Chinese girls talking about using SQL injections to serve malware and ARP spoofing, in between sharing do-it-yourself tutorials on XSS worms? Sexy. Scott Henderson at the Dark Visitor profiled a Chinese hacking group with female members only, discussing these very same topics :
“In the male dominated world of Chinese hackers, females find it difficult to be accepted as equals. Their technical skills are often viewed as inferior to their male counterparts. As far as I am aware, the first group of female Chinese hackers to break this mold were the Six Golden Flowers. The Golden Flowers have since broken up and gone their separate ways, but a new and larger group has taken their place, the Cn (China) Girl Security Team. The website for the China Girl Security Team was registered on 12 Mar 2007 and currently has 2,217 members. The leader of the group Xiao Tian, is only 19 years old”
What you should make distinction between are the hardcore Chinese hacktivists whose understanding of how to wage people’s information warfare was most recently demonstrated in the Ani-CNN campaign where they’ve managed to recruit hundreds of thousands of wannabe hacktivists for participating in the attacks, and the average script kiddies like these ladies localizing to Chinese well known security papers and actively promoting the download and use of hacking tools. Excluding the perspective that these very same “average script kiddies” turn into quite a threat when empowered, motivated, and coordinated, what are the chances we could witness a “cyberwar of the sexes” in the Chinese underground?
Saturday, May 31, 2008
4 arrested in ATM thefts, tampering - AZcentral.com - 30 May 2008
Scottsdale police arrested four people in connection with tricking automated teller machines at three luxury Scottsdale hotels into spitting out more than $100,000 to buy drugs and prostitutes.
Tinkering with computers' complex innards is a "more sophisticated way" of robbing ATMs said Jack Hudock, spokesman for the Arizona Department of Financial Institutions, which regulates banks.
About a year ago, thieves were stealing backhoes to dig out ATMS, and truck them to remote areas where they broke them open, Hudock said. Since then, banks have put them at more secure sites.
Video surveillance tapes helped nab the two men and two women in the hotel ATM heists.
"This was quite an extensive investigation," said Sgt. Mark Clark, a police spokesman.
The three hotels identified by police were: Scottsdale Marriott Suites, 7325 E. 3rd Ave.; Hilton Scottsdale Resort & Villas, 6333 N. Scottsdale Road; and Hyatt Regency Scottsdale, 7500 E. Doubletree Ranch Road.
Over the past three months, the suspects allegedly inserted a device into card readers of the hotel ATMs, Clark said. The thieves then used computer hacking skills to manipulate the ATMs' internal programming, causing the machines to spit out more money than it should have, he said.
The money was to be used for prostitutes and drugs, Clark said.
ATM technicians who serviced the machines discovered that the amount of missing money didn't square with receipts, he said.
Police identified those arrested and their pending charges:
• Onik J. Darmandzhyan, 32, of Glendale, for burglary, two counts of felony theft and dangerous drugs.
• Michael J. DeMatteo, 32, of Scottsdale, for two counts of felony theft.
• Tiffany L. McGrath, 24, of Peoria, for felony theft, computer tampering and identity theft.
• Alissa M. Kerr, 30, of Scottsdale, for dangerous drugs and drug paraphernalia.
Darmandzhyan and DeMatteo visited the Hilton several times over two or three weeks, Clark said.
About 3 a.m. on May 18, when the hotel was all but deserted, thieves loaded the Hilton's ATM onto a dolly and wheeled it into their truck. A security guard spotted them, described the truck and suspects to police, leading to their arrest. They were also caught on a surveillance tape.
The ATM was worth $4,650 and contained $7,840, according to a court document.
Police found a shattered ATM at DeMatteo's home, with a few thousand dollars still in it, Clark said.
Bank loses tapes with data on 4.5M clients - computerworld.com - 30 May 2008
Connecticut AG blasts BNY Mellon for failing to notify victims for three months
May 30, 2008 (Computerworld) Bank of New York Mellon Corp. officials last week confirmed that a box of unencrypted data storage tapes holding personal information of more than 4.5 million individuals was lost more than three months ago by a third-party vendor during transport to an off-site facility.
The bank informed the Connecticut State Attorney General's Office that the tapes belonging to its BNY Mellon Shareowner Services division were lost in transport by off-site storage firm Archive America on Feb. 27. The missing backup tapes include names, birth dates, Social Security numbers, and other information from customers of BNY Mellon and the People's United Bank in Bridgeport, Conn., according to a statement by Connecticut Attorney General Richard Blumenthal.
Archive America refused to comment about the missing backup tape, citing confidentiality agreements. A People's United Bank spokesman could not be reached for comment.
BNY Mellon Shareowner Services, which includes handling employee stock option plans, said that it has begun notifying affected clients. It contended that none of the unencrypted data has been accessed or used.
"We'd like to provide people with a more current characterization [of what happened], but we are not yet in a position to make that available," said BNY Mellon spokesman Ron Sommer. "Our intention is to make it available as soon as we can."
Blumenthal said that the bank's offer of a year of freed credit monitoring to those affected by the breach is "grossly inadequate." He also slammed the bank for not promptly notifying customers of the security breach.
"The loss of this tape — so far unrecovered and unremedied — is inexplicable and unacceptable," wrote Blumenthal. "I am especially concerned by the delay in informing customers, possibly heightening the risks of wrongdoing."
Blumenthal said that he is working with the New York and New Jersey attorneys general and the Connecticut Department of Consumer Protection to investigate the breach. Further, he said that he is pressing the bank to explain how some backup tapes disappeared while others on the same van arrived intact at the Archive America facility.
This week, a lawyer representing 40 affected individuals filed a class-action lawsuit against the New York bank in Connecticut Superior Court. Attorney Michael Stratton, who represents the plaintiffs, said he is seeking up to seven years of free credit monitoring and credit insurance for customers, along with unspecified damages.
"It's inconceivable to me that you have unencrypted data on tapes being transported and stored. I can't imagine why you wouldn't have a sophisticated encryption program to make it virtually impossible to break the code even if they were to become lost," remarked Stratton
Friday, May 30, 2008
Man promises fake bank loans, held - newindiapress.com - 30 May 2008
CHENNAI: City police arrested Victor Jeyakumar (35), of Adyar for allegedly cheating people of Rs 6 lakh after promising them loans from private banks.
According to the police, Victor Jeyakumar, who ran Countrywide Enterprises, placed advertisements in newspapers promising housing and personal loans for interested people.
Buelah and Chandrika of Red Hills and David Chandrasekar of Kelambakkam, who approached him, had to submit several documents and fish out money for application, processing and registration.
In a few days they were shown fake documents claiming that their loan had been approved and were asked to pay a token advance.Victor collected Rs 2.40 lakh from Buelah, Rs 3 lakh from Chandrika and Rs 16,000 from David Chandrasekar as advance payment and asked them to meet him after a few days.
When they approached him again, Victor beat around the bush, citing problems in their documents as the reason for the delay. But six months down the line the frustrated trio lodged a complaint with the City Police Commissioner.Acting on their complaints, a team leaded by Assistant Commissioner Sridhar and Inspector Ashokan called in Victor for interrogation.
ATM fraud: man arrested - Kerelanext.com - 30 May 2008
NEW DELHI: Delhi Police arrested a person for allegedly withdrawing around Rs 3 lakhs in a fraudulent manner from an ATM in West Delhi.
Ranjit Chudhary, on the pretext of helping people, used to withdraw money from their ATM card and executed money transactions in their absence, police said.
He was arrested after one of the victims caught him red handed while withdrawing money from his ATM card. The police has recovered two laptops and one motorcycle from his possession. A case of cheating has been registered against him, they said.
Ranjit Chudhary, on the pretext of helping people, used to withdraw money from their ATM card and executed money transactions in their absence, police said.
He was arrested after one of the victims caught him red handed while withdrawing money from his ATM card. The police has recovered two laptops and one motorcycle from his possession. A case of cheating has been registered against him, they said.
Arab press homepages hacked over distortion of Persian Gulf name - Asia Iran ICT - 29 May 2008
An Iranian hacking team has hacked about 100 Arab websites, including key Arab government, university and company websites to protest the change of the name of Persian Gulf into 'Arabian Gulf, said an Iranian hacking team director in southern province of Yazd.
Director of an Iranian group, who call themselves the 'Mafia Hacking Team', Behrouz Kamalian told on Tuesday that his team had posted a map with the message with 'The correct name is Persian Gulf' written across the top on homepages of newspapers from Saudi Arabia, the UAE, Bahrain, Oman and Iraq.
Kamalian said his team had hacked the websites to condemn the change in the historical name and its replacement with a forged name on the websites.
"In the hacking, a new homepage was added to the websites with the name of Persian Gulf on it," he added.
Leading Arab press websites, i.e. the websites of the UAE's Al-Khaleej newspaper, of the Arab League Gulf, of Iraq's Higher Education Ministry, of the UAE's Abu Dhabi Police Office, of Saudi Arabia's Mayadin University, of the UAE's People's Board, and of Oman's Gas Company, were hacked to protest the waterway being called the 'Arabian', instead of its authentic name Persian Gulf.
The main page of the websites was replaced with a substitute page carrying a message and picture. The text on the site reads: 'The correct name is Persian Gulf, which always has been, and will always remain, Persian.'Below it was an image that seemed like the hacker's trademark, carrying his name before a map of Iran, with the 'Arabian Gulf' labeled as Persian.The incident comes just weeks after Iranians rallied outside the UAE Embassy in Tehran to demand the waterway be called the Persian, and not the spurious 'Arabian', Gulf. --IRNA
Comcast Hijackers Say They Warned the Company First - Wired blog Network
The computer attackers who took down Comcast's homepage and webmail service for over five hours Thursday say they didn't know what they were getting themselves into.In an hour-long telephone conference call with Threat Level, the hackers known as "Defiant" and "EBK" expressed astonishment over the attention their DNS hijacking has garnered. In the call, the pair bounded freely between jubilant excitement over the impact of their attack, and fatalism that they would soon be arrested for it.
"The situation has kind of blown up here, a lot bigger than I thought it would," says Defiant, a 19-year-old man whose first name is James. "I wish I was a minor right now because this is going to be really bad."
The two hackers are members of the underground group Kryogeniks. The interview was arranged by Mike "Virus" Neives, an 18-year-old New Yorker who pleaded guilty as a minor last year to hacking AOL. Neives, who was on the call, is also a member of Kryogeniks, though he and his compatriots say he's stopped hacking.
Neives vouched for the identities of the hackers. Threat Level also confirmed Defiant's identity over AOL instant messenger, on a handle that's known to belong to Defiant.
Neither hacker would identify their full names or locations. Defiant's MySpace profile lists him in Cashville, Tennessee, but he says that's incorrect. His girlfriend lists herself in New York. Threat Level expects both hackers' names and locations will emerge shortly.
The hackers say the attack began Tuesday, when the pair used a combination of social engineering and a technical hack to get into Comcast's domain management console at Network Solutions. They declined to detail their technique, but said it relied on a flaw at the Virginia-based domain registrar.
Network Solutions spokeswoman Susan Wade disputes the hackers' account. "We now know that it was nothing on our end," she says. "There was no breach in our system or social engineering situation on our end."
However they got in, the intrusion gave the pair control of over 200 domain names owned by Comcast. They changed the contact information for one of them, Comcast.net, to Defiant's e-mail address; for the street address, they used the "Dildo Room" at "69 Dick Tard Lane."
Comcast, they said, noticed the administrative transfer and wrested back control, forcing the hackers to repeat the exploit to regain ownership of the domain. Then, they say, they contacted Comcast's original technical contact at his home number to tell him what they'd done.
Comcast, they said, noticed the administrative transfer and wrested back control, forcing the hackers to repeat the exploit to regain ownership of the domain. Then, they say, they contacted Comcast's original technical contact at his home number to tell him what they'd done.
When the Comcast manager scoffed at their claim and hung up on them, 18-year-old EBK decided to take the more drastic measure of redirecting the site's traffic to servers under their control. (Comcast would neither confirm nor deny the warning phone call.)
"If he wasn't such a prick, he could have avoided all of that," says EBK. "I wasn't even really thinking. Plus, I'm just so mad at Comcast. I'm tired of their shitty service."
