakesh Maria.

"Shaikh and Umedin used the credit card details to purchase 180 airline tickets online. These were domestic flights from Mumbai to Delhi, Jaipur, Lucknow and Rajkot. They also made about 300 transactions for mobile phone recharge ranging from Rs 201 to Rs 3,999. Finally, they also procured a loan of Rs 1.69 lakh from Citibank. The total fraud is estimated to be between Rs 25 to 30 lakh," said Maria.

The Crime Branch is now on the lookout for two more suspects in the case. "Mullick sold the details to four accused, two of whom have been arrested. He collected documents from 567 applicants, of which 125 had previous credit cards. Of the 180 airline tickets they bought, they used 84 for their personal use and sold the remaining. The total mobile phone refills amount to Rs 17,000. This racket has been on since December last year," said Senior Police Inspector Ramesh Mahale of Crime Branch Unit 1.

MPA to train cops to counter cyber crime - NDTV.com- 02 Jul 2008

Maharashtra Police Academy (MPA) has set up modern computer laboratories to train police officials in countering growing cyber crimes.

The Nasik-based MPA, which trains police officers and police sub inspectors, has set up two computer labs to train cops simultaneously in tackling cyber crimes.

MPA's deputy director Ritesh Kumar said that the police officers and staff from all over the state would be provided proper training as white-colored-crimes are on rise.

''Solving on line frauds such as phishing, purchasing on one's credit card illegally, hacking transactions through credit cards and threatening messages using e-mail were a challenge before police'', Ritesh Kumar added.

''Considering these facts, MPA has come up with modern computer labs and also included syllabus of computer-integrated police application in its training programme,'' Kumar said.

''The labs have 56 computers connected through a wireless system. So far 630 police officers and employees have been trained while officers from other departments would also be trained after the completion of third laboratory,'' he added.

FBI Investigating Major ATM Hacking Ring - lasvegasnow.com - 02 Jul 2008

The FBI has caught a group of cyber thieves who are accused of hacking into Citibank's ATM system and stealing millions from unsuspecting customers.

Metro Police says this crime proves even savvy consumers who guard their ATM cards can fall prey to the growing trend of cyber crime.

The FBI says the hackers would target Citibank ATM's inside 7-11 stores.

The bureau says the suspects didn't even have to touch the machines, they just hacked into the software system. When a customer would type in their pin, it would then transfer to the suspect's computers, allowing them to steal cash right from their accounts.

Citibank officials aren't saying how many customer accounts were compromised, but investigators believe the ATM hacking had been going on from October of 2007 to March of 2008. All affected customers have been notified.

Federal prosecutors in New York say a group of identity thieves were able you find a security hole in the ATM systems and steal the customers pin numbers. Officials say they got away with millions before the FBI finally caught up.

"If someone can access, what in theory should be an encrypted system and someone hacks into it, I can see how someone would feel uneasy about that," said Jacinto Rivera with Metro Police.

Officers warn people to stand guard when taking money from the ATM. But the latest case proves that looking over your shoulder just isn't good enough anymore.

"It makes me not want to use the ATM's at the convince stores," said Zachary Tawresey.

Tech savvy criminals are moving away from older methods and are infiltrating the machines operating system, leaving no sings of tampering. Investigators aren't saying how they did it.

"I feel a little safer by doing it at the bank because they have more control over technology," said Tawresey.

According to the Associated Press, that's not true. The banking industry has pushed for tougher encryption standards but some ATM operators aren't doing it properly.

There are more than 5,000 Citibank ATM's in 7-11's across the country including several here in the valley. Investigators believe the suspects got away with at least $2 million. All three have been charged with conspiracy and fraud.

Fraud Worries Spur New Security Efforts - investors.com - 01 July 2008

High-profile banking scandals, rising worries over fraud and a sluggish economy are spurring closer monitoring of financial transactions — and a flurry of new security products.