"They called me back five minutes later and said, 'We got Comcast'," recalls Neives.
The defacement message was short and simple: "KRYOGENICS Defiant and EBK RoXed Comcast," it read. "sHouTz to VIRUS Warlock elul21 coll1er seven."
The defacement message was short and simple: "KRYOGENICS Defiant and EBK RoXed Comcast," it read. "sHouTz to VIRUS Warlock elul21 coll1er seven."
Comcast boasts 14 million subscribers nationwide, and handling the massive traffic aimed at Comcast.net was no easy task. The hackers stayed up most of the night opening new webhosting accounts, and constantly moving the DNS to follow them. In all, they claim, they burned through 50 different hosts to keep their defacement alive. "You know how hard it is to find hosting handling that kind of traffic?" says EBK "The first one went in two minutes."
The attack began at around 11:00 p.m. eastern time, and the hackers owned Comcast.net until four or five in the morning. Even when Comcast regained control, it took hours longer for the change to fully propagate through the DNS, leaving some customers without webmail access as late as 11:30 Thursday morning.
EBK slept for an hour Wednesday night; Defiant for 20 minutes. Even as the attack was in progress, the hackers began to feel the weight of their actions. Both say they've been raided by law enforcement before. "I slept in my clothes, because the last time they came, I was in my underwear with my dong hanging out and shit," says Defiant.
"I feel like he did it for the publicity," says Luis "Auto" Alicea, a former member of Kryogeniks, who runs a website hosting screenshots of hacks in progress. "The fame."
Defiant began hacking about three years ago, when he was kicked out of high school for possession of narcotics at the age of 16. "I wound up assaulting the school resource office," he says. He entered a home schooling program, but didn't take to it, and gravitated to the internet. There he "bumped into the wrong people."
EBK, too, says he dropped out of high school.
Thursday, the pair were dealing with their newfound fame, laughing over the press coverage with a mix of glee and nervous excitement. Some reports have speculated that the hackers were retaliating for Comcast's recent sabotage of BitTorrent traffic; Defiant and EBK say that's false: they just hate Comcast in general. "I'm sure they hate us too," says Defiant.
"Comcast is just a huge corporation, and we wanted to take them out, and we did," he says.
Fellow hackers, relying on press reports claiming that customer data may have been compromised, are hitting up the duo for passwords to Comcast e-mail accounts, which they say they don't have. "Nobody was listening in on the ports to try and get usernames and password," says Defiant. "We could have, but we didn't." (On this point, Comcast and the hackers agree).
The hackers say the flaw they exploited still exists, and that other large websites are equally vulnerable. Asked if they plan to attack anyone else, EBK says, "Who knows. Only Kryogeniks knows"
The elder hacker in the team says he was reluctant to use his access to take over Comcast.net, and emphasizes that the pair tried to warn Comcast about the flaw.
"I was trying to say we shouldn't do this the whole damn time," says Defiant.
"But once we were in," adds EBK, "it was, like, F**K it."
Arco debit-card scams in San Jose, Los Altos linked to statewide ring - MercuryNews.com - 29 May 2008
A group of high-tech thieves who police believe stole bank card information from consumers at gas stations in South San Jose and Los Altos are likely the same group that has been targeting Arco stations statewide, the Mercury News has learned.
Los Altos detective Wes Beveridge, who has been involved with the case since thieves made off with about $100,000 from more than 80 customers at a Los Altos Arco station in March, said the group has also hit Arco stations in southern and central California.
"I've been in contact with five different agencies, including the FBI, to try to track the whereaabouts of these people," said Beveridge, who spoke with San Jose detectives about the case. "In each of these cases, the photos we have match the photos they have as well."
In each case, the victims used debit cards to buy gas at Arco stations, which only accepts debit cards. Thieves attached a card-reading device to the payment machine's keypad that allows them to steal bank card numbers and personal identification codes.
San Jose police first received reports of the thefts Monday night, when a San Jose couple realized three separate $500 withdrawals had been made during Memorial Day weekend. Police traced the thefts to the Arco gas station at 5755 Camden Avenue.
San Jose police say the number of victims is now approaching 80 and estimate the thieves have withdrawn $45,000 from Bay Area banks so far. San Jose police expect those numbers to grow-the skimming machines were in place for about one month - and investigators are still in the process of confirming dollar amounts.
"ATMs are a cash-only business," San Jose police detective Patrick Ward said. "They can get straight up cash, as opposed to buying" merchandise with a stolen credit card.
The practice of card "skimming" works like this: Thieves glue a card-reading device on the front of the Arco payment machine. The carefully positioned device can be difficult to detect.
"I defy anybody to tell me they would have noticed it," Beveridge said.
Every time a customer swipes a card, the skimming device transmits the information instantly to a computer nearby, or at other times, thieves come back and retrieve the tiny device.
Thieves then used cloned bank cards - any card with a magnetic strip, including already used gift cards will work - and go on a withdrawal spree.
In Los Altos, thieves made most of their withdrawals on a weekend, and spent a couple of weekdays in the area before moving on. In some cases, Beveridge said bank photos show thieves making five different transactions in a span of five minutes.
"They go where they know people aren't going to be around when they do remove funds," Beveridge said.
Beveridge has contacted the FBI in hopes of creating a task force aimed at catching the high-tech thieves.
"The more they do, the more likely they will screw up," Beveridge said. "The more crimes they commit, the more information we have and then the more likely we are to catch them and get a conviction."
In a separate case, more than 200 shoppers had their debit card information stolen after swiping their cards at a Lunardi's Supermarket in Los Gatos.
"You have very ingenious people who are doing these things because the rate of return is so high," Adam Levin, chairman of Identity Theft 911, an Arizona company that works with banks and institutions to resolve cases of identity theft, told the Mercury News earlier this month. "It happens all over the U.S., and it happens almost every day unfortunately."
By Mark GomezData theft, web attacks nightmare for IT heads: Survey - The Econimic Times - 29 May 2008
NEW DELHI: It is insider threats and emerging web-based attacks that are presenting nightmares for directors of IT firms than just the hacking menace, reveals a recent survey.
More than 80 per cent of the 103 IT directors surveyed felt that insider threats which are defined as either unintentional data leakage or deliberate data theft, as the biggest problem to their respective organisations.
According to the survey conducted by US-listed Secure Computing Corporation, only less than one in five respondents said that external threats posed by hackers are more dangerous.
About 37 per cent of the respondents had experienced leakage of sensitive information in the past year. Further, internal security is found to be the top priority for the directors.
The survey was conducted among senior attendees at the Infosecurity Europe exhibition last month. Among the respondents, 34 per cent said e-mail is the biggest current security threat, followed by Voice over IP (25 per cent) and web surfing (21 per cent).
However, four in five directors surveyed felt that they could be better prepared for web-borne threats. In terms of external threats, malware is found to be the major headache for about 56 per cent of the directors whereas only 22 per cent are concerned about hacking. Moreover, 31 per cent of the respondents felt that viruses pose a big threat followed by spam (18 per cent) and data leaks (14 per cent). The survey showed that the biggest budgets would be spent on strengthening internal security, with 35 per cent of IT directors identifying it as their priority for planned investment.
Fraud crimes will be a thing of past if banks exploit KEY and PIN system - ZDnet.co.uk - 29 May 2008
These details show that banks have option to reduce all fraud crimes to virtually ZERO simply by exploiting KEY and PIN system.
Fraud crimes will continue to grow until banks exploit KEY and PIN system described on website www.xwave.co.uk which will make both signature and PIN systems reliable and foolproof. This system will eliminate the need for us to protect our personal and PIN details since fraudsters will not get tempted to misuse them.
KEY and PIN system could be treated like international ID card since it will personalise signature and PIN to the right individual in any country in the world.
Fraud crimes will be a thing of past if banks and the government exploit KEY and PIN system.
Africa: Continent Must Unite in Fighting Economic Crimes - BuaNews (Tshwane) - 28 May 2008
A network of African countries, where information and knowledge is shared between law enforcement agencies, would help to solve financial crimes and open up economic opportunities for the continent, says Acting National Director of Prosecutions Mokotedi Mpshe.
He said African countries should see the criminal justice system as not only prosecuting criminals involved in crimes such as trafficking, but also ending illegal activities which hamper the economy.
"This will attract foreign investors while creating more jobs," said Mr Mpshe while addressing delegates at the Africa Conference on Economic Crime on Wednesday.
Mr Mpshe said economic crimes would be re-examined and the conference would come up with a clear mandate on how to tackle such crimes, something which will be of great benefit to South Africa.
"Although we have good units within the National Prosecuting Authority (NPA), there is a need to always re-look at our strategies and point out the necessary issues which need to be re-enforced while evaluating the progress."
He urged countries, especially those in the South African Development Community (SADC) to fight narcotic trafficking and money laundering."I believe the deliberations will enable us to make good strides as these act are not just criminally perceived, but also pose business risk," said Mr Mpshe.
He said he had no doubts about the excellent work carried out by different units within his institution so far, adding that the NPA had a strategic role to play in driving back crime to acceptable levels.
"We have already developed a 2020 strategy, set standards in fighting economic crimes and the organisation has so in the right track," said Mr Mpshe.
The NPA's Specialised Commercial Crimes Unit (SCCU) which specifically deals with complex commercial crime cases, has so far dealt with 3 500 cases and has been doing excellent job, he said.
The Asset Forfeiture Unit (AFU) has between 2006 and 2007 continued its upward trend, tackling 252 cases and seized R1.25 billion.
The Directorate of Special Operations, responsible for individual prosecution of organised crime, has been concentrating more resources on combating economic crimes and targeting top-end perpetrators.
"Again the strategy we used worked well for the organisation with major levels of success."
Commenting on the application to stop legislation being passed that will see the NPA, or Scorpions, from being disbanded which was turned down in the Pretoria High Court on Wednesday morning, Mr Mpshe said government's intention was to come up with an elite unit with necessary capacity while strengthening ways of fighting organised crime.
I advocate for the merging of Scorpions and the police to be given a chance, he said, adding that we should wait and judge the results.
Judge Willie van der Merwe ruled that the court did not have the jurisdiction to grant such an order as it has not enough jurisdiction to interfere with the decision to incorporate the Scorpions with the police.
The General Law Amendment Bill and the National Prosecuting Amendment Bill are due to be tabled in Parliament.
The two bills are set to pave the way for the formation of a new unit incorporating parts of the Scorpions and the police's Organised Crime Unit.
President Thabo Mbeki appointed the Khampepe Commission of Inquiry in 2006, headed by Judge Sisi Khampepe, to review the mandate of the Directorate of Special Operations (known as the Scorpions) as well as its location.
The report was never intended to be released publicly and President Mbeki only took the decision to release it in February.
He said the decision was taken to release the report at the same time as the tabling of the two Bills to Parliament so that it could form part of what people based their decisions on.
The report reveals that the location of the DSO is not unconstitutional, but it however noted some concerns over the size and operating methods of the unit.
Mr Mpshe noted that there were some issues which seem to have caused tension within the members of the public regarding Scorpions and police.
"The public has the right and ought to know what is happening within the NPA, we are currently putting together a statement which will soon be sent to the public on the unit's programme of action," said Mr Mpshe.
State Street says personal data has been stolen - money.cnn.com - 29 May 2008
State Street warns former employees, customers of Investors Financial Services data was stolen
NEW YORK (Associated Press) - Financial services firm State Street Corp. said Thursday the personal data of some employees and customers of Investors Financial Services was stolen from a vendor's facility, but there is no evidence data has been used.
State Street acquired Investors Financial Services, a provider of investment services to hedge funds, in July 2007.
Customers and employees of Investors Financial Services are being notified of the data breach, and State Street set up a page on its Web site to provide customers and employees more information.
State Street said it will provide those with data stolen free credit monitoring services for two years.
Did Chinese Hackers Cause US Blackouts? - marcambinder.theatlantic.com - 29 May 2008
National Journal's Shane Harris has reliable, knowledgeable sources who believe that the answer is yes:
Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.
One prominent expert told National Journal he believes that China’s People’s Liberation Army played a role in the power outages. Tim Bennett, the former president of the Cyber Security Industry Alliance, a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States. The intelligence officials said that forensic analysis had confirmed the source, Bennett said. “They said that, with confidence, it had been traced back to the PLA.” These officials believe that the intrusion may have precipitated the largest blackout in North American history, which occurred in August of that year. A 9,300-square-mile area, touching Michigan, Ohio, New York, and parts of Canada, lost power; an estimated 50 million people were affected.
Officially, the blackout was attributed to a variety of factors, none of which involved foreign intervention. Investigators blamed “overgrown trees” that came into contact with strained high-voltage lines near facilities in Ohio owned by FirstEnergy Corp. More than 100 power plants were shut down during the cascading failure. A computer virus, then in wide circulation, disrupted the communications lines that utility companies use to manage the power grid, and this exacerbated the problem. The blackout prompted President Bush to address the nation the day it happened. Power was mostly restored within 24 hours.
There has never been an official U.S. government assertion of Chinese involvement in the outage, but intelligence and other government officials contacted for this story did not explicitly rule out a Chinese role. One security analyst in the private sector with close ties to the intelligence community said that some senior intelligence officials believe that China played a role in the 2003 blackout that is still not fully understood.
Computer hackers in China, including those working on behalf of the Chinese government and military, have penetrated deeply into the information systems of U.S. companies and government agencies, stolen proprietary information from American executives in advance of their business meetings in China, and, in a few cases, gained access to electric power plants in the United States, possibly triggering two recent and widespread blackouts in Florida and the Northeast, according to U.S. government officials and computer-security experts.
One prominent expert told National Journal he believes that China’s People’s Liberation Army played a role in the power outages. Tim Bennett, the former president of the Cyber Security Industry Alliance, a leading trade group, said that U.S. intelligence officials have told him that the PLA in 2003 gained access to a network that controlled electric power systems serving the northeastern United States. The intelligence officials said that forensic analysis had confirmed the source, Bennett said. “They said that, with confidence, it had been traced back to the PLA.” These officials believe that the intrusion may have precipitated the largest blackout in North American history, which occurred in August of that year. A 9,300-square-mile area, touching Michigan, Ohio, New York, and parts of Canada, lost power; an estimated 50 million people were affected.
Officially, the blackout was attributed to a variety of factors, none of which involved foreign intervention. Investigators blamed “overgrown trees” that came into contact with strained high-voltage lines near facilities in Ohio owned by FirstEnergy Corp. More than 100 power plants were shut down during the cascading failure. A computer virus, then in wide circulation, disrupted the communications lines that utility companies use to manage the power grid, and this exacerbated the problem. The blackout prompted President Bush to address the nation the day it happened. Power was mostly restored within 24 hours.
There has never been an official U.S. government assertion of Chinese involvement in the outage, but intelligence and other government officials contacted for this story did not explicitly rule out a Chinese role. One security analyst in the private sector with close ties to the intelligence community said that some senior intelligence officials believe that China played a role in the 2003 blackout that is still not fully understood.
Thursday, May 29, 2008
China warns against Olympics scams - Zeenews.com - 29 May 2008
Beijing, May 29: Tricksters are setting up fake Olympic ticket websites, selling Olympic bonds that do not exist and running fraudulent Olympic-linked competitions, state media said on Thursday, warning people not to be taken in.
There were eight common Olympic-themed frauds, the official news agency said.
In one, text massages are sent out claming the recipient has won a prize from the Beijing Games organisers, but then the person is told they have to pay tax upfront to get the prize, the news agency said.
In another, people are told that a warehouse containing Olympic medals caught fire and several medals are missing, but that the government was offering rewards for their return, though the report did not explain exactly how the fraud was carried out.
A third involves the setting up of a fake Olympic ticket website which offers to sell unclaimed pre-booked or reserved tickets, and a fourth offers to sell special Olympic bonds or financial funds."
They spin a web of lies to tempt and deceive people, and carry out their frauds by taking advantage of victims` desire for a small gain," the news agency said.Police are warning people to be cautious and not to let their guard down, the report added.
There were eight common Olympic-themed frauds, the official news agency said.
In one, text massages are sent out claming the recipient has won a prize from the Beijing Games organisers, but then the person is told they have to pay tax upfront to get the prize, the news agency said.
In another, people are told that a warehouse containing Olympic medals caught fire and several medals are missing, but that the government was offering rewards for their return, though the report did not explain exactly how the fraud was carried out.
A third involves the setting up of a fake Olympic ticket website which offers to sell unclaimed pre-booked or reserved tickets, and a fourth offers to sell special Olympic bonds or financial funds."
They spin a web of lies to tempt and deceive people, and carry out their frauds by taking advantage of victims` desire for a small gain," the news agency said.Police are warning people to be cautious and not to let their guard down, the report added.
Symantec launches online fraud protection for companies - Kerelanext.com - 29 May 2008
MUMBAI: Global IT security provider Symantec Corporation launched online fraud protection programme to protect businesses, especially banks, from online threats emanating from phishing attacks on end-users.
Phishing refers to an online attempt to fraudulently acquire sensitive information such as passwords and credit card details by masquerading as a trustworthy entity.
Symantec Online Fraud Protection Programme will allow companies to shield their customers, carrying out online financial transactions, from such attacks by educating them and also rapidly responding against phishing, malware and fraudulent transaction activities.
The programme will also include an expert resident who would work with the in-house staff to provide security expertise. "By helping their customers safely conduct transactions online, businesses can boost customer loyalty, minimise financial loss and legal exposure and reduce risks to their corporate brand," a release here stated.
The latest Internet Security Threat Report (ISTR) released by Symantec in April has found that 80 per cent of brands targeted by phishing attacks were in the financial sector, Symantec Senior VP Anil Chakravarthy said. In India too, in the last six months of 2007, Symantec observed 345 unique phishing URLs hosted in India and about 400 attacks on reputable Indian banks.
Phishing refers to an online attempt to fraudulently acquire sensitive information such as passwords and credit card details by masquerading as a trustworthy entity.
Symantec Online Fraud Protection Programme will allow companies to shield their customers, carrying out online financial transactions, from such attacks by educating them and also rapidly responding against phishing, malware and fraudulent transaction activities.
The programme will also include an expert resident who would work with the in-house staff to provide security expertise. "By helping their customers safely conduct transactions online, businesses can boost customer loyalty, minimise financial loss and legal exposure and reduce risks to their corporate brand," a release here stated.
The latest Internet Security Threat Report (ISTR) released by Symantec in April has found that 80 per cent of brands targeted by phishing attacks were in the financial sector, Symantec Senior VP Anil Chakravarthy said. In India too, in the last six months of 2007, Symantec observed 345 unique phishing URLs hosted in India and about 400 attacks on reputable Indian banks.
Police say banks not reporting cybercrime in effort to protect image - Yahoo News - 29 May 2008
MONTREAL - Online banking and other Internet transactions may not be as secure as many Canadians believe, say law-enforcement officials who accuse financial institutions of under-reporting cybercrime.
Fraud investigators say they are worried publicity-shy private-sector organizations like banks avoid telling police when cybercriminals strike.
"Banks are often victims and we know that they only declare very few of the crimes committed against them," said Yves Francoeur, who heads the Montreal police brotherhood.
The RCMP's anti-fraud centre has tried to push the financial sector to be more up front with authorities.
But they claim the major players in the industry fear their reputations will be tarnished by having embarrassing cases such as identity theft exposed in public.
"It's all about image," said Cpl. Louis Robertson. "It's not in their best interests to do this."
The Mounties believe the $35 million of mass-market fraud reported in 2007 represents at most 10 per cent of all incidents.
"If we extrapolate, we are looking at, minimum, $500 million a year," Robertson said, noting the figure does not include losses stemming from identity theft.
"It's really hard to give a definite picture of the problem to our MPs and the powers in Ottawa when you don't even have a clear picture yourself."
Criminals make use of phishing e-mails and other forms of social engineering technology to steal personal information, which can in turn be used to defraud retailers and financial institutions.
Social engineering fraudsters work from the belief that its easier to trick someone into giving up information than to steal it from them.
Phishing, for example, fools consumers into providing sensitive information by making an e-mail seem to come from a bank or credit card company.
The Canadian Bankers Association denies its members have been reticent to reports such incidents to police.
"We have to all work together to fight a lot of this crime," said association spokeswoman Maura Drew-Lytle. "Banks co-operate with police across the country."
Yet the problem of under-reporting cybercrime is considered serious enough that the Canadian Association of Police Boards has approached the bankers association about developing an anonymous reporting mechanism.
"Even companies that aren't reporting said we need a confidential mechanism to report," said Canadian Association of Police Boards president Ian Wilms.
"What they told us is that reputational risk is their biggest concern."
A recent report on cybercrime by the association of police boards cited the need for mandatory reporting of economic cyber-security incidents.
Without an accurate handle on the extent to which financial institutions are victimized, few police forces are willing to dedicate the resources needed to fight financial forms of cybercrime.
Of the 62,000 police officers in Canada, only about 250 are tasked with cybercrime, usually with a focus on child pornography.
"We have priorities and if we look at the order of these priorities, financial institutions are at the bottom," said Christian Emond, an officer with the Montreal police's economic crimes unit.
Street gangs, organized crime and terrorism top the force's list of eight priorities.
"When you get the eighth spot, the resources accorded are going to be limited," Emond said.
And yet there are several indications that electronic forms of bank fraud and identity theft are getting worse.
Interac, which links bank machines and debit terminals across Canada, pegged 2007 losses from debit card skimming at $106.8 million, up from $94.6 million a year earlier and $44 million in 2003.
"Certainly the losses are increasing, but so are our efforts to fight it," Drew-Lytle said.
Most consumers have been shielded from the effects of increased cybercrime thanks to client-friendly policies at many banks. The $106.8 million taken from debit-card users last year was all reimbursed.
But some wonder how much longer financial institutions will be able to absorb these costs given rapidly rising rates of cybercriminality.
"Those industries that have been hit are sucking up their losses as the cost of doing business," Wilms said.
"As this grows, perhaps you'll see a behavioural change, and you'll be responsible for your own account."
Fraud investigators say they are worried publicity-shy private-sector organizations like banks avoid telling police when cybercriminals strike.
"Banks are often victims and we know that they only declare very few of the crimes committed against them," said Yves Francoeur, who heads the Montreal police brotherhood.
The RCMP's anti-fraud centre has tried to push the financial sector to be more up front with authorities.
But they claim the major players in the industry fear their reputations will be tarnished by having embarrassing cases such as identity theft exposed in public.
"It's all about image," said Cpl. Louis Robertson. "It's not in their best interests to do this."
The Mounties believe the $35 million of mass-market fraud reported in 2007 represents at most 10 per cent of all incidents.
"If we extrapolate, we are looking at, minimum, $500 million a year," Robertson said, noting the figure does not include losses stemming from identity theft.
"It's really hard to give a definite picture of the problem to our MPs and the powers in Ottawa when you don't even have a clear picture yourself."
Criminals make use of phishing e-mails and other forms of social engineering technology to steal personal information, which can in turn be used to defraud retailers and financial institutions.
Social engineering fraudsters work from the belief that its easier to trick someone into giving up information than to steal it from them.
Phishing, for example, fools consumers into providing sensitive information by making an e-mail seem to come from a bank or credit card company.
The Canadian Bankers Association denies its members have been reticent to reports such incidents to police.
"We have to all work together to fight a lot of this crime," said association spokeswoman Maura Drew-Lytle. "Banks co-operate with police across the country."
Yet the problem of under-reporting cybercrime is considered serious enough that the Canadian Association of Police Boards has approached the bankers association about developing an anonymous reporting mechanism.
"Even companies that aren't reporting said we need a confidential mechanism to report," said Canadian Association of Police Boards president Ian Wilms.
"What they told us is that reputational risk is their biggest concern."
A recent report on cybercrime by the association of police boards cited the need for mandatory reporting of economic cyber-security incidents.
Without an accurate handle on the extent to which financial institutions are victimized, few police forces are willing to dedicate the resources needed to fight financial forms of cybercrime.
Of the 62,000 police officers in Canada, only about 250 are tasked with cybercrime, usually with a focus on child pornography.
"We have priorities and if we look at the order of these priorities, financial institutions are at the bottom," said Christian Emond, an officer with the Montreal police's economic crimes unit.