More than 80% of Americans in a recent Unisys poll are concerned about identity theft, more than a third extremely so.

In another survey commissioned by risk management software vendor Actimize — a unit of Nice Systems (NICE) — 85% of investment firms said they plan to change their internal risk-management controls in the wake of trading scandals at big banks.

Security firms aim to counter the threat with a slew products and services to fight fraud.

Economic pressures make fraud an especially timely worry, says Amir Orad, executive vice president at the New York company.

"People (including regulators) think that the issues in the marketplace right now are going to create opportunities for traders and other employees to do things they would not do otherwise," he said. "People are making much less money. They have a certain lifestyle they want to maintain. Sometimes they step outside their boundaries."

In a risk outlook for this year, the U.K.'s Financial Services Authority warned that increasing financial pressures on firms, employees and consumers could entice some to commit financial crime, including market abuse and fraud.

Citing greater regulatory pressure after the multibillion-dollar trading fraud uncovered at French bank Societe Generale, Actimize in May launched a system to watch for signs of employee misconduct .

The software resides on computers in a company's back office, monitoring various data sources in real time to look for unusual activity.

Orad says the product checks multiple systems, such as trading or reconciliation systems, in conjunction. So it has a better chance of detecting employees who try to cover their tracks by manipulating transactions across the different systems.

Orad says eight of the 10 largest U.S. investment banking firms use Actimize for trade surveillance, and dozens of institutions have expressed interest in the new product. Actimize's software usually costs institutions a sum in the high six figures to low seven figures.

Meanwhile, an anti-fraud program geared toward a wider corporate audience came out in May from security giant Symantec. (SYMC) Ten to 20 businesses are using Symantec Online Fraud Protection so far, with the strongest uptake among banks and other financial firms.

It's meant to guard against fraud at firms that perform large volumes of financial transactions. Symantec put together a suite of consulting and technical monitoring services for the program and can assign an expert-in-residence to help clients.

Financial firms' worries about phishing drove development of the plan, says Ted Donat, director of product management at Symantec's consulting unit.

Phishing involves tricking people into revealing their account info, often with an e-mail that directs them to log into a convincing-looking fake of their bank's Web site. A similar type of fraud, called pharming, exploits security weaknesses to redirect traffic from legitimate banking sites to fakes.

"When we come to a customer's site, we look at all the different elements of online fraud and come up with a business impact analysis — what is your dollar risk associated with phishing and pharming?" Donat said.

Symantec tailors a program to ensure customers' online authentication services are sufficient and call centers are ready to handle an influx of calls resulting from phishing attacks. The firm also may recommend 24-by-7 online monitoring.

The service includes checking for typo squatting — "setting up 'TedsBank.com' with a z instead of an s," he said — and looking out via hacker newsgroups online for early word of attacks. It blends in some other features too, including data-loss protections for missing laptops and the like, and "shutdown services" meant to speed the job of thwarting fraudulent sites.

"We have cease-and-desist letters in 15 different languages ready to go. We're able very quickly to get these things out to ISPs," Donat said, citing how Symantec's services helped a European bank cope with online fraud threats. "We were able to get these things (such as rogue sites) resolved 10 times faster."

In November, the Federal Trade Commission's "red flag" rules will kick in, requiring financial institutions to have an identity theft prevention program to mitigate identity theft for some kinds of accounts.

The business of data-loss protection specialist Verdasys, which counts more than 100 firms as customers, has been growing about 300% a year, according to Chief Executive Seth Birnbaum. He says clients are concentrated in insurance, finance, manufacturing and tech.

"Almost every company in the world has some demand for data-loss prevention," he said. "They have some information they want to protect better."

BY DONNA HOWELL

Thursday, July 17, 2008

Wednesday, July 16, 2008

Saturday, July 12, 2008

Wednesday, July 9, 2008

Sunday, July 6, 2008

Subscribe

Blogrolling

Blog Archive

About Me