Street gangs, organized crime and terrorism top the force's list of eight priorities.
"When you get the eighth spot, the resources accorded are going to be limited," Emond said.
And yet there are several indications that electronic forms of bank fraud and identity theft are getting worse.
Interac, which links bank machines and debit terminals across Canada, pegged 2007 losses from debit card skimming at $106.8 million, up from $94.6 million a year earlier and $44 million in 2003.
"Certainly the losses are increasing, but so are our efforts to fight it," Drew-Lytle said.
Most consumers have been shielded from the effects of increased cybercrime thanks to client-friendly policies at many banks. The $106.8 million taken from debit-card users last year was all reimbursed.
But some wonder how much longer financial institutions will be able to absorb these costs given rapidly rising rates of cybercriminality.
"Those industries that have been hit are sucking up their losses as the cost of doing business," Wilms said.
"As this grows, perhaps you'll see a behavioural change, and you'll be responsible for your own account."
Beijing-based Tibet dissident writer comes under cyber-attack -Chinapost.com - 29 May 2009
BEIJING -- A Beijing-based Tibetan dissident writer who has been writing about the unrest there has come under cyber-attack to silence her, and possibly implicate her associates, her husband and activists said on Wednesday.
Hackers stole Woeser's Skype identity on Tuesday and impersonated her in instant message exchanges with her Skype contacts, apparently to trick her 170-odd contacts into revealing politically sensitive information which could then be used to trump up charges against them, Wang Lixiong told Reuters
"It's a trap ... It's a big threat to Woeser, but it's an ever bigger threat to her friends," Wang, author of the 1990s bestseller "Yellow Peril", said by telephone
Skype, which allows users to make telephone calls over the Internet from their computers to other Skype users free of charge, is popular among Chinese dissidents because they believe such calls cannot be monitored by the intelligence apparatus.
"My password has been changed and I can no longer log in ... The hijacker has begun to make contact with people in my account," Woeser said in a statement.
Woeser, 41, who uses the name "Degewa" on Skype, has been under intermittent police surveillance since rioting erupted in the predominantly Buddhist region of Tibet in March.
Beijing police have warned Woeser to stop writing about Tibet. Her books are banned in China.
Kate Woznow, campaigns director of New York-based Students for a Free Tibet, described Woeser as a "lone voice" among Tibetans in China reporting on recent protests.
Hackers also hijacked Woeser's blog http://woeser.middle-way.net/, removed its content and left an animation of China's five-star national flag fluttering below the headline: "Long Live the People's Republic of China! Down with all Tibetan independence elements!!!"
The Red Hackers' Alliance, a group of nationalistic hackers, claimed responsibility for the attack.
Hackers also posted a picture of Woeser which they stole from her computer with a caption reading: "Can everybody please remember the stinking face of Tibetan separatist Woeser below. Whoever sees her, beat her hard like a dog in the water (bad person)."
Before the attack, Woeser's blog had closely followed unrest in Tibet and Tibetan populated areas in nearby Chinese provinces. Her blog is hosted abroad and outside China's firewall.
Hackers stole Woeser's Skype identity on Tuesday and impersonated her in instant message exchanges with her Skype contacts, apparently to trick her 170-odd contacts into revealing politically sensitive information which could then be used to trump up charges against them, Wang Lixiong told Reuters
"It's a trap ... It's a big threat to Woeser, but it's an ever bigger threat to her friends," Wang, author of the 1990s bestseller "Yellow Peril", said by telephone
Skype, which allows users to make telephone calls over the Internet from their computers to other Skype users free of charge, is popular among Chinese dissidents because they believe such calls cannot be monitored by the intelligence apparatus.
"My password has been changed and I can no longer log in ... The hijacker has begun to make contact with people in my account," Woeser said in a statement.
Woeser, 41, who uses the name "Degewa" on Skype, has been under intermittent police surveillance since rioting erupted in the predominantly Buddhist region of Tibet in March.
Beijing police have warned Woeser to stop writing about Tibet. Her books are banned in China.
Kate Woznow, campaigns director of New York-based Students for a Free Tibet, described Woeser as a "lone voice" among Tibetans in China reporting on recent protests.
Hackers also hijacked Woeser's blog http://woeser.middle-way.net/, removed its content and left an animation of China's five-star national flag fluttering below the headline: "Long Live the People's Republic of China! Down with all Tibetan independence elements!!!"
The Red Hackers' Alliance, a group of nationalistic hackers, claimed responsibility for the attack.
Hackers also posted a picture of Woeser which they stole from her computer with a caption reading: "Can everybody please remember the stinking face of Tibetan separatist Woeser below. Whoever sees her, beat her hard like a dog in the water (bad person)."
Before the attack, Woeser's blog had closely followed unrest in Tibet and Tibetan populated areas in nearby Chinese provinces. Her blog is hosted abroad and outside China's firewall.
BT wireless broadband users ‘open to hackers’, Telegraph reports
BT wireless internet users are open to hackers, reports the Daily Telegraph.
Criminals can use easily downloadable software from the internet to crack passwords and change settings on the company's Home Hub wireless broadband system, reports the paper.
BT told the paper that the threat was "theoretical" and that hackers would have to "win the computer cracking equivalent of the National Lottery" to succeed.
But Paul Vlissidis, technical director of IT consultancy NCC Group, told the Telegraph that hackers could simply park outside a victim's house and search for their private network using a standard laptop to take advantage of the flaw.
BT said the risk was "being blown out of all proportion" and advised customers to check their website for advice.
BT said changing the wireless encryption technology to the WPA standard rather than the basic WEP encryption system, as well as altering passwords, would keep the hackers out.NCC argued that most users were unwilling to change the settings on their networks.
It is understood that customers with version 1.5 or later of the BT Home Hub system are safe.
Man forges initials on stolen cheque, held - Hindustan Times - Mumbai - 29 May 2008
A TOURIST car driver thought he had mastered the art of forgery with keen observation, but landed up behind bars with his first attempt at it.
The Malad police on Wednesday arrested 22year-old Vijay Prajapati, driver of a rent-a-car service for allegedly stealing a blank cheque from a passenger's cheque book and forging his signature to withdraw money .
Prajapati, a driver with Gudiya Travels, a car rental service in Goregaon picked up Balwant Teni a tourist from Haryana four days ago. Teni, an employee of HDFC Bank in Haryana was in Mumbai and had rented the car for site seeing, said Maruti Rathod, senior police inspector of Malad police station.
"For his daily expenses, Teni used to withdraw money from HDFC bank through a self cheque," said Rathod. Interestingly, whenever Teni signed a cheque in the car, Prajapati would carefully note his style of signing, he added.
On Tuesday when Teni as usual went to the bank leaving his cheque book in the car, Prajapati tore a cheque from the middle pages of the cheque book. After dropping Teni off at his hotel, Prajapati forged Teni's signature on the blank cheque and filled in an amount of Rs 50,000 to be encashed.
He took the cheque to the Malad branch of HDFC and posing as Teni gave the cheque to the cashier.
When the cashier saw the signature he sensed foul play and asked Prajapati to sign the back of the cheque in his presence. While Prajapati did so, the cashier pulled out Teni's account details and found that the cheque was forged. While the cashier kept Prajapati engaged, the bank's manager called the police and got Prajapati arrested.
megha.sood@hindustantimes.comCity BPO accused of data theft - TOI Ahmedabad - 29 May 2008
Ahmedabad: It could well be one of the biggest data thefts in the country. An Ahmedabad based BPO owner, Maulik Dave, has been accused of data theft from a Florida-based company and selling them to its rival companies in the US.
Dave stole data worth Rs 1 crore from the company. With the help of his accomplice based in the US, Milan Dabhi, he sold the data to competitors of the company in the US.
The nondescript office of Business Bee Solutions along the SG Road, a BPO working in the IT sector, has been closed for three months soon after Florida-based company Noble Ventures Inc. cancelled their contract with Dave. He then shifted his operations to his home in Vejalpur. Dave had got a contract for two years for designing and maintenance of the website of Noble Ventures Inc. This company provides customer database of 1.25 crore US citizens to various marketing companies in the US and also has a client-base in other international markets.
When his contract got cancelled, Dave tapped into the data bank of Noble Ventures Inc., and stole 85 lakh records and sold it to the company’s rivals in the US.
The US company smelt a rat and sent an email to the Ahmedabad city crime branch. Investigations revealed that Dave had indeed tapped into the server of Noble Ventures Inc.
On Wednesday, assistant commissioner of police, crime branch, Usha Rada, led a raiding party to Dave’s house in Vejalpur. Dave has been arrested and booked for data theft, his computer has also been seized. “The US company owners got suspicious when they detected data loss from the server. When they started retrieving the data, they came upon etraces of Dave. Then the company mailed us,” said Rada.
“The cost of data stolen is estimated to be no less than Rs one crore. However, officials said that it is just the first data block. There could be more,” said investigating police officers.
Police are also scrutinizing two computers, three laptops and three outer storage devices that contains data. Officials will present Dave in court on Thursday to get his remand for further information. How Dave got the password The Florida company had given Dave the password to access their server in January, as he claimed that he often faced server connection error.
In March, the contract ended and Dave started his illegal activities.
Officials explained that Dave had sought the password and user ID on pretext of server connection error. But, he later started using it to steal the database that included EIN, SSN, TAX IDs along with other information of 1.25 crore residents of the US and other countries.
“We are hunting for other accused Milan, who worked as an executive for another unit of Noble Ventures in the US. We are in possession of Dave’s financial transactions that indicate that he had financial transactions with Dabhi. He was one of the key persons who marketed the database to other customers in the US. The duo also sent some of the sample data to two major companies,” said Rada.
Parth Shastri TNN
Dave stole data worth Rs 1 crore from the company. With the help of his accomplice based in the US, Milan Dabhi, he sold the data to competitors of the company in the US.
The nondescript office of Business Bee Solutions along the SG Road, a BPO working in the IT sector, has been closed for three months soon after Florida-based company Noble Ventures Inc. cancelled their contract with Dave. He then shifted his operations to his home in Vejalpur. Dave had got a contract for two years for designing and maintenance of the website of Noble Ventures Inc. This company provides customer database of 1.25 crore US citizens to various marketing companies in the US and also has a client-base in other international markets.
When his contract got cancelled, Dave tapped into the data bank of Noble Ventures Inc., and stole 85 lakh records and sold it to the company’s rivals in the US.
The US company smelt a rat and sent an email to the Ahmedabad city crime branch. Investigations revealed that Dave had indeed tapped into the server of Noble Ventures Inc.
On Wednesday, assistant commissioner of police, crime branch, Usha Rada, led a raiding party to Dave’s house in Vejalpur. Dave has been arrested and booked for data theft, his computer has also been seized. “The US company owners got suspicious when they detected data loss from the server. When they started retrieving the data, they came upon etraces of Dave. Then the company mailed us,” said Rada.
“The cost of data stolen is estimated to be no less than Rs one crore. However, officials said that it is just the first data block. There could be more,” said investigating police officers.
Police are also scrutinizing two computers, three laptops and three outer storage devices that contains data. Officials will present Dave in court on Thursday to get his remand for further information. How Dave got the password The Florida company had given Dave the password to access their server in January, as he claimed that he often faced server connection error.
In March, the contract ended and Dave started his illegal activities.
Officials explained that Dave had sought the password and user ID on pretext of server connection error. But, he later started using it to steal the database that included EIN, SSN, TAX IDs along with other information of 1.25 crore residents of the US and other countries.
“We are hunting for other accused Milan, who worked as an executive for another unit of Noble Ventures in the US. We are in possession of Dave’s financial transactions that indicate that he had financial transactions with Dabhi. He was one of the key persons who marketed the database to other customers in the US. The duo also sent some of the sample data to two major companies,” said Rada.
Parth Shastri TNN
The multiple faces of identity theft - TechrRepublic - 28 May 2008
During a routine check of her new 401(k) account, “Holli” discovered something that wasn’t quite right. The name of another person was attached to her account. A person she didn’t know.
It is something the experts call Social Security Number only identity theft. And it is more popular than you might think.
On Friday I mentioned that Todd Davis of LifeLock, the guy that you hear spouting his SSN in radio and print advertisements in an effort to prove that his system is so secure, had been hacked 87 times in obvious efforts to scam. What is unknown and unknowable, really, is the number of times his SSN has been used simply for employment, aggravating the immigration issue.
Holli discovered that the person piggy-backing on her SSN was a man named Paulino Rodriguez, a resident of Escondido, CA. He was using her SSN to work at a local Burger King.
From MSNBC:
Escondido is Ground Zero of the immigration debate. Just a few minutes north of the Mexican border, near San Diego, Escondido is home to thousands of Mexican immigrants who battle their way every day into the country and into gainful employment. Mexicans have been fighting in Escondido for a long time. Not far away, in 1846, U.S. forces were routed in the Battle of San Pasqual during the Mexican-American war, the worst American defeat of the conflict. Today, some say, Mexicans are again overwhelming American forces in a different kind of battle.For the past three years, Paulino Rodriguez used Holli’s Social Security number for the right to work at the Escondido Burger King. Recently, with his wife and four children, he took up residence in a middle-class subdivision on Espanas Glen Street in Escondido, a short block near Interstate 15.Rodriguez, according U.S. immigration officials, is a Mexican national with no right to work in the United States. But thanks in part to Holli’s Social Security number, he had found a decent life for his family in Escondido, which means “hidden” in Spanish. But that that life was safe only if no one found out he was sharing Holli’s identity.
Across America, perhaps millions of U.S. citizens are sharing their identities with undocumented workers who are virtually hiding behind Social Security numbers like Rodriguez. The data on the subject are incomplete, but each year nearly 10 million workers pay their taxes using the wrong Social Security number. While this can happen for a variety of reasons, most often it involves restaurant and farm workers, suggesting many of those 10 million workers are employees who are using someone else’s SSN to satisfy federal employment requirements.
Escondido is Ground Zero of the immigration debate. Just a few minutes north of the Mexican border, near San Diego, Escondido is home to thousands of Mexican immigrants who battle their way every day into the country and into gainful employment. Mexicans have been fighting in Escondido for a long time. Not far away, in 1846, U.S. forces were routed in the Battle of San Pasqual during the Mexican-American war, the worst American defeat of the conflict. Today, some say, Mexicans are again overwhelming American forces in a different kind of battle.For the past three years, Paulino Rodriguez used Holli’s Social Security number for the right to work at the Escondido Burger King. Recently, with his wife and four children, he took up residence in a middle-class subdivision on Espanas Glen Street in Escondido, a short block near Interstate 15.Rodriguez, according U.S. immigration officials, is a Mexican national with no right to work in the United States. But thanks in part to Holli’s Social Security number, he had found a decent life for his family in Escondido, which means “hidden” in Spanish. But that that life was safe only if no one found out he was sharing Holli’s identity.
Across America, perhaps millions of U.S. citizens are sharing their identities with undocumented workers who are virtually hiding behind Social Security numbers like Rodriguez. The data on the subject are incomplete, but each year nearly 10 million workers pay their taxes using the wrong Social Security number. While this can happen for a variety of reasons, most often it involves restaurant and farm workers, suggesting many of those 10 million workers are employees who are using someone else’s SSN to satisfy federal employment requirements.
The really sad note to this case is that Holli had to not only do all the leg work — easy because she had all of Paulino’s information available to her — but every so-called authority she contacted couldn’t help her.
Even when she told Rodriguez’s employer, Reddy Restaurants, Inc. that he was working on her stolen SSN, they declined to get involved. She called the Social Security Administration, the Federal Trade Commission, her 401(k) administrator, and even an attorney only to hear the same thing, “We can’t help you.” Her attorney explained that as long as her credit hadn’t been affected, it wasn’t a criminal issue.
Fortunately, Holli is persistent and convinced her local police department to take a report and forward it to Escondido police. Then she followed up with Escondido police until the report was passed to the investigations department and Detective Damon Vander Vorst. Vander Vorst arrested Rodriguez on May 13 on charges of identity theft and falsifying government documents.
Rodriguez is currently at Vista Detention Facility awaiting disposition of the criminal charges. Meanwhile the Immigrations and Customs Enforcement agency has taken an interest in him and placed a “hold” on him. That means that he is “subject to deportation” according to an ICE spokesperson.
Rodriguez is currently at Vista Detention Facility awaiting disposition of the criminal charges. Meanwhile the Immigrations and Customs Enforcement agency has taken an interest in him and placed a “hold” on him. That means that he is “subject to deportation” according to an ICE spokesperson.
From MSNBC:
Immigrant imposters usually just provide a Social Security card to their employer on their first day of work to fulfill what’s known as the “I-9″ requirement. Since new employment rules took effect in 1983, U.S. workers must supply documentation to prove they are eligible to work; nearly always, a Social Security number is used. While employers can call the Social Security Administration to perform limited verification of the information, that’s seldom done. So it’s possible — in fact common — that employees’ names and numbers don’t match. When that happens, no one gets credit for the taxes paid by the worker. The money simply ends up in the U.S. Treasury. Since 1983, more than $500 billion in uncredited Social Security wages have been earned by so-called “no match” employees like Rodriguez. That hidden financial benefit for the government is one reason, Holli suspects, that agencies don’t act more quickly on reports of SSN-only identity theft.San Diego-based immigration rights advocate Lilia Velasquez sees similar cases in her practice all the time. Imposters run the spectrum from hardened criminals who ultimately take out loans in the victim’s name to well-intentioned Mexicans who are simply doing what they need to do to get a job and feed their families._”It’s not that these people intentionally and maliciously stole someone’s name and identity. … They may feel that they are using the number out of sheer need,” she said.
But victims like Holli should do what they need to do to protect their identities, Velasquez said. “That’s a situation which needs to be investigated until the issue is resolved.”
Immigrant imposters usually just provide a Social Security card to their employer on their first day of work to fulfill what’s known as the “I-9″ requirement. Since new employment rules took effect in 1983, U.S. workers must supply documentation to prove they are eligible to work; nearly always, a Social Security number is used. While employers can call the Social Security Administration to perform limited verification of the information, that’s seldom done. So it’s possible — in fact common — that employees’ names and numbers don’t match. When that happens, no one gets credit for the taxes paid by the worker. The money simply ends up in the U.S. Treasury. Since 1983, more than $500 billion in uncredited Social Security wages have been earned by so-called “no match” employees like Rodriguez. That hidden financial benefit for the government is one reason, Holli suspects, that agencies don’t act more quickly on reports of SSN-only identity theft.San Diego-based immigration rights advocate Lilia Velasquez sees similar cases in her practice all the time. Imposters run the spectrum from hardened criminals who ultimately take out loans in the victim’s name to well-intentioned Mexicans who are simply doing what they need to do to get a job and feed their families._”It’s not that these people intentionally and maliciously stole someone’s name and identity. … They may feel that they are using the number out of sheer need,” she said.
But victims like Holli should do what they need to do to protect their identities, Velasquez said. “That’s a situation which needs to be investigated until the issue is resolved.”
While no one seems to be able to do anything in cases of SSN-only identity theft, there is a clear indication that perhaps some re-thinking of the laws may be in order. Three years ago a Chicago woman discovered that 37 people had used her SSN to obtain employment. But the use of the SSN doesn’t show up on credit reports so it won’t show up in credit monitoring. And since wages earned by the imposter aren’t credited to the victim, it won’t show up on an annual Social Security statement. The only way to discover the misuse is through chance.
Author: Tricia Liebert
Scams Exploiting Use of Cell Phone Remote Services - dongA.com - 28 May 2008
"Your personal information has been released. Failure to subscribe to the X-rated Internet site I’ve mentioned and pay the fee immediately will result in blockage of your cell phone.”
A 42-year-old urban worker, identified only as Hwang, got this message from an unidentified person this month. He considered it a nuisance and hung up, but then his cell phone could not connect to its wireless network.
Feeling confused, Hwang felt he had no choice but to join the site and pay the subscription fee of 80,000 won.
After reporting the case to the Korea Information Security Agency, the victim found out con artists employed a new type of voice phishing in which they illegally exploited remote control services and deceived handset users.
Remote control services are designed to help subscribers register, change, and cancel services via a phone call to service providers. Most users use the last four digits of their cell phone numbers as passwords instead of creating new numbers. The new phishing scam targets handset users who do not change their passwords.
Since Hwang kept the same password when he subscribed to the service, the swindler was able to block his cell phone calls.
The security agency said, “A few similar cases have been reported, but we’re worried that more people will be conned by the new voice phishing as many mobile phone users have subscribed to remote control service.”
More than 870,000 people subscribe to the remote control service of SK Telecom, the nation’s largest wireless service provider. In addition, 5,000 subscribers of LG Telecom and 1,000 of KTF use remote control services every month.
LG helps subscribers of remote control services with call blocking and forwarding. KTF offers voice mail and call rejection while SK provides call waiting and forwarding.
Wireless carriers said that since they provide many services, they generally use the last four digits of mobile phone numbers as passwords to help subscribers better remember the numbers.
The security agency said, “Subscribers can significantly protect themselves from swindlers if they just change their passwords in advance. If handset users get similar phone calls, they should unlock cell phones at customer service centers and sellers of wireless service and report them to the agency
Be wary of money scams - The Daily Triplicate - 28 May 2008
The FBI recently took down a "phishing" scam based in Romania that spanned three continents and five countries—38 people ended up being arrested.
Unfortunately, that is one of hundreds of scams that ropes around the globe. Recently, a family placed a classified ad in The Daily Triplicate for dogs for sale.
An out-of-towner using an AT&T "relay system" for the hearing or speech impaired called the family. The caller supposedly wanted to send money to pay for at least one of the dogs and for shipping. The local family received a check and deposited it, then sent off some of that money as part of the transaction, only to find that the original check had bounced.
The Triplicate has no knowledge of this happening to other local residents.
Be skeptical about these orders when the person wants to use multiple sets of credit cards or wants to send more money than necessary for any number of reasons. AT&T also suggests merchants request a U.S. telephone number and U.S. contact information for all orders.
The Internet and e-mail has opened up countless scams and most of them have the same purpose: to take someone else's money.
There's even a jury duty scam. "Court employees" call up saying you've been selected for jury duty and want to verify social security and credit card numbers. The courts never require this for jury duty, even if they threaten you with fines.
The Nigerian letter scam usually involves some ousted government officials or princes who need to send you all of their money while they secretly escape the country. To help this person you will need to send your bank account information.
The advance fee scam usually involves you winning some large amount of money for no reason, but you have to send a small fee in order to receive it. Do not respond to this letter; instead, forward the information to the FBI. No one wants to give you money, they only want to take your money.
If you don't know the person or company sending you the letter or e-mail, trash it. Look over business agreements carefully, be wary of businesses that operate out of post office boxes or people who never seem to be in when you call.
Pyramid schemes can seem like a legitimate business deal. You invest money into a franchise and then make money by getting two more people to sign up and so on. Be wary of any investment that requires you to bring in more investors to profit from your investment. These schemes always collapse.
Secret or mystery shopper job ads frequently are fraudulent. This happened to a local resident who responded to an ad in The Triplicate last year. It's usually a fake company sending a check that you deposit before wiring a lesser amount out of the country. The bank usually comes looking for you when it becomes apparent the original check was a fake.
Many times addresses and phone numbers are hidden clues in any e-mails or paperwork potential scammers send. Area codes or zip codes will be off by a number—a quick fact-check on the Internet will lead you to a dead end.
Things that seem strange or out of the ordinary—someone who promises lots of money, people who are pressuring you to sign something or have you send money oversees—are all red flags for scams. The bottom line is to be skeptical. Protect your money.
Reach Kelley Atherton at katherton@triplicate.com
Wednesday, May 28, 2008
CARD CLONING SCAM PROBE - bournemouthecho.co.uk
MOTORISTS are being urged to check their bank or credit card statements after police investigating a card cloning scam raided a Bournemouth filling station.
Officers swooped on the Texaco Malthurst West View Service Station in Charminster Road just after 9 am yesterday.
They shut the garage to members of the public while they searched the garage for evidence. The premises remained closed and deserted yesterday afternoon.
Dorset Police say they have so far received more than 25 calls from worried members of the public alleging bank card fraud.
Among those affected was United Taxis driver Simon Mowels. "My business partner phoned me on Sunday to say he'd had a call from Abbey National's security centre," he said.
"When I checked online I found there had been three transactions, but they weren't huge.
"The bank has been very good. As far as we're concerned, it's only about £100 and we'll get it back."
Another person affected was Daily Echo feature writer Gavin Haines, who was alerted by his bank after money was withdrawn from his account in Madras, India, on Saturday, Sunday and Monday.
"I can't afford to lose £400 on a weekend. It was my only bank account at the time and they didn't have access to money. I've now got to go through the claims process," he said.
Last year, police received more than 200 similar complaints about the Murco service station in Southbourne Grove, Bournemouth. Three men were arrested but were later released without charge. The garage is under new management.
Card-cloning, sometimes known as skimming, involves retrieving card details and pins (personal identification numbers) to withdraw money fraudulently from people's bank accounts.
In spring last year, thousands of motorists were hit in a skimming scam involving garages across England. The Sri Lankan government claimed the money was being used to fund Tamil terrorist activity on the island.
The latest allegations in Bournemouth are being investigated by officers of the cheque and card unit of Dorset Police's economic crime unit.
They are warning members of the public to make sure they are not being watched when putting in their pin. People are advised to move mobile pin machines if they feel they are being watched, and to always hide the key pad with their hand when entering the number.
Anyone who feels their card has been compromised is urged to report it immediately to their bank and to the police on 01202 222 222.
Two Bournemouth men, one in his 20s and another in his 40s, are helping police with their inquiries after being arrested on suspicion of conspiring to defraud the banking industry.
By Joanna Codd
Officers swooped on the Texaco Malthurst West View Service Station in Charminster Road just after 9 am yesterday.
They shut the garage to members of the public while they searched the garage for evidence. The premises remained closed and deserted yesterday afternoon.
Dorset Police say they have so far received more than 25 calls from worried members of the public alleging bank card fraud.
Among those affected was United Taxis driver Simon Mowels. "My business partner phoned me on Sunday to say he'd had a call from Abbey National's security centre," he said.
"When I checked online I found there had been three transactions, but they weren't huge.
"The bank has been very good. As far as we're concerned, it's only about £100 and we'll get it back."
Another person affected was Daily Echo feature writer Gavin Haines, who was alerted by his bank after money was withdrawn from his account in Madras, India, on Saturday, Sunday and Monday.
"I can't afford to lose £400 on a weekend. It was my only bank account at the time and they didn't have access to money. I've now got to go through the claims process," he said.
Last year, police received more than 200 similar complaints about the Murco service station in Southbourne Grove, Bournemouth. Three men were arrested but were later released without charge. The garage is under new management.
Card-cloning, sometimes known as skimming, involves retrieving card details and pins (personal identification numbers) to withdraw money fraudulently from people's bank accounts.
In spring last year, thousands of motorists were hit in a skimming scam involving garages across England. The Sri Lankan government claimed the money was being used to fund Tamil terrorist activity on the island.
The latest allegations in Bournemouth are being investigated by officers of the cheque and card unit of Dorset Police's economic crime unit.
They are warning members of the public to make sure they are not being watched when putting in their pin. People are advised to move mobile pin machines if they feel they are being watched, and to always hide the key pad with their hand when entering the number.
Anyone who feels their card has been compromised is urged to report it immediately to their bank and to the police on 01202 222 222.
Two Bournemouth men, one in his 20s and another in his 40s, are helping police with their inquiries after being arrested on suspicion of conspiring to defraud the banking industry.
By Joanna Codd
Do Hackers Pose a Threat To Smart Phones? - The Wall Street Journal - 27 May 2008
In addition to placing calls, smart phones pack many of the functions found on computers: Internet, email, multimedia programs and even word-processing and spreadsheet capabilities. But, like computers, smart phones are vulnerable to viruses and other types of malicious software.
By all accounts, the risk of a smart-phone attack is low. But as people start using the devices for more sensitive tasks -- handling customer data and transferring corporate files -- security experts say smart phones may become more vulnerable to attack. So companies are working to protect both the devices and the networks behind them.
At the corporate level, IT departments are cracking down, mainly by limiting access these devices have to internal networks. And on the consumer front, computer-security companies are selling antivirus software that scans for rogue applications.
"They are real but rare" threats, says Jan Volzke, head of world-wide mobile marketing for Santa Clara, Calif., based McAfee Inc., which sells computer-security software.
Smart phones are used mainly by professionals who want to access corporate email and send documents on-the-go. But the market for these high-end devices is growing. Last year, Apple Inc. introduced the iPhone, a consumer-friendly device that appeals to students and others who like the touch screen and multimedia features. Market-research company NPD Group estimates that smart phones comprised 17% of all mobile-phone sales in the first quarter, an increase of 10 percentage points since the same period a year ago.
We've gotten to the point where smart phones are almost as sophisticated as desktop computers, says Ken Silva, chief technology officer for VeriSign Inc. So users should be just as protective of their smart phone as their home computer, he says.
So far, there are about 300 to 500 known versions of malicious software, or malware, written for phones -- a small number compared to those that attack personal computers. Malware infects phones through email attachments and text messages that ask users to download an application. They also can be delivered over wireless connections using Bluetooth technology.
Still, one reason why malware hasn't gained traction is a lack of a dominant operating system for attacker to focus on, says Nick Magliato, chief executive for Trust Digital, a security vendor. "It's very inefficient to write a virus for phones."
The majority of mobile malware has been written for phones using the Symbian operating system, which is found in about 65% of the global smart-phone market, according to ABI Research. Phones that run Symbian include some models made by Nokia, Samsung and Sony Ericsson.
Security experts at Symbian Ltd. monitor networks for potential malware outbreaks but haven't identified any serious threats so far, says David Wood, executive vice president of research. But, he adds, "we can never say never."
Another 11% of smart phones use the Windows Mobile operating system, which is used by some models made by Samsung and Palm. Phones on other platforms, such as Research In Motion Ltd.'s BlackBerry and Apple's iPhone, haven't had any serious malware outbreaks, says David Frazer, director of technology and services for security vendor F-Secure Corp.
Regardless of the operating system, the greatest risk of infection comes from third-party applications, such as games and ringtones, which give users an easy way to customize their phones. But people should exercise caution and only download software from trusted sources, says John Traynor, senior director of product marketing for Microsoft Corp.
Some types of malware can disable all the applications on a phone, including the ability to make calls, says Mark Komisky, chief executive for Bluefire Security Technologies, which makes antivirus software for smart phones. Another type of malware is so-called "snoopware," which was originally sold in Asia as a spouse-monitoring tool, says Paul Miller, managing director for mobile security at Symantec Corp. Now attackers see this application as a way to eavesdrop on conversations, intercept text messages or peek at call logs.
Several years ago, Symbian started requiring third-party software vendors to provide a "digital signature" when writing applications, Mr. Wood says. If the software is signed, Symbian can track which developer wrote the malware. The Windows Mobile operating system also uses digital signatures for software written by third-party developers.
Beyond downloading software only from trusted companies, individuals who own personal smart phones can protect themselves with antivirus software. Symantec and McAfee both offer programs that typically cost $30 for a one-year consumer subscription. Bluefire Security offers antivirus software for businesses and plans to release a consumer product next month.
Still, the majority of smart phones are connected to corporate networks, putting the onus on IT departments to protect the work force.
Rob Israel, chief information officer for John C. Lincoln Health Network in Phoenix, is in charge of guarding the data flowing through the company's network of hospitals and physician practices that employs about 4,400 people. A year ago Mr. Israel installed a system that prevented employees from uploading or downloading files to the company's computer network.
"Before that, it was the Wild West," and anyone could bring in any device and upload files to their computers, Mr. Israel says. "This was a real security hole."
Chief among his concerns was that an infected phone would transfer malware to the company's network. Mr. Israel acknowledges that chances are slim that a phone could get infected with malware, but says he doesn't want to take any chances.
For now, though, the greatest threat to corporate security is the loss of a smart phone -- especially one that's crammed with sensitive personal or corporate data.
Miriam Neal, vice president of information systems for South Western Federal Credit Union based in La Habra, Calif., says she worries mostly about lost smart phones. "We are a financial institution, and we need to protect the privacy of our members," Ms. Neal says.
Many companies are investing in technologies that will wipe clean all the information stored on a lost or stolen phone so that the data can't be used for criminal purposes, says Paul Roberts, a senior analyst with the 451 Group, a technology-research firm.
Write to Joseph De Avila at joseph.deavila@wsj.comOnline auction or mail fraud scheme in the Valley? - abc15.com - 27 May 2008
Jeanine Raab spent a lot of time online last year searching eBay.com for an old magazine. She was looking for anything to do with the 1950s. Raab wanted Life magazines from that time and found four for $67 on the site from a seller called 'Apropos Auctions.' It read check or money order only.
After Raab put the check in the mail, weeks passed and she saw nothing. The seller said the merchandise was in the mail, but the magazines never arrived.Benjamin Anderson is the man who owns Apropos Auctions.
The ABC15 Investigators uncovered a federal search warrant through the U.S. Postal Inspector’s office. It lists about 225 complaints against Anderson and his company. They're investigating him for mail fraud and money laundering.Dan Schultz of Tempe tried to buy a vintage Life magazine from Apropos Auctions.
When his merchandise didn’t arrive, he phoned the company. Schultz said the voicemail identified himself as Colby Farnan at Apropos Auctions. And when he searched for Colby Farnan online what he discovered disgusted him. “Colby Farnan memorial is on a web site called Fallen Heroes Memorial,” he said. The site was made to honor Pfc. Colby Farnan who was killed by an explosive device in Iraq. “It just stuck in my craw that he was doing this to these young men who had served in Iraq and who died,” said Schultz.
We found similar complaints online in other cases when Anderson used names of fallen soldiers as sellers.Neighbors said Anderson moved out of his California home but it will be hard to know if he's still in business, online and using yet another name.
To protect yourself, use an online payment service. In most cases, the seller doesn't get the money until you get the item.
Reported by: Joe Ducey
Yahoo says companies 'phishing' - Desert News - 28 May 2008
Yahoo! Inc., the second-most-popular search engine, has accused unidentified companies of trying to trick Internet users into providing credit-card information and other personal data.
The company, based in Sunnyvale, Calif., filed a lawsuit in Manhattan federal court this month against at least 25 companies, accusing them of deceiving Internet users into believing they won a lottery or prize offered by Yahoo.
"This type of lottery scam is a hoax designed to trick unsuspecting e-mail users into revealing valuable personal data like passwords, credit card information, and social security numbers," Yahoo said in a statement Tuesday.
Yahoo delayed its annual meeting last week after billionaire Carl Icahn threatened to oust its directors for snubbing a $47.5 billion takeover offer from Microsoft Corp. The meeting, originally set for July 3, will now occur at the end of July.
More 'phishing' scams hit Hawaii e-mail - Pacific Business News - 27 May 2008
The Hawaii Bankers Association has issued a warning about a sudden surge in online "phishing" scams used to con people into sharing sensitive financial information.
The warning comes after phishers last week tried to obtain information from Hawaii National Bank customers. And this week there are already phony e-mails circulating in Hawaii from Mainland banks, including Chase and Bank of America.
"One of our member banks got notice that again somebody was sending e-mails purporting to be this bank," said Gary Fujikawa, executive director for the banking association. "Fortunately, most people are smart enough not to respond."
He said statistics report anywhere from 1 percent to 3 percent [of Internet users] respond to fraudulent e-mails. "It's a numbers game," he said.
A recent report by the state's Anti-Phishing Working Group estimated that the Internet has more than 2,600 active phishing sites aimed at conning people into divulging sensitive financial information.
In a common type of phishing fraud, indidividuals receive e-mails disguised as authentic messages from their financial institution, right down to logos and slogans. The e-mails describe a situation requiring immediate attention and warns about account termination unless the e-mail recipients provide account information by clicking on a provided link. The information then goes to the con artist who sent the e-mail.
The bankers association advises consumers to:
* Never click on links in e-mails if there is a reason to believe it is fraudulent. The link may contain a virus.
* Not be intimidated by e-mails that warn of dire consequences for not following instructions
Alert your financial institution, place fraud alerts on your credit files and monitor your account statements closely if you are a victim of phishing.
In addition to Hawaii National Bank, the association comprises American Savings Bank, Bank of Hawaii, Bank of the Orient, Central Pacific Bank, First Hawaiian Bank, HomeStreet Bank, Ohana Pacific Bank, Pacific Rim Bank and Territorial Savings Bank.
The warning comes after phishers last week tried to obtain information from Hawaii National Bank customers. And this week there are already phony e-mails circulating in Hawaii from Mainland banks, including Chase and Bank of America.
"One of our member banks got notice that again somebody was sending e-mails purporting to be this bank," said Gary Fujikawa, executive director for the banking association. "Fortunately, most people are smart enough not to respond."
He said statistics report anywhere from 1 percent to 3 percent [of Internet users] respond to fraudulent e-mails. "It's a numbers game," he said.
A recent report by the state's Anti-Phishing Working Group estimated that the Internet has more than 2,600 active phishing sites aimed at conning people into divulging sensitive financial information.
In a common type of phishing fraud, indidividuals receive e-mails disguised as authentic messages from their financial institution, right down to logos and slogans. The e-mails describe a situation requiring immediate attention and warns about account termination unless the e-mail recipients provide account information by clicking on a provided link. The information then goes to the con artist who sent the e-mail.
The bankers association advises consumers to:
* Never click on links in e-mails if there is a reason to believe it is fraudulent. The link may contain a virus.
* Not be intimidated by e-mails that warn of dire consequences for not following instructions
Alert your financial institution, place fraud alerts on your credit files and monitor your account statements closely if you are a victim of phishing.
In addition to Hawaii National Bank, the association comprises American Savings Bank, Bank of Hawaii, Bank of the Orient, Central Pacific Bank, First Hawaiian Bank, HomeStreet Bank, Ohana Pacific Bank, Pacific Rim Bank and Territorial Savings Bank.
Phishing scam targets ANZ users - smh.com.au - 27 May 2008
ANZ customers are being warned about a sophisticated scam that mimics the official bank website to get account details.
One scam email warns that the reader's internet banking account has been "suspended".
"Although we cannot disclose our investigative procedures that led to this conclusion, please know that we took this action in order to maintain the safety of your account," it reads.
The email provides a link to a false ANZ bank web page asking customers for their registration number, name, password, phone number and email address.
In a telling flaw, the hoax ANZ page also asks customers for their address and "zip code", an American term for postcode, but is sophisticated enough to automatically lead users to the real ANZ page.
An ANZ spokeswoman said the bank was aware of the scam and had received complaints.
"Under no circumstances should you click on the link, reply to the email or provide any of the requested details," she said.
"Always ensure that you only log on to ANZ internet banking by typing http://www.anz.com into the address bar, rather than following links to the ANZ website. Disregard any emails that advise otherwise."
A NSW Office of Fair Trading spokeswoman said the hoax email was an example of scammers "phishing" for information they could potentially use to access accounts and steal funds.
The spokeswoman said it was very difficult for authorities to track down such scammers.
"These emails can look legitimate, they are really hard to spot and these people are pretty good," the spokeswoman said.
"It is easy to panic when contacted by someone official, especially when money is involved."
She said consumers should only contact their bank through their official websites or on phone numbers obtained from the White Pages or a bank statement.
Daniel Emerson
One scam email warns that the reader's internet banking account has been "suspended".
"Although we cannot disclose our investigative procedures that led to this conclusion, please know that we took this action in order to maintain the safety of your account," it reads.
The email provides a link to a false ANZ bank web page asking customers for their registration number, name, password, phone number and email address.
In a telling flaw, the hoax ANZ page also asks customers for their address and "zip code", an American term for postcode, but is sophisticated enough to automatically lead users to the real ANZ page.
An ANZ spokeswoman said the bank was aware of the scam and had received complaints.
"Under no circumstances should you click on the link, reply to the email or provide any of the requested details," she said.
"Always ensure that you only log on to ANZ internet banking by typing http://www.anz.com into the address bar, rather than following links to the ANZ website. Disregard any emails that advise otherwise."
A NSW Office of Fair Trading spokeswoman said the hoax email was an example of scammers "phishing" for information they could potentially use to access accounts and steal funds.
The spokeswoman said it was very difficult for authorities to track down such scammers.
"These emails can look legitimate, they are really hard to spot and these people are pretty good," the spokeswoman said.
"It is easy to panic when contacted by someone official, especially when money is involved."
She said consumers should only contact their bank through their official websites or on phone numbers obtained from the White Pages or a bank statement.
Daniel Emerson
Tuesday, May 27, 2008
Software to track persons sending threatening e-mails - Deccan Herald - 27 May 2008
The software, which costs around Rs 12,000 including biometric equipment, also has anti-hacking provisions making it difficult to tamper the database. After installing the software, those visiting cyber cafes will be identified as soon as they sit in front of the computer, with the help of a web camera.
With Uttar Pradesh Police making it mandatory for cyber cafe owners to verify identity of net surfers in the aftermath of Jaipur blasts, a city-based firm has come up with a software which prepares database of persons sending e-mails with their photographs and finger prints.
The technical wing of the state police has already seen the demonstration of the software named CRISH (Customer Registration and Identification) and is making its technical analysis, claimed Director, GI Biometrics, Amit Kaushal.
After installing the software, those visiting cyber cafes will be identified as soon as they sit in front of the computer for surfing the net with the help of a web camera.
"The photographs and finger prints of the net users will be automatically stored in the database of the computer with date, time and terminal in which they logged on eliminating the need for maintaining registers of visitors in the cyber cafes", Kaushal told PTI.
Also with the use of the software there would be no need to prepare sketches of the suspects of sending threatening e-mails as their photo and finger prints would be stored in the computer database.
"The software can be of great use for investigating agencies.... If the software is installed in all cyber cafes those sending threatening e-mails could be easily identified with the help of database", a senior police official said. The software, which costs around Rs 12,000 including biometric equipment, also has anti-hacking provisions making it difficult to tamper the database.
The software can also be used by the hotel industry and help in identifying visitors.
After serial blasts in Jaipur and an e-mail sent to news channels by a group called Indian Muzahedeen through a cyber cafe in Ghaziabad, the software was purchased by a number of cyber cafes in the capital to avoid "unnecessary grilling" by the security agencies after any such incident.
"We will produce the database of visitors with pictures and finger prints, whenever needed by police with the help of the software", Pawan, a cafe owner here, said.
Kaushal said that he has also written a letter to the Union Home department for analysing the software and recommending its use.
"We have been getting queries regarding the software from various districts of the state and outside also", he said.
With Uttar Pradesh Police making it mandatory for cyber cafe owners to verify identity of net surfers in the aftermath of Jaipur blasts, a city-based firm has come up with a software which prepares database of persons sending e-mails with their photographs and finger prints.
The technical wing of the state police has already seen the demonstration of the software named CRISH (Customer Registration and Identification) and is making its technical analysis, claimed Director, GI Biometrics, Amit Kaushal.
After installing the software, those visiting cyber cafes will be identified as soon as they sit in front of the computer for surfing the net with the help of a web camera.
"The photographs and finger prints of the net users will be automatically stored in the database of the computer with date, time and terminal in which they logged on eliminating the need for maintaining registers of visitors in the cyber cafes", Kaushal told PTI.
Also with the use of the software there would be no need to prepare sketches of the suspects of sending threatening e-mails as their photo and finger prints would be stored in the computer database.
"The software can be of great use for investigating agencies.... If the software is installed in all cyber cafes those sending threatening e-mails could be easily identified with the help of database", a senior police official said. The software, which costs around Rs 12,000 including biometric equipment, also has anti-hacking provisions making it difficult to tamper the database.
The software can also be used by the hotel industry and help in identifying visitors.
After serial blasts in Jaipur and an e-mail sent to news channels by a group called Indian Muzahedeen through a cyber cafe in Ghaziabad, the software was purchased by a number of cyber cafes in the capital to avoid "unnecessary grilling" by the security agencies after any such incident.
"We will produce the database of visitors with pictures and finger prints, whenever needed by police with the help of the software", Pawan, a cafe owner here, said.
Kaushal said that he has also written a letter to the Union Home department for analysing the software and recommending its use.
"We have been getting queries regarding the software from various districts of the state and outside also", he said.
ATMs play bigger role in identity theft - bankrate.com
Before Jay Foley inserts his bankcard into an ATM slot, he sticks his finger in first. Then, he wiggles it.
"If any portion of it wiggles with my pinky, I walk away because odds are somebody has slapped a skimmer on the front," says Foley, executive director of the San Diego-based Identity Theft Resource Center. "That applies to any kind of payment slot you might run across, such as gas station pumps. Those are favorite places for thieves to work now."
A skimmer is a device that reads and records all the account information stored electronically on the magnetic stripe of an ATM card. Its mere existence is proof that if you thought familiar, ubiquitous automated teller machines were much too low-tech to attract high-tech cyber-thieves, you need to think again.
Fraudsters have returned to ATMs in force as a favorite fishing hole for that prize catch: your debit card. With a little light mechanical tampering, thieves can "harvest" your account details and PIN number in seconds, then use them to either produce a "clone" card or to simply shop online until your account runs dry.
"The number of victims we get from debit fraud or ATM fraud is growing every year, and it's growing significantly," Foley says. Increased dangerATM crime is increasing now that stepped-up fraud detection software on the credit card side has made signature cards more difficult to attack. Increasingly, thieves are preying on more vulnerable, PIN-based debit cards.
Doug Johnson, vice president and senior adviser of risk management policy for the American Bankers Association, acknowledges that ATM skimming may be getting worse.
ID Theft By Numbers
Amount of Time - 12 Months
Number of Victims - 3 Million
Total Loss - $2.75 Billion
Average Loss - $900
For complete post refer to the link http://www.bankrate.com/brm/news/Financial_Literacy/identity_theft/ATM_fraud_a1.asp?caret=93h
Scamsters’ swipe turns banks red - Mumbai Mirror - 27 May 2008
Our reporter infiltrates the gang that has punched a hole in banks’ credit card system and is bleeding them dry
Jhol. Rafoo Chakkar. Hera Pheri. Lafda. The city has seen so many scams, we have our own thesaurus for it. Now, young Azhar Tole is the latest addition in the ranks of ingenious scamsters.
The twenty-year-old has found a way to bleed credit-card companies, while promising card holders lucrative cash returns within the span of a few days.His modus operandi is simple: If a debt-ridden credit card holder goes to him, Tole transfers a considerable amount of money – normally around thrice the credit limit – into the credit card account through a false cheque payment.
He then waits for the card holder to intimate him of the SMS that banks send, confirming the receipt of cheque.
Once informed, the Kurla resident – who still retains the card with him for three-four days – goes and withdraws the entire amount. He then pays the card-holder a part of the sum, and retains the rest as part of his fees.
So, at the end of it, the card holder is happy as he gets extra money apart from his outstanding dues being taken care of – that is, till the next month's statement, which shows a higher outstanding, due to the scam. The mastermind, however, literally smiles his way to
the bank.
“According to our preliminary investigation, Tole seems to have exploited a loophole,” said Sachin Khandelwal, ICICI's Senior General Manager, Credit Card Division. “We send SMS alerts to card holders in good faith to inform them that their cheque has been received and the amount credited.
“In case a cheque bounces, we immediately deduct the credited amount. But Tole – who apparently knows of this system – withdraws the money before we can deduct it,” he said. Analytical experts, ICICI officials disclosed, are now scanning all credit card accounts which show unusual transactions. The kingpin, who has a vast network of agents, operates mainly in Kurla, Nagpada, Andheri, Bandra and Byculla.
THE UNDERWORLD TRAILOur undercover reporter trawled through the entrails of the gang in Kurla for days together to unravel the plot and the modus operandi that has sent the banking industry into a tailspin. His first contact was Kamran Abdul Sattar Shaikh - a 20-year-old boy who availed of Tole's services and made a neat Rs 20,000, apart from "paying up" his outstanding dues.
Using his expertise, Tole "deposited" Rs 60,000 in Shaikh's credit card account. He, of course, kept Rs 40,000 as his "fees". Once our reporter gained Shaikh's confidence, promising him he would be saved from a possible arrest, the boy opened up. According to Shaikh, Tole is extremely secretive. He would meet Shaikh at Kurla's Pipe Road (near Balaji Temple) where he usually strikes deals and then vanishes through narrow alleys.Mumbai Mirror, however, tracked down the address of the mastermind to a first-floor flat in Kapadia Building in Kurla (West).
Shaikh, whose original credit card statement is available with us, said: "Tole has never worked with a bank before but has a vast network of contacts among the employees of a number of multi-national banks and carries out his business in collusion with them." "Not only ICICI cards,
Tole can pull off the same trick with credit cards of any bank with the same ease," said Shaikh. Incidentally, Shaikh himself has worked as an ICICI credit card sales executive for two years. According to Shaikh, Tole is also in the business of selling new mobile phones that he buys with the credit card details he obtains from sales executives.BANKS IN A TIZZYOfficials from the
ICICI's risk containment unit (RCU), which monitors huge transactions by credit cards and frauds, reached the area on Friday for preliminary inquiries and have lodged a complaint with the Kurla police.
"It's mind-boggling. Our RCU experts are on the job to crack the case. Since we cannot make arrests or carry out raids, we have lodged a complaint with the police," said Charudutta Deshpande, head of Corporate Communications, ICICI Bank.
Hackers cracking mobile phones, warn experts - The Hindu
New Delhi: Much to the discomfort of mobile users, hackers, who are already wrecking websites and e-mails, are now targeting cell phones as well. Hackers are intruding mobile phones using hacking tools like spyware and spoofing, according to cyber experts..
Spyware is a tool which manipulates short message service (SMS) and allows them to be read by others, while spoofing, replaces mobile number of sender’s message, they said.
Explaining the functions of spyware, a Delhi-based cyber expert said, “A hacker sends an SMS to the targeted person. The person opens the message, installing spyware onto the device. The spyware, unknown to the victim, takes the SMS and forwards it to the hacker.”
Once installed, the hacker can monitor the ‘compromised’ phone call details and can even listen to the calls made or received by the user, Rajat Khare Director of Information security consulting firm Appin said.
However, it’s very difficult for the user to find out whether his/her phone has been hacked.
Besides spyware, SMS spoofing is another tool which hackers are widely using, Mr. Khare said.
Spoofing is used for changing the identity of source of SMS either with text or any desired number.
The Asian School of Cyber Law on its website stated an incident where “a young lady received an SMS from her husband’s cell phone informing her that he had had an accident and was at the hospital and urgently needed money. On receiving the SMS, she rushed out of the house with the money. She was attacked and robbed by the person, who had sent her the spoofed SMS.”
Spoofing has legitimate uses as well. A firm can set the company name in place of the number from which the message is being sent. — PTI
Spyware is a tool which manipulates short message service (SMS) and allows them to be read by others, while spoofing, replaces mobile number of sender’s message, they said.
Explaining the functions of spyware, a Delhi-based cyber expert said, “A hacker sends an SMS to the targeted person. The person opens the message, installing spyware onto the device. The spyware, unknown to the victim, takes the SMS and forwards it to the hacker.”
Once installed, the hacker can monitor the ‘compromised’ phone call details and can even listen to the calls made or received by the user, Rajat Khare Director of Information security consulting firm Appin said.
However, it’s very difficult for the user to find out whether his/her phone has been hacked.
Besides spyware, SMS spoofing is another tool which hackers are widely using, Mr. Khare said.
Spoofing is used for changing the identity of source of SMS either with text or any desired number.
The Asian School of Cyber Law on its website stated an incident where “a young lady received an SMS from her husband’s cell phone informing her that he had had an accident and was at the hospital and urgently needed money. On receiving the SMS, she rushed out of the house with the money. She was attacked and robbed by the person, who had sent her the spoofed SMS.”
Spoofing has legitimate uses as well. A firm can set the company name in place of the number from which the message is being sent. — PTI
Six hours to hack the FBI (and other pen-testing adventures) - computerworld.com - 26 May 2008
White-hat hacker pros dish on top traumas and shocking snafus
It takes a lot to shock Chris Goggans; he's been a pen (penetration) tester since 1991, getting paid to break into a wide variety of networks. But he says nothing was as egregious as security lapses in both infrastructure design and patch management at a civilian government agency -- holes that let him hack his way through to a major FBI crime database within a mere six hours.
Goggans, currently senior security consultant at security firm PatchAdvisor Inc. in Alexandria, Va., says his adventure started when, during a routine network scan, he discovered a series of unpatched vulnerabilities in the civilian government agency's Web server, as well as other parts of the enterprise.
Goggans used a hole in the Web server to pull down usernames and passwords that were reused on a host of enterprise systems. In those systems, he found further account details that allowed him to get Windows domain administrator privileges -- a classic escalation-of-privileges attack.
Using this privileged access, he was able to gain full control of almost all Windows-based systems in the enterprise, including workstations used by the on-site police force. He noticed that several police workstations had a second networking card installed that used the SNA protocol to directly talk to an IBM mainframe.
By covertly installing remote control software on those workstations, he found programs on their desktops that automatically connected the workstations to the FBI's NCIC database. "That software, coupled with a keystroke capture program, would allow an attacker to grab the credentials needed to log into the FBI's National Crime Information Center database," he says.
Like most vulnerabilities he's found over his years of paid ethical hacking, this one could have easily been eliminated with some basic security strategies, he says. For instance, the police network should have been firewalled off from the main enterprise network, and the investigators' workstations kept out of the larger domain.
Also, he says the agency should not have allowed those workstations both NCIC and general enterprise network access, since they were connected to something with such obvious national security implications. Finally, the system administrators should have monitored and blocked the common reuse of passwords.
By Sandra Gittlen
It takes a lot to shock Chris Goggans; he's been a pen (penetration) tester since 1991, getting paid to break into a wide variety of networks. But he says nothing was as egregious as security lapses in both infrastructure design and patch management at a civilian government agency -- holes that let him hack his way through to a major FBI crime database within a mere six hours.
Goggans, currently senior security consultant at security firm PatchAdvisor Inc. in Alexandria, Va., says his adventure started when, during a routine network scan, he discovered a series of unpatched vulnerabilities in the civilian government agency's Web server, as well as other parts of the enterprise.
Goggans used a hole in the Web server to pull down usernames and passwords that were reused on a host of enterprise systems. In those systems, he found further account details that allowed him to get Windows domain administrator privileges -- a classic escalation-of-privileges attack.
Using this privileged access, he was able to gain full control of almost all Windows-based systems in the enterprise, including workstations used by the on-site police force. He noticed that several police workstations had a second networking card installed that used the SNA protocol to directly talk to an IBM mainframe.
By covertly installing remote control software on those workstations, he found programs on their desktops that automatically connected the workstations to the FBI's NCIC database. "That software, coupled with a keystroke capture program, would allow an attacker to grab the credentials needed to log into the FBI's National Crime Information Center database," he says.
Like most vulnerabilities he's found over his years of paid ethical hacking, this one could have easily been eliminated with some basic security strategies, he says. For instance, the police network should have been firewalled off from the main enterprise network, and the investigators' workstations kept out of the larger domain.
Also, he says the agency should not have allowed those workstations both NCIC and general enterprise network access, since they were connected to something with such obvious national security implications. Finally, the system administrators should have monitored and blocked the common reuse of passwords.
By Sandra Gittlen
Online job seeker says she was duped into scam -
Woman facing jail time after responding to classified ad
Bobbie Jean thought she had finally found work when she answered an online classified ad last fall for an overseas firm. Instead, within weeks of her hiring, she was arrested at her local bank, charged with a felony, and is currently facing an August trial date in a Harris County, Texas court. Bobbie Jean now says she was tricked into helping an international fraud ring to move stolen money out of the country.
Fraudulent ads on online job sites are not new. But expert Pam Dixon, who has studied the phenomenon, says this is the first case she's heard of where the alleged victim was actually arrested as an accomplice to a crime. Dixon operates WorldPrivacyForum.org.
The 51-year-old Bobbie Jean, who requested through her attorney that her last name not be published, is a former accountant who had been unemployed for several months when she responded to an ad on CareerBuilder.com. When she was hired, she was told to collect payments from clients in the United States and wire the money to London. But the ad, like the firm, was a con.
The other part of the scam took place on eBay, where the same con artists put up a motorcycle for sale, according to Bobbie Jean's attorney, Jeffrey Goldstein. The motorcycle was sold to a Florida resident for $9,000, and he shipped the money to Bobbie Jean in Texas. But there was no motorcycle -- the con artists were just using Bobbie Jean as a domestic address, so as not to raise the suspicion of the eBay buyer.
According to Goldstein, when Bobbie Jean showed up at her local bank to wire the money to London, she was arrested and later charged with a single felony. According to the complaint filed against her, she is charged with taking more than $1,500 and less than $20,000 from the Florida eBay buyer.
Goldstein says Bobbie Jean is an innocent victim, but local authorities so far don't see it that way.
Prosecutor Joe Vinas did not return phone calls placed to his office by MSNBC.com.
"A person got duped who couldn't find employment," Goldstein says. “"(Prosecutors) did not buy that she was [a victim of] some kind of criminal conspiracy ... but she has no criminal background."
Prosecutor Joe Vinas did not return phone calls placed to his office by MSNBC.com.
"A person got duped who couldn't find employment," Goldstein says. “"(Prosecutors) did not buy that she was [a victim of] some kind of criminal conspiracy ... but she has no criminal background."
Ads keep popping upOnline job sites like Monster.com, CareerBuilder.com, and Yahoo.com's HotJobs expend a lot of energy trying to beat back illegitimate ads; some post warnings on virtually every page of their site and on every e-mail they send.
Still, con artists have seized on the willing, and often, vulnerable populations that frequent job sites to mine for fresh victims. For years, hundreds of thousands of dollars worth of merchandise have been moved out of the country by U.S. residents who fall for fake "postal forwarding" jobs, says U.S. Postal Inspector Barry Mew. Working as some kind of finance manager, accepting checks and other payments and transferring funds overseas, is just the latest incarnation of the scam, Dixon says.
All the sites say they take steps to verify job posters, and quickly remove fraudulent ads. CareerBuilder, for example, says it has a dedicated team of quality control specialists who monitor job postings.
But that's not enough, Dixon says, because the fraudulent ads keep re-appearing on various job sites. The ad Bobbie Jean answered, for example, first appeared in August, and is still popping up on job sites all over the Internet. And there have been at least a dozen other victims.
Dixon says a man in Dallas, Texas, lost his job at a bank after responding to the same job posting. Four other victims had money stolen out of their personal bank accounts when the con artists simply stole their identities after convincing them to divulge their account numbers.
The advertisements vary slightly; in one version, the company name is listed as Macrocommerce Intersales. In another, UMAB. In still another, UNK Electronics
Dixon says the patterns of job postings show a highly organized effort to perpetuate the scam. In a study released last week, she traced the job listing as it appeared in over 100 Internet locations. The first appearance was apparently last July, at PickAJob.
Later, it appeared on Careerspan.com in Dallas, New York, and Sacramento. It then systematically appeared all over the country -- from Miami to Seattle. Despite the slight variations, Dixon was critical of the various job sites' inability to keep the ads off their services.
"Job sites have to provide a way job seekers can make a real accurate determination about how safe the site is how can job seeker make a decision about how good the process is," she says.
"Job sites have to provide a way job seekers can make a real accurate determination about how safe the site is how can job seeker make a decision about how good the process is," she says.
"This job ad has really been collecting victims left and right."
CareerBuilder spokeswoman Jennifer Sullivan says the firm is willing to help Bobbie Jean's attorney clear her name, and has complied with requests to compile information about the incident.
"This is an issue we take very seriously, and we're giving our full attention to the issues involved," she says.But in the meantime, Bobbie Jean is still unemployed, and facing even more challenging prospects than ever.
"She has a pending felony theft case, who's going to hire (her)?" Goldstein, her attorney, says. "She lost her house now because she couldn't make payments. She is living with family. ... You have to wonder what are the duties of the job sites in terms of policing their own ads."
By Bob Sullivan
Technology correspondent
Technology correspondent
Subscribe to:
Posts (Atom)